Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Advanced.Installer-15.9.exe

Overview

General Information

Sample name:Advanced.Installer-15.9.exe
Analysis ID:1366253
MD5:62c79daecf351427875604ad88a740eb
SHA1:38dfe177d440f53aacd414a240599f3b513ed2b4
SHA256:36578303e42313df1a9f15045edc7b5fc7c8d95b0bccb26390c5f3e5e75e1e4a
Infos:

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Snort IDS alert for network traffic
Drops PE files with a suspicious file extension
Checks for available system drives (often done to infect USB drives)
Contains capabilities to detect virtual machines
Creates files inside the system directory
Deletes files inside the Windows folder
Drops PE files
Drops PE files to the windows directory (C:\Windows)
Drops files with a non-matching file extension (content does not match file extension)
Found dropped PE file which has not been started or loaded
Queries the volume information (name, serial number etc) of a device
Stores files to the Windows start menu directory
Tries to load missing DLLs
Uses 32bit PE files

Classification

Process Tree

  • System is w10x64_ra
  • Advanced.Installer-15.9.exe (PID: 5200 cmdline: C:\Users\user\Desktop\Advanced.Installer-15.9.exe MD5: 62C79DAECF351427875604AD88A740EB)
    • msiexec.exe (PID: 4908 cmdline: msiexec" /i "C:\Users\user\AppData\Local\Temp\Advanced Installer\packeg.msi" /qb INSTALLDIR="C:\Program Files (x86)\Caphyon MD5: 9D09DC1EDA745A5F87553048E57620CF)
  • msiexec.exe (PID: 6728 cmdline: C:\Windows\system32\msiexec.exe /V MD5: E5DA170027542E25EDE42FC54C929077)
    • msiexec.exe (PID: 6284 cmdline: C:\Windows\syswow64\MsiExec.exe -Embedding 66EF78568F7E2B411AB3629575A8313B U MD5: 9D09DC1EDA745A5F87553048E57620CF)
    • msiexec.exe (PID: 6692 cmdline: C:\Windows\syswow64\MsiExec.exe -Embedding 2061C1BD9C6A72D348171618021859A7 MD5: 9D09DC1EDA745A5F87553048E57620CF)
    • msiexec.exe (PID: 6148 cmdline: C:\Windows\syswow64\MsiExec.exe -Embedding 482680F70E87C2CD4874C4A29AD1BC83 E Global\MSI0000 MD5: 9D09DC1EDA745A5F87553048E57620CF)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

Timestamp:192.168.2.1654.204.90.11049722802849814 12/22/23-15:42:16.255219
SID:2849814
Source Port:49722
Destination Port:80
Protocol:TCP
Classtype:A Network Trojan was detected
Timestamp:192.168.2.1654.204.90.11049722802849813 12/22/23-15:42:16.255219
SID:2849813
Source Port:49722
Destination Port:80
Protocol:TCP
Classtype:A Network Trojan was detected

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results
Source: Advanced.Installer-15.9.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\license.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\license.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_zh_TW.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_zh.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_zh_TW.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_zh.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_es.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_de.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_es.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_de.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_pt.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_pt.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_it.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_it.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_nl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_nl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_fr.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_fr.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_hu.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_hu.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_ru.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_ru.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_ja.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_ja.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_pl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_pl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_nb.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_nn.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_nb.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_nn.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_da.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_da.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_uk.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_uk.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_cs.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_cs.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_el.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_fi.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_ko.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sk.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sv.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_tr.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_el.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_fi.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_ko.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sk.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sv.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_tr.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sq.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sq.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_ca.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_ca.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sr_SP_Cyrillic.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sr_SP_Latin.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sr_SP_Cyrillic.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sr_SP_Latin.rtf
Source: C:\Windows\System32\msiexec.exeFile opened: z:
Source: C:\Windows\System32\msiexec.exeFile opened: x:
Source: C:\Windows\System32\msiexec.exeFile opened: v:
Source: C:\Windows\System32\msiexec.exeFile opened: t:
Source: C:\Windows\System32\msiexec.exeFile opened: r:
Source: C:\Windows\System32\msiexec.exeFile opened: p:
Source: C:\Windows\System32\msiexec.exeFile opened: n:
Source: C:\Windows\System32\msiexec.exeFile opened: l:
Source: C:\Windows\System32\msiexec.exeFile opened: j:
Source: C:\Windows\System32\msiexec.exeFile opened: h:
Source: C:\Windows\System32\msiexec.exeFile opened: f:
Source: C:\Windows\System32\msiexec.exeFile opened: b:
Source: C:\Windows\System32\msiexec.exeFile opened: y:
Source: C:\Windows\System32\msiexec.exeFile opened: w:
Source: C:\Windows\System32\msiexec.exeFile opened: u:
Source: C:\Windows\System32\msiexec.exeFile opened: s:
Source: C:\Windows\System32\msiexec.exeFile opened: q:
Source: C:\Windows\System32\msiexec.exeFile opened: o:
Source: C:\Windows\System32\msiexec.exeFile opened: m:
Source: C:\Windows\System32\msiexec.exeFile opened: k:
Source: C:\Windows\System32\msiexec.exeFile opened: i:
Source: C:\Windows\System32\msiexec.exeFile opened: g:
Source: C:\Windows\System32\msiexec.exeFile opened: e:
Source: C:\Windows\System32\msiexec.exeFile opened: c:
Source: C:\Windows\System32\msiexec.exeFile opened: a:
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\AppData\Local\Temp\Advanced Installer
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder\MSBuild
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\AppData\Local\
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\AppData\
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\

Networking

barindex
Snort IDS alert for network traffic
Source: TrafficSnort IDS: 2849814 ETPRO MALWARE TakeMyFile User-Agent 192.168.2.16:49722 -> 54.204.90.110:80
Source: TrafficSnort IDS: 2849813 ETPRO MALWARE TakeMyFile Installer Checkin 192.168.2.16:49722 -> 54.204.90.110:80
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownDNS traffic detected: queries for: collect.installeranalytics.com
Source: unknownHTTP traffic detected: POST / HTTP/1.1Content-Type: application/x-www-form-urlencoded; charset=utf-8User-Agent: AdvinstAnalytics/1.0 (Microsoft Windows NT 10.0.19045 ; x64)Host: collect.installeranalytics.comContent-Length: 164Cache-Control: no-cache
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\64218b.msi
Source: C:\Windows\System32\msiexec.exeFile deleted: C:\Windows\Installer\MSI240C.tmp
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: tsappcmp.dll
Source: C:\Windows\System32\msiexec.exeSection loaded: tsappcmp.dll
Source: Advanced.Installer-15.9.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: classification engineClassification label: mal52.winEXE@10/1454@1/2
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\nsy444.tmp
Source: Advanced.Installer-15.9.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile read: C:\Users\desktop.ini
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile read: C:\Users\user\Desktop\Advanced.Installer-15.9.exe
Source: unknownProcess created: C:\Users\user\Desktop\Advanced.Installer-15.9.exe C:\Users\user\Desktop\Advanced.Installer-15.9.exe
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess created: C:\Windows\SysWOW64\msiexec.exe msiexec" /i "C:\Users\user\AppData\Local\Temp\Advanced Installer\packeg.msi" /qb INSTALLDIR="C:\Program Files (x86)\Caphyon
Source: unknownProcess created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 66EF78568F7E2B411AB3629575A8313B U
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 2061C1BD9C6A72D348171618021859A7
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 482680F70E87C2CD4874C4A29AD1BC83 E Global\MSI0000
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 66EF78568F7E2B411AB3629575A8313B U
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 2061C1BD9C6A72D348171618021859A7
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess created: C:\Windows\SysWOW64\msiexec.exe msiexec" /i "C:\Users\user\AppData\Local\Temp\Advanced Installer\packeg.msi" /qb INSTALLDIR="C:\Program Files (x86)\Caphyon
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 482680F70E87C2CD4874C4A29AD1BC83 E Global\MSI0000
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32
Source: C:\Windows\System32\msiexec.exeFile written: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\classic.ini
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: Advanced.Installer-15.9.exeStatic file information: File size 92241479 > 1048576

Persistence and Installation Behavior

barindex
Drops PE files with a suspicious file extension
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\AdvancedInstaller.comJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\expatai.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\stdDllWrapper.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\dbghelp.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\encoder.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\uires.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\win7library.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\InstallTrial.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI24AA.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\zlibai.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Repackager.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\LZMA.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\uires.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\IIsProxy.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\VmLauncher.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ResourceCleaner.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\GameUX.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\viewer.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\msichainer.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\vectorimageprocessor.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\RegexProc.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIC0E8.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\CEAppMgrLauncher.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\FileOperations.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SQL.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\AppvPackagePublisher.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\advinst.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\BugReporter.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SecureProp.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\tempFiles.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ExternalUICleaner.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\iis.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\System.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\osprovision.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\RepackagerCLI.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\addNetworkLocation.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aicustact.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\InstallerAnalytics.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\AdvancedAnalytics.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\sccm.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\nsDialogs.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\CPLApplet.cplJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\registryTracer32.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\BugReporter.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\LangDLL.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\sharefolders.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\lzmaextractor.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aischeduler2.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\PowerShellScriptLauncher.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\RepackagerCLI.exeJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\stubs\res\aijcl-res.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\CPLApplet.cplJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\XmlCfg.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\IIsInspector.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\WinOptionalFeatures.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI44A1.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\Prereq.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\encoder.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\dbghelp.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\serval.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Advinst-comproxystub.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\digisign.exeJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\stubs\x64\aijclw.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\ComExtractor.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\AppvPackagePublisher.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\defaultPrograms.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\defaultPrograms.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\registryTracer64.dllJump to dropped file
Source: C:\Windows\SysWOW64\msiexec.exeFile created: C:\Users\user\AppData\Local\Temp\shi2600.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ShowBackgroundImages.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\certificateinstaller.exeJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\stubs\x86\ExternalUi.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\viewer.exeJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI25B6.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\updater.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aischeduler.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI3019.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\DotNetNativeImage.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\NetFirewall.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder\MSBuild\Caphyon\Advanced Installer\Advinst.Interop.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\gameratings.dllJump to dropped file
Source: C:\Windows\SysWOW64\msiexec.exeFile created: C:\Users\user\AppData\Local\Temp\shi266E.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\TxtUpdater.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Updater-comproxystub.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SharePoint.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\LZMA.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\zlibai.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\embeddeduiproxy.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\IniLocator.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\stdDllWrapper.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder\MSBuild\Caphyon\Advanced Installer\AdvInstExtTasks.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\AdvancedInstaller.comJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Users\user\AppData\Local\Temp\MSI11879\embeddeduiproxy.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\ConflictsDetector.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SQL.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\appxinstaller.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\TweakAppV.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\intune.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\DataUploader.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\chainersupport.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\dotNetCustAct.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI25D6.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ShortcutFlags.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\Repackager.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SoftwareDetector.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\SciLexer.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\VmLauncher.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\ComExtractor.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\Aero.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\BrandingURL.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI248A.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\userAccounts.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\advinstlicenseservercli.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SharePoint.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\advinstlicenseserver.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SecureProp.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\dotNetCustAct.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aipackagechainer.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\expatai.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI25B6.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI3019.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIC0E8.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI24AA.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI248A.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI25D6.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI44A1.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\CPLApplet.cplJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\CPLApplet.cplJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile created: C:\Users\user\AppData\Local\Temp\Advanced Installer\license.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\license.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_zh_TW.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_zh.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_zh_TW.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_zh.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_es.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_de.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_es.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_de.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_pt.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_pt.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_it.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_it.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_nl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_nl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_fr.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_fr.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_hu.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_hu.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_ru.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_ru.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_ja.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_ja.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_pl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_pl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_nb.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_nn.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_nb.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_nn.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_da.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_da.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_uk.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_uk.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_cs.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_cs.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_el.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_fi.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_ko.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sk.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sv.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_tr.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_el.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_fi.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_ko.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sk.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sl.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sv.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_tr.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sq.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sq.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_ca.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_ca.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sr_SP_Cyrillic.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sr_SP_Latin.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sr_SP_Cyrillic.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sr_SP_Latin.rtf
Source: C:\Windows\System32\msiexec.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeFile opened / queried: C:\Users\user\AppData\Local\Temp\Advanced Installer\third-party\vmware\x86\VixAllProductsDyn.dll
Source: C:\Windows\System32\msiexec.exeFile opened / queried: C:\Users\user\AppData\Local\Temp\Advanced Installer\third-party\hyper-v\vmguest.iso
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\expatai.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\stdDllWrapper.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\dbghelp.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\encoder.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\uires.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\win7library.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\InstallTrial.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeDropped PE file which has not been started: C:\Windows\Installer\MSI24AA.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\zlibai.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Repackager.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\LZMA.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\uires.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\IIsProxy.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\VmLauncher.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\GameUX.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ResourceCleaner.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\viewer.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\msichainer.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\vectorimageprocessor.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\RegexProc.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeDropped PE file which has not been started: C:\Windows\Installer\MSIC0E8.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\CEAppMgrLauncher.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\FileOperations.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SQL.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\AppvPackagePublisher.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\advinst.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\BugReporter.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SecureProp.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\tempFiles.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ExternalUICleaner.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\iis.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\System.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\osprovision.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\RepackagerCLI.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\addNetworkLocation.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aicustact.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\InstallerAnalytics.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\AdvancedAnalytics.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\sccm.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\nsDialogs.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\CPLApplet.cplJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\registryTracer32.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\BugReporter.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\LangDLL.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\sharefolders.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\lzmaextractor.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aischeduler2.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\PowerShellScriptLauncher.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\RepackagerCLI.exeJump to dropped file
Source: C:\Windows\System32\msiexec.exeDropped PE file which has not been started: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\stubs\res\aijcl-res.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\CPLApplet.cplJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\XmlCfg.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\IIsInspector.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\WinOptionalFeatures.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\Prereq.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\encoder.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\dbghelp.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\serval.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Advinst-comproxystub.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\digisign.exeJump to dropped file
Source: C:\Windows\System32\msiexec.exeDropped PE file which has not been started: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\stubs\x64\aijclw.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\AppvPackagePublisher.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\ComExtractor.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\defaultPrograms.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\defaultPrograms.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\registryTracer64.dllJump to dropped file
Source: C:\Windows\SysWOW64\msiexec.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\shi2600.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ShowBackgroundImages.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\certificateinstaller.exeJump to dropped file
Source: C:\Windows\System32\msiexec.exeDropped PE file which has not been started: C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\stubs\x86\ExternalUi.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\viewer.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\updater.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aischeduler.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeDropped PE file which has not been started: C:\Windows\Installer\MSI3019.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\DotNetNativeImage.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\NetFirewall.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder\MSBuild\Caphyon\Advanced Installer\Advinst.Interop.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\gameratings.dllJump to dropped file
Source: C:\Windows\SysWOW64\msiexec.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\shi266E.tmpJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\TxtUpdater.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Updater-comproxystub.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SharePoint.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\LZMA.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\zlibai.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\embeddeduiproxy.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\IniLocator.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder\MSBuild\Caphyon\Advanced Installer\AdvInstExtTasks.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\stdDllWrapper.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\AdvancedInstaller.comJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\ConflictsDetector.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SQL.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\appxinstaller.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\TweakAppV.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\intune.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\DataUploader.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\chainersupport.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\dotNetCustAct.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ShortcutFlags.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\Repackager.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SoftwareDetector.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\SciLexer.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\VmLauncher.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\ComExtractor.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\Aero.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\BrandingURL.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\userAccounts.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\advinstlicenseservercli.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\advinstlicenseserver.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SecureProp.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SharePoint.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aipackagechainer.exeJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\dotNetCustAct.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\expatai.dllJump to dropped file
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile Volume queried: C:\Program Files (x86) FullSizeInformation
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile Volume queried: C:\Program Files (x86) FullSizeInformation
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\AppData\Local\Temp\Advanced Installer
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder\MSBuild
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\AppData\Local\
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\AppData\
Source: C:\Users\user\Desktop\Advanced.Installer-15.9.exeFile opened: C:\Users\user\
Source: C:\Windows\System32\msiexec.exeProcess information queried: ProcessInformation
Source: C:\Windows\System32\msiexec.exeQueries volume information: C:\ VolumeInformation

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpactResource DevelopmentReconnaissance
1
Replication Through Removable Media		Windows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		131
Masquerading		OS Credential Dumping1
Security Software Discovery		1
Replication Through Removable Media		Data from Local SystemExfiltration Over Other Network Medium2
Non-Application Layer Protocol		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationAbuse Accessibility FeaturesAcquire InfrastructureGather Victim Identity Information
Default AccountsScheduled Task/Job1
DLL Side-Loading		1
Registry Run Keys / Startup Folder		1
Virtualization/Sandbox Evasion		LSASS Memory1
Virtualization/Sandbox Evasion		Remote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth2
Application Layer Protocol		SIM Card SwapObtain Device Cloud BackupsNetwork Denial of ServiceDomainsCredentials
Domain AccountsAtLogon Script (Windows)1
DLL Side-Loading		1
Process Injection		Security Account Manager1
Process Discovery		SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationSteganographyData Encrypted for ImpactDNS ServerEmail Addresses
Local AccountsCronLogin HookLogin Hook1
DLL Side-Loading		NTDS11
Peripheral Device Discovery		Distributed Component Object ModelInput CaptureTraffic DuplicationProtocol ImpersonationData DestructionVirtual Private ServerEmployee Names
Cloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
File Deletion		LSA Secrets3
File and Directory Discovery		SSHKeyloggingScheduled TransferFallback ChannelsData Encrypted for ImpactServerGather Victim Network Information
Replication Through Removable MediaScheduled TaskRC ScriptsRC ScriptsSteganographyCached Domain Credentials12
System Information Discovery		VNCGUI Input CaptureData Transfer Size LimitsMultiband CommunicationService StopBotnetDomain Properties

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Advanced.Installer-15.9.exe0%ReversingLabs

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\Aero.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\BrandingURL.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\LangDLL.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\System.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\nsDialogs.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder\MSBuild\Caphyon\Advanced Installer\AdvInstExtTasks.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder\MSBuild\Caphyon\Advanced Installer\Advinst.Interop.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\osprovision.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\BugReporter.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\ComExtractor.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\LZMA.exe0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\Repackager.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\RepackagerCLI.exe0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\VmLauncher.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\dbghelp.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\encoder.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\expatai.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\registryTracer64.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\uires.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\zlibai.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\AdvancedAnalytics.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\AdvancedInstaller.com2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Advinst-comproxystub.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\BugReporter.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\ComExtractor.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\ConflictsDetector.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\IIsInspector.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\LZMA.exe0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Repackager.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\RepackagerCLI.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\SciLexer.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\TweakAppV.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Updater-comproxystub.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\VmLauncher.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\advinstlicenseserver.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\advinstlicenseservercli.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\dbghelp.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\digisign.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\embeddeduiproxy.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\encoder.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\expatai.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\gameratings.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\intune.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\registryTracer32.dll4%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\sccm.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\uires.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\updater.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\vectorimageprocessor.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\zlibai.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\AppvPackagePublisher.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\CPLApplet.cpl2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SQL.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SecureProp.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SharePoint.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\defaultPrograms.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\dotNetCustAct.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\stdDllWrapper.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\viewer.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\AppvPackagePublisher.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\CEAppMgrLauncher.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\CPLApplet.cpl2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\DataUploader.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\DotNetNativeImage.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ExternalUICleaner.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\FileOperations.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\GameUX.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\IIsProxy.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\IniLocator.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\InstallTrial.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\InstallerAnalytics.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\NetFirewall.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\PowerShellScriptLauncher.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\Prereq.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\RegexProc.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ResourceCleaner.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SQL.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SecureProp.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SharePoint.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ShortcutFlags.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ShowBackgroundImages.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SoftwareDetector.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\TxtUpdater.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\WinOptionalFeatures.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\XmlCfg.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\addNetworkLocation.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aicustact.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aipackagechainer.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aischeduler.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aischeduler2.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\appxinstaller.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\certificateinstaller.exe2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\chainersupport.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\defaultPrograms.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\dotNetCustAct.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\iis.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\lzmaextractor.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\msichainer.exe0%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\serval.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\sharefolders.dll2%ReversingLabs
C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\stdDllWrapper.dll2%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
collect.installeranalytics.com
54.204.90.110
truefalse
    		high

    Contacted URLs

    NameMaliciousAntivirus DetectionReputation
    http://collect.installeranalytics.com/false
      		high

      World Map of Contacted IPs

      • No. of IPs < 25%
      • 25% < No. of IPs < 50%
      • 50% < No. of IPs < 75%
      • 75% < No. of IPs

      Public IPs

      IPDomainCountryFlagASNASN NameMalicious
      54.204.90.110
      		collect.installeranalytics.comUnited States
      		14618AMAZON-AESUSfalse

      General Information

      Joe Sandbox version:38.0.0 Ammolite
      Analysis ID:1366253
      Start date and time:2023-12-22 15:39:44 +01:00
      Joe Sandbox product:CloudBasic
      Overall analysis duration:
      Hypervisor based Inspection enabled:false
      Report type:full
      Cookbook file name:defaultwindowsinteractivecookbook.jbs
      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
      Number of analysed new started processes analysed:12
      Number of new started drivers analysed:0
      Number of existing processes analysed:0
      Number of existing drivers analysed:0
      Number of injected processes analysed:0
      Technologies:
      • EGA enabled
      Analysis Mode:stream
      Analysis stop reason:Timeout
      Sample name:Advanced.Installer-15.9.exe
      Detection:MAL
      Classification:mal52.winEXE@10/1454@1/2
      Cookbook Comments:
      • Found application associated with file extension: .exe

      Warnings

      • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe
      • Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com
      • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
      • Not all processes where analyzed, report is missing behavior information
      • Report size exceeded maximum capacity and may have missing behavior information.
      • Report size getting too big, too many NtCreateFile calls found.
      • Report size getting too big, too many NtCreateKey calls found.
      • Report size getting too big, too many NtOpenFile calls found.
      • Report size getting too big, too many NtQueryAttributesFile calls found.
      • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
      • Report size getting too big, too many NtReadFile calls found.
      • Report size getting too big, too many NtSetInformationFile calls found.
      • Report size getting too big, too many NtSetValueKey calls found.
      • Report size getting too big, too many NtWriteFile calls found.
      • Timeout during stream target processing, analysis might miss dynamic analysis data
      • VT rate limit hit for: Advanced.Installer-15.9.exe

      Created / dropped Files

      C:\Config.Msi\64218d.rbs

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:data
      Category:dropped
      Size (bytes):1800374
      Entropy (8bit):6.6692604971624085
      Encrypted:false
      SSDEEP:
      MD5:D4D894D5CDC09327EA96F942C0C5860F
      SHA1:44B15A1495FD4D35BF7277CB1F70811467542BB2
      SHA-256:B0B5637848DA39DF021D3DFF76794C011822634C5E78DE6E3CC04F02E04A9D0C
      SHA-512:462B4CEE8F7BA037C983DAF6C7FB688BF3515B4C9308B53919B56ECE21A88E9B4695081CED858E166F5457FC3D91A15E1B9C9DC88F6FDAC3B16B5AB59837E989
      Malicious:false
      Reputation:low
      Preview:...@IXOS.@.....@4}.W.@.....@.....@.....@.....@.....@......&.{BABEB095-3E12-417E-A23D-670D4FA86D3A}..Advanced Installer 15.9..packeg.msi.@.....@.....@.....@......AdvancedInstaller.exe..&.{1019FDC9-D963-4486-B7FC-95EAD3D51506}.....@.....@.....@.....@.......@.....@.....@.......@......Advanced Installer 15.9......Rollback..Rolling back action:....RollbackCleanup..Removing backup files..File: [1]....ProcessComponents..Updating component registration..&.{A3F907C5-E217-4003-8DD2-9E30A013707A}&.{BABEB095-3E12-417E-A23D-670D4FA86D3A}.@......&.{81E1B538-F129-452E-AB66-3D09BA035419}&.{BABEB095-3E12-417E-A23D-670D4FA86D3A}.@......&.{745B1AD2-DB4F-4259-B692-34897041F8A5}&.{BABEB095-3E12-417E-A23D-670D4FA86D3A}.@......&.{DB449FFA-E4A3-43B2-8FFA-EEA7620E5352}&.{BABEB095-3E12-417E-A23D-670D4FA86D3A}.@......&.{6BF3A272-968A-4830-8D04-EA2A812C65B3}&.{BABEB095-3E12-417E-A23D-670D4FA86D3A}.@......&.{22D4F0BA-E139-4424-814D-F38AB24EE7CC}&.{BABEB095-3E12-417E-A23D-670D4FA86D3A}.@......&.{3D6E22A4-417D-4E2C-

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\updater.ini

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):429
      Entropy (8bit):5.414227677704954
      Encrypted:false
      SSDEEP:
      MD5:F636B4DF72B959EC9906A792D9A021BE
      SHA1:75423EF8437950527F9EA878FEDDD59605BC7E52
      SHA-256:DDC61FFCE17C4D2313AA051F3D8B6039BBA236B5D09EAA227910873D02972672
      SHA-512:19865BAF66D91E06CC354E506AB0DFC69F494555202CCF452C8A0E0243F07DACA06713FB6001D04ACDD46DA323830BF2D7A9012D6D4B7C152BCB9352910FA337
      Malicious:false
      Reputation:low
      Preview:[General]..Flags=PerMachine|ShowConfigOptionsButton..AppDir=C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\..ID={0468B821-8AD9-46E7-8BB5-65FBE3955791}..ApplicationName=Advanced Installer 15.9..CompanyName=Caphyon..ApplicationVersion=15.9..DefaultCommandLine=/checknow..CheckFrequency=2..DownloadsFolder=C:\ProgramData\Caphyon\Advanced Installer 15.9\updates\..URL=https://www.advancedinstaller.com/downloads/updates.ini..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\dictionaries\ui_zh_TW.ail

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
      Category:dropped
      Size (bytes):90072
      Entropy (8bit):6.440263402144364
      Encrypted:false
      SSDEEP:
      MD5:1CAA29C604D3D0D8E622CEB0271C8007
      SHA1:FFFBC866DD907D95219C005D6B912CBC29001922
      SHA-256:98E7AD2A5B9F62D324713E18B4A035CAAB9A8BEBA3799B67587121C93917EB13
      SHA-512:92C7D105B299706C477D7D2EDCCE180B7E563EE3DD37AB1CFC0AF8F4B4FBD1A977FF16B3A344BA355CFD6E282F01DC59390E05449920DFCCE4EC0A571759A077
      Malicious:false
      Reputation:low
      Preview:.<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="zh_TW" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32 ."/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="......."/>.. <STRING id="AI.DuplicateFile.DestName" value=".. %s - %s"/>.. <STRING id="AI.Environment.DefaultName" value="......"/>.. <STRING id="AI.Feature.DefaultDescription" value=".."/>.. <STRING id="AI.Feature.DefaultTitle" value=".."/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Play"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Support"/>.. <STRING id="AI.GameUx.DefaultGameDescription" value=".. [|CurrentGame] .."/>.. <STRING id="AI.IniFile.DefaultFileName" value="......"/>.. <STRING id="AI.IniFile.DefaultKey" value="....."/>.. <STRING

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\dictionaries\vsix.ail

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):434
      Entropy (8bit):5.316811161824329
      Encrypted:false
      SSDEEP:
      MD5:989762D948A573DE74AF6E583B339C49
      SHA1:17385EC20A6BA5CA9495BD8CB15F9386E1D37076
      SHA-256:E8A233281A7826E1A505C2CBB6FDFD0508F67325147188D620B038D4F90C3BBE
      SHA-512:59B6BAAA3F0A8F3B727891897980427F77A33E69A14F9778D95408999C7676B91EB96B1945F8854FBC2576A7D0F27239B6B4E5F3B85599B10D88C864EDF04ED7
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="neutral" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. Updater Editor defaults -->.. <STRING id="AI.AI_GenericProperty.DefaultName" value="Your Application"/>.. <STRING id="AI.AI_GenericProperty.DefaultDescription" value="Your application description."/>..</DICTIONARY>..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\dictionaries\vsix_en.ail

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):429
      Entropy (8bit):5.322205469460937
      Encrypted:false
      SSDEEP:
      MD5:D94C7A4C802E9280138C0420D728F81E
      SHA1:77E152A974D235BF8217D0EB4ACE75D2E07D562C
      SHA-256:ABED22D6C24EDB715EAE590211533BE81062680CFEF37DB51B1E540C7F0E1005
      SHA-512:3BDFB8D728A3EE40C0C9F094AA69D060219E2975B5C4893FA5CD83F31B1591224CE902575E5CA3162E8A441F1FBE54734E2A8C375FAA2952CE197F6F8DD6C7AA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="en" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. Updater Editor defaults -->.. <STRING id="AI.AI_GenericProperty.DefaultName" value="Your Application"/>.. <STRING id="AI.AI_GenericProperty.DefaultDescription" value="Your application description."/>..</DICTIONARY>..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\fragments\CommonUI.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3456
      Entropy (8bit):5.119938553742822
      Encrypted:false
      SSDEEP:
      MD5:C71D16A7FFE8C8EF02B79E2C6F01A401
      SHA1:53B6731D39C6125AD4FFFC74141A9C587BE6383D
      SHA-256:146FAB82C2A23FB44C87F6A8F57A4A4FC7AA65C31E18670998050F788A56E70D
      SHA-512:2F54BDC5F9460EAFA4CB0478A1BB3165D1A383BFED0D74DE23BB2A2E987D12E156D1390A7A20C93A719459EFDDC9C9FC0D878CE03E3D786240AC46D144928F96
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT type="ReadOnly" RootPath=".">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="cmdlinkarrow" SourcePath="&lt;AI_RES&gt;binary\command_link.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ErrorDialog" Value="ErrorDlg" ValueLocId="-"/>.. <ROW Property="INSTALLLEVEL" Value="3" ValueLocId="-"/>.. <ROW Property="EnableUserControl" Value="1" ValueLocId="-"/>.. <ROW Property="AppsShutdownOption" Value="All" ValueLocId="-"/>.. <ROW Property="PROMPTROLLBACKCOST" Value="P" ValueLocId="-"/>.. <ROW Property="DiskPrompt" Value="[1]" ValueLocId="-"/>.. <ROW Property="AI_CommitButton" Value="ButtonText_Install" ValueLocId="-"/>.. <ROW Property="ButtonText_Browse" ValueLocId="Property.ButtonText_Browse"/>.. <ROW Property="ButtonText_Cancel" ValueLocId="Property.ButtonText_Cancel"/>.. <ROW Property="ButtonText_Exit" ValueL

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\fragments\Sequences.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):10738
      Entropy (8bit):5.144024394886862
      Encrypted:false
      SSDEEP:
      MD5:F78AB8141404AD6463838FD6B94CAEDF
      SHA1:AA3FD74FFCF829C3BB286F66AAB929E31CD0FD42
      SHA-256:63FAF33316676B6F166E7696BA4B548E4BF145E48FD48131726D10EE1A664B67
      SHA-512:D9E9A31C5101FCCB17AC4383A8330F9D707A4B7D0B2884E343452B4EBB4023642BBEE7739556E3859B1DF3D854B465C5D7F282C8209739CC08A81E49FE9CF3A3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT type="ReadOnly" RootPath=".">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCustActComponent">.. <ROW Action="AI_CORRECT_INSTALL" Type="51" Source="AI_INSTALL" Target="{}"/>.. <ROW Action="AI_SET_ADMIN" Type="51" Source="AI_ADMIN" Target="1"/>.. <ROW Action="AI_SET_INSTALL" Type="51" Source="AI_INSTALL" Target="1"/>.. <ROW Action="AI_SET_MAINT" Type="51" Source="AI_MAINT" Target="1"/>.. <ROW Action="AI_SET_PATCH" Type="51" Source="AI_PATCH" Target="1"/>.. <ROW Action="AI_SET_RESUME" Type="51" Source="AI_RESUME" Target="1"/>.. <ROW Action="AI_DETECT_MODERNWIN" Type="1" Source="&lt;AI_CUSTACTS&gt;aicustact.dll" Target="DetectModernWindows"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiInstExSeqComponent">.. <ROW Action="AllocateRegistrySpace" Condition="NOT Installed" Sequence="1550" SeqType="0"/>.. <ROW Action="AppSearch" Condition="" Sequence="100" SeqType="0"/>.. <ROW Act

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\fragments\StaticUIStrings.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):50274
      Entropy (8bit):5.154864161226394
      Encrypted:false
      SSDEEP:
      MD5:942CCD0545DF4ECE54DDBA08645E70AA
      SHA1:3610A2B0F0F43232707F42DF0E9F50E1B4DFE104
      SHA-256:43804CDC3F57A60EBA2A78F09B6FEF0CED895034260CAE16EFED20659F41EF6D
      SHA-512:90422D8E1AFDE690A88B87E9E1EBA5185273F11D6D0F93404590DB62B8626DC6BDFD699748C6AFEFCCF864697E67B9F63F1EDE1CCF0E336454AAB92713372FDC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiActionTextComponent">.. <ROW Action="Advertise" DescriptionLocId="ActionText.Description.Advertise"/>.. <ROW Action="AllocateRegistrySpace" DescriptionLocId="ActionText.Description.AllocateRegistrySpace" TemplateLocId="ActionText.Template.AllocateRegistrySpace"/>.. <ROW Action="AppSearch" DescriptionLocId="ActionText.Description.AppSearch" TemplateLocId="ActionText.Template.AppSearch"/>.. <ROW Action="BindImage" DescriptionLocId="ActionText.Description.BindImage" TemplateLocId="ActionText.Template.BindImage"/>.. <ROW Action="CCPSearch" DescriptionLocId="ActionText.Description.CCPSearch"/>.. <ROW Action="CostFinalize" DescriptionLocId="ActionText.Description.CostFinalize"/>.. <ROW Action="CostInitialize" DescriptionLocId="ActionText.Description.CostInitialize"/>.. <ROW Action="CreateFolders" DescriptionLocId="ActionText.D

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\fragments\Validation.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (324), with CRLF line terminators
      Category:dropped
      Size (bytes):196492
      Entropy (8bit):5.0444160547288135
      Encrypted:false
      SSDEEP:
      MD5:02FF0F6BC64100F4FC0F6DE39DC86254
      SHA1:D12C42D1B8F015CD8663EA3D855B936004E281DD
      SHA-256:97FD85210C86850DFE0F77948CD3A2A6C3CE0A751E6E3A50CF7B2C1C6C5578E3
      SHA-512:B260952BBE792B3061EA37BA19503B5EFADDFAA2909B1255E149BF1E8D539C738DE275D1301A61AEC87DA8A0F64199740A5A5B64E1C11FA23EAA7A65E4023749
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT type="ReadOnly" RootPath=".">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiValidationComponent">.. <ROW Table="AI_AppSearchEx" Column="Property" Category="Identifier" Description="The property associated with a search." Options="2" ColumnType="1" ColumnIndex="0" ColumnSize="72"/>.. <ROW Table="AI_AppSearchEx" Column="Type" Description="The type of the search to be performed." Options="3" ColumnType="3" ColumnIndex="1" ColumnSize="4"/>.. <ROW Table="AI_AppSearchEx" Column="SearchString" Category="Text" Description="The item we search for and the location." Options="2" ColumnType="1" ColumnIndex="2" ColumnSize="0"/>.. <ROW Table="AI_AppSearchEx" Column="Order" MinValue="0" MaxValue="2147483647" Description="The sequence in which the searches will be performed is controlled using this field." Options="0" ColumnType="3" ColumnIndex="3" ColumnSize="4"/>.. <ROW Table="AI_AppSearchEx" Column="Condition" Categor

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\fragments\prerequisites\XNA Framework 3.0\XNA Framework 3.0.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1083
      Entropy (8bit):5.602833166029637
      Encrypted:false
      SSDEEP:
      MD5:9A95755ABAF174EA89B936055576D8EA
      SHA1:08E50AFBB05BBA1B83C176C291869C5352058C9A
      SHA-256:D147ECA8D4BBDC007D808493B008D6615B32363DCCBAABA6B1930286C807E6A9
      SHA-512:27050132DAF2BE411F0B7A50392F8C447A62482D586177B0C87D2A056CDAA01B164DFAD35882ECC49AA39EEC5FF197D2719F456B9730BA930CEB8F550F4D67D7
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="ED144C17_3319_46EE_A8DD_1F1ECDEE5ECD" DisplayName="XNA Framework 3.0" VersionMin="3.0".. SetupFileUrl="http://download.microsoft.com/download/0/f/f/0ff8780d-f50a-41ef-a31a-09db7c0589a2/xnafx30_redist.msi".. Location="1" ExactSize="7982080" MD5="3bd0b94517ab07bc0a9ade09b969a5c0".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="XNA Framework 3.0"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Games"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="ED144C17_3319_46EE_A8DD_1F1ECDEE5ECDProductVersion" Prereq="ED144C17_3319_46EE_A8DD_1F1ECDEE5ECD" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\XNA\Framework\v3.0\ProductVersion" VerMin="3.0.11010.0".. Order="1" Property="

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\arhProjWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1335
      Entropy (8bit):7.812097919609733
      Encrypted:false
      SSDEEP:
      MD5:52D5E4C8A1318413501B273E94E17E4F
      SHA1:A1B4EC505CE304D358C2F75C0EBDFFA90DFD8B5D
      SHA-256:9952974C05BF64ED8B1D4C8E3A9B77F3066793A66E3249899ECC2A164E9F0696
      SHA-512:AEE1DFBCE042343EB300CD938ED9081C4AAA394474CE81E8E630DE49AA0B60D24776A29B3EE0446A2C4B8F2BBA3A345169FC50D4600E44535938AE587E695B2A
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE.....Y......]..x..z...O..V..M.8..(.z......W.I.4.......s.1.~.|....Q.>..:.5..$.........f....X.L.<..2.-.............u..k..b..`....R.F.....................r.......}.w.l.A.+..................h......................E.C..5.*.........~....m..W..a........y..Q..)..!.........u.....c....u..c........~.....}~.s..g..a..Z..J..4.+......................~....{........n...............q..d.[.U..<..4..?....BIDATH..gC.0.....n."..ED..)"..s. .so........2...P:.&i....7................a...fA4...h.e....%.A..2..U*.-..\.....T...*.T..#.D...*K.T..u#.~.W..L.)n<.m..p.RE..9..F........|...8RU.........9.......<..z....W.&..i...CF...al...D3x....Bk..-A.MI .....C.jU( ...J7....%.p.TcAa....a.u.;4.?*.Y)%..Jz..r.*..B.R.../..+.....sy.F.:(.....&.._B.=K.&.~..W.jX....[.f/..C..@m....p.z.......>.....lS.b..M{.B..>};.....*.......W..nC..^..w..n.#...<.w.5(...z[1.l...}3o...^..T...k...._. ...:.^..=..X...;}.0<...)..?.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\binary\default-bitmap.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 150x60, components 3
      Category:dropped
      Size (bytes):4001
      Entropy (8bit):7.8555084224009635
      Encrypted:false
      SSDEEP:
      MD5:DF33359109A4CA721148A53FEAA0C4D1
      SHA1:E8D6F2B2AAC3E7C3BED839F3B0DB6A23ED9DA958
      SHA-256:B3618C5FB5B01402C92ECDE40D5554303F7F6E22B1DEDD9BBAA5EBA39AA3A763
      SHA-512:AA556EA8EA0C0767DA0F279FF55F4523A3AB924B488F65D696EF3EE1B2AA65E25B7CDC124E9C1FB89CE5C4BFEE468C0EAC8CDE85376041BCA549F36154A52CA1
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................<.............................................................................................!..1AQ"..aq..2B....Rr...#b.3CS4........................!1.Q.A.aq..."....2B..#3...r.c.............?...Z.h........{...5..&C..b.D...m....u.E....R;#(nO;.....^?Jka.....mQ.f.I...u.8... ... i..~.dU.t+s...I..."..Z...|G..K....D..Mq..$....^..If..(..=l{}i*....A........Zs....5....Ru. ..o..2\\.!5...~s$..b..e..q.P.........U.)T...V.k..<.......15....BKHx.....Ph...h....ez.A ..l....UE.D1.Y*.mD.#.s..3#bx..e..oc..M..bu...J.....~:..qzK..!.N...w0B..3......".}5<.Km"IF......).............jT.........I..:..0*......p.B....Uub..f.+.;.....4....;...~../e.v.....*....R...Z...~.13gV.....N..T....,E...%.W.H.x...WBA...B....#N....1Uh.Y6_q..o..{".I:.....{......9...w..)..c..8.qcZk...'.rs&..E...^.`:...........

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\binary\default-icon.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 6 icons, 48x48, 16 colors, 4 bits/pixel, 32x32, 16 colors, 4 bits/pixel
      Category:dropped
      Size (bytes):17814
      Entropy (8bit):5.175387235920304
      Encrypted:false
      SSDEEP:
      MD5:60FB5043B06C68735E11257802F0BAB6
      SHA1:0AB0984995679F7921CC36EF92606CF00BD29C46
      SHA-256:022B5E00D1062DEC4298BC3AC60EB2C5FB27C69DD0BE5282033F4211266E93D5
      SHA-512:8457A47489E9A6B5A4E335F124F7F2A829A359857549E919E0E4E4D97E441D8128DCAD873C4E74764C80454786FFC7A24630116B885F71FD599C328121893E73
      Malicious:false
      Reputation:low
      Preview:......00......h...f... ......................(.......00.... ..%...... .... ......0........ .h....A..(...0...`....................................................................................................................................................................................................................................................................................w..............."0."x.wfffwx..........ps72#37wwfffwwx........"2#33332wvfffgwwx......r33#33332fffffffgw.......#3333332ffffffffgx......#"33333&"&fffffffg.....w.s33333#32ffffffffx....8..33333333ffffffffw....8..33333333ffffffffg....(...3333332ffffffffgx.......s333332fffffffffw...swwwws3337sfffffffffv...'wwwwwwwwww&fffffffff...'wwwwwwwwww6fffffffff...'ws2www#wws&fffffffff...s3#swww3#72ffffffffffp...w.#www232&ffffffffffp.....'wwws33vffffffffffp.....33333336ffffffffffp.....7wwww'33ffffffffffp.....7w37s8.36ffn..fffv......s3&#2x.s3fff...ffw.......'wwvx..33fff.ffgw.......w...wx..36fffffgw............w..s3&ffffgx....

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\browseSqlServerWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1674
      Entropy (8bit):7.823738873275282
      Encrypted:false
      SSDEEP:
      MD5:90FDDA9F5370CD41DE621F130AAA6657
      SHA1:48149124D982E35253EC7C13A00C5BFBE0447ED5
      SHA-256:96059CF8A500F4C0BE9E44B7109C959996B757A4FEDA43F57F6C9F840CA44C92
      SHA-512:C22658D0D854672DB2A477E8B969BF9BBBFEDF43248073CE311D7C07B1844CBCC9730A7EF9D37BBC6ABD832C72D574A35843D0E38020A61EFE55C0720CB0F26B
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....LPLTE.....Y...........c........a.....w....b..b..b..c..c..a..a....b..c...........V....{....b.............................................R.K.7........................................;p...........P..M.H.E.A.....)..!.|.......x.........a.....[....@u.=s.,d......[..P..K..=..8...,..'.....................x..............................Q.............T..D.9.5..&.y.........................................t.........r..................z.....7m.Bs.....{..v.t..c.b..`..(...........i...........m..........j..^..L{........e..............|.x..j.......IDATH..gW.P...J$1.I..[...,.N*...R......V@.2d...{...b...i.7._..<.so.{.NJ.:..YZ\...+.a.X..}Uu.R.O.ec....1....5..-.V...+(.[L..1Y.j61.1.66.^.Yx.l..q..w.[twd.....\.D.S..[.;.,4.....N.d...:..{r.O/T..B}_._J...6.......{..Q.}A|`.]8.*..]...4J.a..2_.>.R...o2h......@ ,..'}...Y....R(..`@U.6.6.".!..l.x.M.}.:]....RZ...\..*O.VI.6.Q.r..o'..F..,....zE...)*(...f..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\browseSqlServerWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):5614
      Entropy (8bit):7.873292032033569
      Encrypted:false
      SSDEEP:
      MD5:74543FB953D1FFDF2CD72EC8A7F454AE
      SHA1:C7A7F0B009D86A7BD7186D54500A026EEB42E66C
      SHA-256:7708EDDF3D267A1BF045EC4711748F036722C6F7D0CFC95FCAEDA8BF3C97A2C6
      SHA-512:147ACE34364668099C551075706BCA271909484E60B6D32FF47528A0C360ADBE2373B1F5A886541CDF20F9389206731F70445D6D2A20FA07C9F1828D186ADF26
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE...Z.......Y.............N......H............................@..n..eCt...|...............z.Jy.S......2...................k.......{..s..N..e...h.......................o......>x....Az......u...J......Y.."......X....jU........1.{*...........d.._..p..M~..........E{......0g............y...]..S...X.3...>W..t..Dw..f..6.....|......H..(...}..n.....P.......x......{..M.F.E...................`....xI............or...........`..S......L..^.........R_y...x..........IDATx...1..0..0.o.&.p.XH: ........w....x?...w....x.;.....x.;....: x.;..w........w....x?...w....x.;.....x.;....: x.;.};xM...8.9....$vh...H...d`.........1.b[.,[.B....e.d..`...{I.I[_.n./..{....{A..;.;.;.;....Q.................x.b..........Xv.y........o......{.............t.......s...}.?....~N...6...~1u..O........>"o.....?..X.G..[.H.@..;y..u8....B>....:..$..i..'H..v...F1...s50..YL..7.=+.X....<.K.7..v.N..eU1*<..`v..b...1../..SE).+.0Z@m..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\browseiisWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1417
      Entropy (8bit):7.814692517336097
      Encrypted:false
      SSDEEP:
      MD5:1CBCACCB80AF56CBBA696A8A310D322D
      SHA1:DAA0930AB7A6B009D3A7E15D4786926FFE450AA3
      SHA-256:9208FEEF0BE578B0DFFCFA10E6C6AB3830F2F1061A970CEBDE709865C59BD1DB
      SHA-512:9513B4265C5EB569766A5F6786130B4A8DD365146DCE590F23D909993B8C208EFCFA3045D954A76A0EE27A73D8267D8CF9A1106DE72FE1E37514312BBB11417D
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....SPLTE...c....................b..a..i..d........a..o..............b..............u..l..c..e..a....|..c..a............b..r..g.....b..b....x....................k..?t................b.....:o............h.............z....-d............s...........x..o..v....\..Q.........d..Bs....i.....}..m..........X..L{.........IDATH..Ws.@.F.!$..:.%...`j.m...c.8..{..OY....Nx.C.....~w...?..I.n.Pi...w|.......Q..v..?C..i..widp.e7....-.s.6.#$.b.I...-.n..lJRC;......Q..a&:..7..l...nhh..lP..4..r..A1.U..J.).#.."~7..M..tmc...@...6$B...O..;.....u.oNe.....)...E..P...({gU.....qI.,..F...}!+u.....f?.Rm.........1..kG...vu`.!..T..67.(Q5....me.].L{...)....0...-I|..N.~M(.T. ..a5....Q.....T..y...r[.........._..={.m..........i-...[{?.f.j..ji..x.*~...|:.4.df.....E#..../..<....4.g...A.<b.> 0q}o.E....k.}.b...RF.0@..I..|..../.9f....a/.L8V....LW..I...`..F...Z4.X'..1...t$:.>..|.xcK..O5...M..t.d .;Ik....PP=......;gp..#....-.m.1..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\conditionWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 4-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):275
      Entropy (8bit):6.722157955700608
      Encrypted:false
      SSDEEP:
      MD5:3D23EF60DFC8FA98826C76BE10878D16
      SHA1:5ADC33AF0B9627D6667AA7255ED09A8F1EA78128
      SHA-256:6644BA984481B84B576644272367509381D244372DF7E3B4F7DF5459249F79F2
      SHA-512:27F59851D72735E9C3760F01DEA8760BEDAD4537122BD15B5B3FCA3B1F411379C0E3A4E6889B5FCEBAD7C497B64C21EEF02F2FB1662F1A050BDAE6C0C5C55AF8
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.......\/...-PLTE...c....$8w...........}...NR....ad.8=....y.)N....IDAT8.c....;0``0...$#.......T..&%..l2.J ..).....21P.u..&%(H@..R...h2,`.3.d....P..(.).......$.-.....4.`..[s...pW.$`.q..l...|@.].a...&..'...d....A@..=..}.'...;.>........IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\conditionWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):2665
      Entropy (8bit):7.719246509439798
      Encrypted:false
      SSDEEP:
      MD5:14DB30B1515FBB1617B43AD07F2AA1DD
      SHA1:D29C55DC14DDDF223A4859BFDB95590AB7356918
      SHA-256:39D548CECE4D80A5261B203696ABDC2CA91B838C7944781C16C8AECE62C44082
      SHA-512:CE3734BD2D3463B2CB58FBDF96F3CFD3B8CC20C6A025D6108B64FB2FF2A29915CBB6B4C032EDB750D28C6EB32E1CDC94B975EAF2497EF73F55D26D80D9C79F70
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......]PLTE......c.......$....{....r....v..m..-.............r........mo.......?D.....F...*J....IDATx...As. ..ao5{.;.u8y...f.k!...v.|.)a<9.d...........4....;.;.;.;.;.;..........Fw..Y.B..M....t...6.{......q...Y.t.....U...H.....j..K...]..=/.o.p.fw..n7.{.........M..x~.5..Ov...jb..=.*..6.{...]..}.r/..6.{"#.ks.G2..6....+......UpGpGpG..=H.-...B..]s..y]..h.......=.r..y{....v.u1c.WM....g....p.U.vp...=.....X5m..,..\e..=........fn.yi..T..{o^.....+..|o^...}].r........Gc1~.Lv.../...ti.........{4.p..=]....Sw...J..'w..s.3w.vOT..EN...E.9...d.g...?J"p?..=....Z..Y.h.....rH..p....a.K....N.mx.k...RD.we...]..=...p...w...........{.]X..~..]...`o.[i.H...k#...P.\^N#.........=..+......v".......2...o.Gp....?`...p...s......w..Z]D._..r.........Gc.3.F....G...`..#.....]..]N.!.]..=.....s..k..]...-..K..[.-......i.....u......O.}..hFw.............w..........E3.7...6...cQ.y4p..t.w,.<.......E....]......<..k....I.y4.wm<..E....

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\dictWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):2782
      Entropy (8bit):7.624907951643991
      Encrypted:false
      SSDEEP:
      MD5:65132581AC7D633C0EECB4500C5EEDD6
      SHA1:401BCD0EF6E3FC7ADA27B2CD5949B42CA318E404
      SHA-256:7560BF3F1F857481878CFA74C1226CC1B8B0A95D36122CD3285280BCFBFEEBAE
      SHA-512:E0EDC6F5E791189B52F4D4F29245FA99CAD15B84728F7CDC12BD6AFC2F1E9DA708DB34523C6F43E9A08EA373263B5DF233F6C0D300C3E6DD40C105A26DE67B44
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1........K....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="adobe:docid:photoshop:5203ab09-0d30-11db-81e7-b56f382a9a25" xmpMM:DocumentID="xmp.did:DC7B040438E711E48AD9A09B54CC3D3D" xmpMM:InstanceID="xmp.iid:DC7B040338E711E48AD9A09B54CC3D3D" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:99FE5B46E538E4118A25980E67443CBA" stRef:documentID="adobe:docid:photoshop:5203ab09-0d30-11db-81e7-b56f382a9a25"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx..Y

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\dup-file.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 2 icons, 16x16, 8 bits/pixel, 16x16, 32 bits/pixel
      Category:dropped
      Size (bytes):2550
      Entropy (8bit):1.9571975370775705
      Encrypted:false
      SSDEEP:
      MD5:1C663BCA30F8AFDB5E62C5CB3E42F22E
      SHA1:529FE37DD9B8CD53AF14B47E2D0A206E8D27580A
      SHA-256:66CC0431F6FE2E10A1968F39198484D4C2CBAA464D353C599223238B4F8477E5
      SHA-512:5F891BDDA257280CF634EF7E2031DFB2CD8CDFF749BB74ACF0710B7FF64364AC1076959E2AA773081CD096A4F2958822FCE848030F9F524DE8A80AE9412CB2D1
      Malicious:false
      Reputation:low
      Preview:..............h...&......... .h.......(....... .........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eclipseWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):4155
      Entropy (8bit):7.872231281843906
      Encrypted:false
      SSDEEP:
      MD5:600387E176B5449A324353109DC6DD71
      SHA1:01AB4E93EF208E8F39FBCD98E4B8CA54D8F99ED9
      SHA-256:B76486625DDA5E7FE4C3E69645E4C8132A4373BCA3838747288849D255F3457B
      SHA-512:697FB0DDD7C6806993A7F4E04D80593AAF047E73430ADE5D6F762B539F4CC70D2ECA00B59CA1391BCFB038E7508A4B79251FA4070BC06271CF5E7B1938201B22
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE.........,"U...............=0v^..............!.L.$X?2{6*g...C5.]U~TLu,.^{u.%.P...p..bX.......V..z....g....%.R5'mE7.B4~......`U....w..*!S........)................4.n1'^...........................W..............D...?7g.........ICr7._........nm......gd.........^]....\`..9.}....IDATx....#!.E.z.!..R......m{w.=..[....N...j.l...~...(,@........?.. .{w=..B..)....q..j.1..))...}.g.....!..0a.....{...b.k.B.[...W.4f.>&.A.f...%...kOB...5...7l..].k.........=.kO.g.....^...Q.E..^.{......(....s.!6.X..V...F<..k..:7..@;...X.{....C...=.w..Cj.O.=.v?.x..K........d.....9.........P..].f....@...%..s..G.E+v....Z.;.;.o.......y7..N.X.2.^.-M2D...]..x.|o.....).....X.2...;.CZd..{.CQ..;.+.Se.x.s...)..p..3.).\...+.|....V.. .....p.)..&f{y.... C.....w.w.`...../..q.4..d..w......Z.` ....#..2$......w6....r..B....5.0..<.tN.E.h..&=.A.... G. ...V......2....>....w....3.appO.0%.....e/.t.;L..=..x.........d..}g.....m...w.......W..v

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):195
      Entropy (8bit):4.930296660967391
      Encrypted:false
      SSDEEP:
      MD5:3ED012B58CA7D72B12213CB41CA33AD3
      SHA1:88A0B0E54560DF54B0C4CD0998F1C77B38CFD9FE
      SHA-256:457E905B1C14F72BCEFBF822A4A4ECA1061D29A914A60E43548F42C422A87C34
      SHA-512:5940889E0A3B1AA95639F35C91D8EEBB94C87BA968AD4B9E73DC86A812731621FFF0C69DDF5D399A4892FE027ECB9769EB6EC7618EFF5ABAE9D95E2279DA81BC
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1503;}\viewkind4\uc1\pard\f0\fs20 Your license agreement should go here!\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_ca.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):214
      Entropy (8bit):4.955729341542897
      Encrypted:false
      SSDEEP:
      MD5:E56625055DC3EB37DE2F8822D2A7B6ED
      SHA1:DD19D03D5F55C2B3E239E73099C1E6AA6FE9F801
      SHA-256:A31447AD9D4EE43232D7065F09B21100660EEC5132B465669005A0567A04EA8A
      SHA-512:1C58C5877574D5B4BF481756C95A1B431138C4DB0C3E2EE0C24854F377EF8931DE454122E864612E8DF87AB7C84C6B96DA4371463356C5F4F5C48C60F1435D7F
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.21.2507;}\viewkind4\uc1\pard\f0\fs20 El seu acord de llic\'e8ncia hauria d'anar aqu\'ed!\par..\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_da.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):223
      Entropy (8bit):4.890195188774631
      Encrypted:false
      SSDEEP:
      MD5:76FF5CCBEBF40748518017FDD0B0C8E6
      SHA1:E9DEC757150D82AC585D4214D899F6FF6764AB61
      SHA-256:39EB2A3F5C525798128938A7EECBF256EF8A60302A13D7C4BDA0ACA2F126B38A
      SHA-512:7C2ECD2747584318786CDE9A3DD5FE75CCE2279B07FFAD032DBA84CEABF44BD5DDDFDE1103B4AD386282B576021E6351C73ABC7C0E416E73CE0E24CB4BAAC81A
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset0 Arial;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1030\f0\fs20 Din licensaftale skal v\'e6re her!\lang1033\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_el.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):318
      Entropy (8bit):4.716220957686457
      Encrypted:false
      SSDEEP:
      MD5:C36E81F8266C1B1D6CD328580BDFDA7E
      SHA1:B93DF14988DB3F6F7056BC4436AF45B59CB0E079
      SHA-256:8D2DF73B487AF31204E9C1235ED383F03EDFEFE3D0464ACED7A41FCBBC1461E8
      SHA-512:5409603FC7BB4EC848FA1DAF7BC28CE6223954D0552D363C5E3FBD6CF7DA9707179065540623E8AA1D1DA21E9DD149FDAA414475D2B6DDB70331C7036E79A97E
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset161{\*\fname Arial;}Arial Greek;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1033\f0\fs20\'c7 \'dc\'e4\'e5\'e9\'e1 \'f7\'f1\'de\'f3\'e7\'f2 \'f0\'f1\'dd\'f0\'e5\'e9 \'ed\'e1 \'ec\'f0\'e5\'e9 \'e5\'e4\'fe!\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_es.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):202
      Entropy (8bit):4.93090139711684
      Encrypted:false
      SSDEEP:
      MD5:9901B0373BEBB87B8AD4364F12DF26E5
      SHA1:FBF411A2FF97F915CC52E3953CC89FA2E63443D6
      SHA-256:C54E06648CF7B73D8FAEB2BD601E6C53144A982C131C084D6E463BCB8AF64D79
      SHA-512:6465EE931F6A2879E376E44D36574C368B1940D32829BE1FD5197FCC28B1C80157307869D221C20D1A0DCE7B4B58AA9E9D6EF8B095793C99EEE0153E9618FD5D
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs20\'a1Su acuerdo de licencia debe estar aqu\'ed!\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_fr.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252
      Category:dropped
      Size (bytes):181
      Entropy (8bit):4.9755986220572375
      Encrypted:false
      SSDEEP:
      MD5:7F7F96AA2EC7996CFF10BD1520B39144
      SHA1:FDC725D591E3FE20A5E8A9F7EF7227CD286DAA56
      SHA-256:382FDA44B8316D02DE8DEA70B41761452C29859609533DCF6818668C41893D7A
      SHA-512:C84AE662C2CAC800A08ACC29649482EBE442FC64221D6C7D55A7B417402842B174F5783FF745631629CC7368434CEFB2231FD0792A365447B7754F614AFDD75E
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0{\fonttbl{\f0\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1033\f0\fs20 Sp\'e9cifiez votre licence!\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_hu.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):274
      Entropy (8bit):5.062435402528508
      Encrypted:false
      SSDEEP:
      MD5:BC70383B287260CB65570A3538D2F608
      SHA1:C685D3EF7AAD0830ACDE67B2BA99D446FCC216C5
      SHA-256:552D10F1B66B4187D0D210CF8BF98DFEACFBBD4F6222DE06FAA71E4B85B0A9DE
      SHA-512:3BE9B34A9135D080E28FA91C0CEE61A8FAB581892ABD041180EBD853EE99EEFD4639613ADD773C6570F156FB5DC8F3DA4CCE68474AAFA78362D5A13E2C2A3179
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fcharset238{\*\fname Arial;}Arial CE;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.21.2507;}\viewkind4\uc1\pard\lang1038\f0\fs20 Az \'d6n Licensz Szerz\'f5d\'e9s\'e9nek helye.\lang1033\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_it.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):207
      Entropy (8bit):4.958537182932274
      Encrypted:false
      SSDEEP:
      MD5:5A806D45B6C3D49C3F425A06E34741A6
      SHA1:5710AE4F298BE1E9E72245FA03F4E27571E17FAE
      SHA-256:02A547D72345CFE000B84BA4CF26FA911B74DCC299CAB2677F796A3D5776756A
      SHA-512:2DE3AC50A6CEA985563D11123A254D2D60F88FD8207C1F880913C04AB8C7858CC36C7757C00CCF8362BD7AE916E0E45E4B9494D0BE7369968733B90DAA90B808
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs20 Il proprio accordo di licenza dovrebbe andare qui!\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_ja.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 932
      Category:dropped
      Size (bytes):366
      Entropy (8bit):4.727715082162701
      Encrypted:false
      SSDEEP:
      MD5:DA5BDBE84886A3E3CB50A0BB23FC05FD
      SHA1:6F444563E7E3CB2BBD73B4943FA9213794AAD9DC
      SHA-256:0DCE05CEEE2DCF058A88E8FB86A6F103D52C5F738DE3C325BAF9042C1CC21B5D
      SHA-512:C2A6566FEC37EA8F55962D9D5970A401BB43E98281DBE76AC1F10A5009A9410AF3AEA101D4633576A50561A312763958B2DF443DBE571613350C645FF75A4DE4
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg932\deff0{\fonttbl{\f0\froman\fprq1\fcharset128 MS PGothic;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1041\f0\fs20\'82\'a0\'82\'c8\'82\'bd\'82\'cc\'83\'89\'83\'43\'83\'5a\'83\'93\'83\'58\'8e\'f3\'91\'f8\'8c\'5f\'96\'f1\'82\'b1\'82\'b1\'82\'c9\'82\'ab\'82\'dc\'82\'b7\'81\'49\lang1033\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_nb.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):220
      Entropy (8bit):4.864784053961182
      Encrypted:false
      SSDEEP:
      MD5:ECBDE2976273A0A794F0A3E8F28AA6E5
      SHA1:555A06BA616440EAAC544BF8A4AB51E89D0EABB1
      SHA-256:0850BC710CC00264EC0010C0294EFC988B85C1D59D4AED5265F0414C93242442
      SHA-512:DE90BB4307217DBC2FA45222DD0015373009B1D5589CC44B7DD3AFD5ED380A8B337568CE379E107E5E95C1E6773E620BB47680EA97B9A584D994F3ACEC4C2951
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset0 Arial;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1044\f0\fs20 Lisensavtalen din skal inn her!\lang1033\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_nl.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):196
      Entropy (8bit):4.957273319262432
      Encrypted:false
      SSDEEP:
      MD5:F4055B0800A541408EBB3C7A2ED5434A
      SHA1:734CCD0E9BB954CCF66B05D47AF11B9B9090CD62
      SHA-256:4E249DA1F3FF07ECD2F905D74D6A76E2F3400F7B9DBD12190C3E05DEF1C40102
      SHA-512:8C3CAA1BC33444BD2BDBA95F1C6F885A129251CA15A8BF793F16E8FBDE0D7E05B4BB42399217ECA56EBB3195596F51516FA5645C43002C4470FDCFBE30E3A3A9
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs20 Uw licentieovereenkomt moet hier komen!\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_pl.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):251
      Entropy (8bit):5.076813271614201
      Encrypted:false
      SSDEEP:
      MD5:AD16F363A2EF9508AFDA28C6F1685D7F
      SHA1:6B2243D522AF4DC0F1DC89BCE7D74FE1E4025B5B
      SHA-256:43A510A1358104F76439605DF9F1985DCADFC5631AC096D670958056BFBBF995
      SHA-512:7F185A893A5B7A885A44C3D4F5AD871F376331EB3624C6F01FFCC2943B87E6275F9E7B93CF26053C1A3282465561710853022C355AD244DD3E88C5255FDA7274
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fcharset0 Arial;}{\f1\fswiss\fcharset238{\*\fname Arial;}Arial CE;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1033\f0\fs20 Podaj tre\lang1038\f1\'9c\'e6 Umowy Licencyjnej\lang1033\f0\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sr_SP_Cyrillic.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252
      Category:dropped
      Size (bytes):478
      Entropy (8bit):4.579516464333838
      Encrypted:false
      SSDEEP:
      MD5:2D0F7AF8998DC92D18E4A95CC4AA5B79
      SHA1:3829022E5CF876B8B0D354B53EC57A8B9B38EC7A
      SHA-256:58B8F4F0E071239AB5D333980240BB1FFC2C3A8834599783E0077A078009E96F
      SHA-512:E0192B0F5EFEC8BB8FE7BB8FC1231DE3A0F6BB4C71C96AD989948E85CEBA3CD08FDBC66CCE06D7D32471F5898259E413BCB5A0A04C1FC1056305ECFFE583430E
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset204{\*\fname Arial;}Arial CYR;}{\f1\fswiss\fprq2\fcharset0 Arial;}{\f2\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.21.2507;}\viewkind4\uc1\pard\lang3098\f0\fs20\'ce\'e2\'e4\'e5\lang1033\f1 \f0\'e1\'e8\f1 \f0\'f2\'f0\'e0\'e1\'e0\'eb\'ee\f1 \f0\'e4\'e0\f1 \f0\'e1\'f3\'e4\'e5\f1 \f0\'e2\'e0\'f8\f1 \f0\'d1\'ef\'ee\'f0\'e0\'e7\'f3\'ec\f1 \f0\'ee\f1 \f0\'eb\'e8\'f6\'e5\'ed\'f6\'e8\f1 !\f2\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_sv.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):235
      Entropy (8bit):4.878967977627496
      Encrypted:false
      SSDEEP:
      MD5:68B9B4BD5BCA9A284070C9F06E1DBE53
      SHA1:D7A6DD0E5D2058BDCA23FA7B6979C9F32A8CE034
      SHA-256:6C30A834AF28198C91EC1E80B6244C3282DCD5FDCAC435FBD95C5CB6B1B57FFD
      SHA-512:125761F6B32BC7B10E4D0EB783164BC282615EBF764C1C0B96816F986CAB17E05B1EFE2EB49CCE15AA8E156C02C43E27B32429DB7A08F445A95DEC850A34D8BC
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset0 Arial;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\nowidctlpar\lang1053\f0\fs20 Licensavtalet ska placeras h\'e4r.\lang1033\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_tr.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):254
      Entropy (8bit):5.007182142814307
      Encrypted:false
      SSDEEP:
      MD5:5B769F576FCF519F8A2EA289C08FC5B1
      SHA1:DCC16CDC3F379D3DB1200AF7EC7F9C1BD4E10898
      SHA-256:D056708C85254EAA347E55274DF610328054BA2B226BDA6D81B1C7C129B46080
      SHA-512:E8A505ABB3F6E47EFACB38669131A6C7C7497942B23F5699822A40435A9E192388A5FDF3E1E1C8EE79AFA67939A9250253DD8B69EFC7563AA95B4B3394CD9A0C
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset162{\*\fname Arial;}Arial TUR;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1055\f0\fs20 Lisans s\'f6zle\'femeniz burada yer alacak.\lang1033\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eula_uk.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):327
      Entropy (8bit):4.7712284419340145
      Encrypted:false
      SSDEEP:
      MD5:CFAD8EBA3110C95602B3EFEC976D6DC8
      SHA1:2F532F6508957E4D048DCF9615589BD7632C891E
      SHA-256:276C1B3BB345B5617098C00EFAAA0A7E3A270B5C46B57456DDBBE036EF581E10
      SHA-512:A4FC91BFE60EBB3DC664624274CAC9947574C28E3F28984F87C6C927807055917B1D6C8DF09054C58748FF633A1D2B3DE0E62B2B33AD48C101963A200D372B18
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fcharset204{\*\fname Arial;}Arial CYR;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1049\f0\fs20\'d2\'f3\'f2 \'ec\'e0\'ba \'e1\'f3\'f2\'e8 \'e2\'e0\'f8\'e0 \'cb\'b3\'f6\'e5\'ed\'e7\'b3\'e9\'ed\'e0 \'d3\'e3\'ee\'e4\'e0\lang1033\f1 !\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\eventsWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):2211
      Entropy (8bit):7.671636444038358
      Encrypted:false
      SSDEEP:
      MD5:E54B6D50D9FC316A177DA04CBAB193B4
      SHA1:6EE60C5F892D66494CF06F9D3D9FA0A17A38FD9D
      SHA-256:457E1FFDA7E8A36668C1DCBA827A767846FF410E295574FFEF90E934B591ABEF
      SHA-512:AED65B1E076D2FAD91E4B21E5A3F5F95A13FB64FED5EA07BB32F0A2A20F98C39E6E3104DC94B7843DF30F3A2603D3DDACD0BF763E409639B6E32EF737EFE5B62
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......lPLTE...c........b.....G.....Q..............Z..P......*i....l..x.&a........:u....E}.......S..v......V..u.rm....IDATx....iCA...Y|p..;..@.......s..>M.....;..;..;..{.Y`..........=.,0........w..tGwtGwtGwt.;....;..;..;.........................qg.AwtGwtGw.%A..M.7...<0....{..M.7..{..M.7..{..M.7..{..M.7..{....^2\M.&.to.I.&.......DwtGw...to.I.&.to.I.&.to....m.HwtGw...to.I.&.to.I.&.M..{w..$..a8/*.&$. .:........$.R.<........(y....iB.4..M.S.}=....O....[.uiL..h.@.. ..n..^1..Gt?....lC.....@6c.3+..t?..c[f.e+Jt?.K.Z.*s.H.dSM.B....g.^eWZ.j*.nxs.W..P.%.G..b.....\-...A..m...R.[.*1e.V.{.6.p.5{3...x...9.G..z~..:fQ..y....U.1.R..J_.{.h...Nr`........F....]hvc.4..........5.;..E754..{1(s}.G...k..).....X..S.t..v..do.%|.,.......+A.......@..m..o..5.Z.y..1.^../...l...=.{.V..KP...{.:.d.e. b........^...A......s....:......y].._a.v.u...f}.....c.ochmZ.i]..=.....^........+......Le.M{.\...c.....B...a}o.....s..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\featWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):19491
      Entropy (8bit):7.971673321411428
      Encrypted:false
      SSDEEP:
      MD5:649C88D32F8BA47651563CB22604EE21
      SHA1:6315EE2F24A322D7859567211F0D6F1C04C7C39A
      SHA-256:FAC0FF1F49A7FD0714BBA49FED1BC0D697F72FA0A3EF24F40BC551F003073D22
      SHA-512:FCCCB06E94ECED2E08D911C76C74BCFD278B45EE3184D2DE913F9E751526BDDD32F9C51F6FBD9C1711363A634EAB1750382AC4BC4E10BACDB1A94AB5E281F7EF
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE........Y....+................w.....{..(.~...T....*...........%..p.<.8.K.B.[........H..x.R..X.....f..p........;............x.....j....K<IDATx...K.mK....."D..:5.3.A....z.KH.....J.T...,..o.L`..Q-D..U.H....9....#B..7t.;2....:.tr.....S2...>.3.C.9y^.....1."..Y$ev.C. .P..3.f.}..........P{.<m..M(.M...6..q.....i.(..._a......$tT3..r....6..L6....d..(.`EiT.E.^NnY.Y....VE=}.....w.Nbc.W.....~r..[....v2;y-.[.1....=..V..If$ib.....J...{Kd.Bq.RT5.(.u..$..!..|.de.rd..>~\.Z[.2..a7.R.........D6'E..B.....oF.p.,..8.0..i..^.U..V.....D...A.'._.......P. ... .UIu.t.....lg.......{-E..m/%......S..r5Q.t..LH..Y...|.._ .B....P..Hm......D~.>..W..}..4A'.Q......s..]....P.@nIs. Z.FB...r.>~..+.D.X.Ug..hS...Jd...V.........V..tsf+#...f4..J.s....$).7....f.....".[...... ....\.Z;.=D].R...`.{......f5.#T...C..G.rKYU.B...*D....q..OI4..3.....:.%.......y=i...X.....98:.XghsNv..$.?..\CS.....C.............G......uN.fT..s...>..FuK

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\html-host.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):11202
      Entropy (8bit):5.3470967115559125
      Encrypted:false
      SSDEEP:
      MD5:85D2E15DA9AB0DCBB19CF6EE32E4413E
      SHA1:1D7844E9C2D4547D7784A7660642986DDE882D3F
      SHA-256:FF653669AB1431F54D6E288C1E5BAFBBDD1A805FB28FF90FED2A417248C8C19A
      SHA-512:476AAD1988FA05743CA3890BE6B43A37A5E5D4AF36A140F40564AD4C848D2E45F33A6A1AD7554F465A7F1A123D453651DED5A7A37665824F478B56F235D1CBE4
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X.............|..................................................................!1A..Qa2..q.."B..RbC.#....3s$4%.....c...............................?....`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.`.`f.f.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\innoWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1566
      Entropy (8bit):7.8127368769006855
      Encrypted:false
      SSDEEP:
      MD5:07681B895A66DA04D401CC17E12FBF6E
      SHA1:78B949BA10CF02B226374628B7FE8F0E10624011
      SHA-256:9F11C54D87A42477437E1D9E652BF21FB2325020D37E3080A98412C4EA67C5C6
      SHA-512:2FA0B438D7A300082F7A362F39AF987C090FA47390219B4CDEB019363B0EA923C412724F63DFB0B013CFB300F4569E5CFE95903F2AA5ACCE145C85D86A3D5E61
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....gPLTE.........]...?j............;..+..V..c..L......_..*d..........s.....`.....Y..Q..G..A..p..$...u.......~........H...q............h..a..9..8..y...S..Gr.................................k..2../...k.Au..b."a..Z..U}.Bm...............z................T.....u..a..|..n..z..t..)..,w..t.'k.._..P}.Lv.....................|.......e..t..d........B..~..,..%..6..*|..Y..^..Nz.Lw.Iu..............P..e......M..j..F..6..`..P..m..h..=..X...w.4|.1k.,p.!e..^.............{......................m...................u......z..u......C....`..[..X..k....V..R..;..E|.L..\..D..:r.P..&w.9q.$o.$l.&`.8n.8.~....rIDATH...W[.P..p .$....... XE.Eiq!.....[[...v.{....j.........".....9...*..C6.B.`.+8.m...:..-.."..3..l`...1{z.......SX........mH.-.....;./$...E....TV9..s.<A_....I.RYP0'Mau.....s..[....+....pW..GmU.j...!`WEjH.wiXh\h.RnPH..j0.g/..Q./6B&9...&L"..-.8F....Q...Arx.'..d,.....8...........B%..v5+.3......u.JJ.{#....N.....5..."

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\launchcondWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):2285
      Entropy (8bit):7.6253817380850135
      Encrypted:false
      SSDEEP:
      MD5:9CC03DE83260893376013A4B415EEB39
      SHA1:99DA7A45EF7B6F2E83B6CEBF10C9822E996F26A8
      SHA-256:B626684ACD96EE56512007519FDD8BE4DADFB09C1B3643CC6ECABDA8C5C15992
      SHA-512:35DC64B08CA67E17B9EC43BCB4CAA603E21F81DCAE1821C543B48B52752739A96460D8324C61BA8776D4C26EB121C08CC8224258B12BB87561FAD25A73A933EF
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......ZPLTE......^..^..u..a..c.....{....w..a..j..d..^.....o..s....$,~._..[..........oq.?D.....@....NIDATx...Aj.0..Q)..3.t....l.(.......,.z....=TO...........=\O...........=\O...........=\O...........=\O...........=\O...........=\O...........=\O...........=\O....?..:..w....S,..../..j......q...WQOv..M...z..{.?........g......~~.._E.......}...F..p./C.L.g2.3..3..3.I.L.{&.|&.{&.3..|.d...~.{&.3......t.{&.=.}>..=..t.d.g..gr.g.=....L..L..L.g.=....>...:.m...(J.u.Hu.M@...Y..=... ..=..Mw .........}^...&.k..&.&.yM.......5q.k..&.kb.kb...........}^...&.k..&.&.yM........y..;.|....=.@w..F.......`o..kH..l.T..|X7... .=y.cx9.v.{">.4....nt....tO.#......Ix..u..<.1...T...1+.s...S...u..t..G.-Z..+..a.h...t.O...m....o.C.1...K.V/..nt......E.......:?.T...k...`..Y..$0.5)T....U....|,...y..g.&...r^_.....]............7.e.}W...k..O...}....-..F...c..'....S5....-...J..~3....}S.._....?t...].......oct/....|t/.......E......%.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\library-file.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 3 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel
      Category:dropped
      Size (bytes):2862
      Entropy (8bit):4.176762011584118
      Encrypted:false
      SSDEEP:
      MD5:FC3EEDD108054C1F1EBAC9E7F2FBF87B
      SHA1:C09736950A86F11FEB7EB4F1D7A3E14E06B30E28
      SHA-256:E3F51638ACD538ED585919BBB3F3BA4FDC45FA8F3FDBD7677DC9A8DD8195FA59
      SHA-512:419E065A85A1BA941A4A4AAB7B80ADAA1D036EA4FF332C36605EAC3CAADA372AF41F871E28A31BDE9E2EF7259785C8B21ECAD0D3952417D31632EC4141AD50B2
      Malicious:false
      Reputation:low
      Preview:..............(...6...........h...^......... .h.......(....... ...............................................................................................ffffff..o.....fgo.......o.......o.......o.......o.......o.......ffffff.......................x.v................................................................................................(....... ....................................g...f...g...i...a...m...q...v...{...............'..-../..7..>..?...F..G..F..K..W..X..T.._..N..M..V.._..[..]..d...|...a...d...j...w...u...z...q...t...w...z...~...|..................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\licensing-watermark.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 164x314, components 3
      Category:dropped
      Size (bytes):15597
      Entropy (8bit):7.926790234870291
      Encrypted:false
      SSDEEP:
      MD5:A3DB49FE715DC2A1CFA8A91BACE399F7
      SHA1:FCA0E43704A4AC38165B174DB2C939E3D6DB9126
      SHA-256:89B9A8D3B75995C9C7786F0D9E3B9E1A9F78547AFE9197711BF815EFE6847BAA
      SHA-512:678433AD4937929B2C792687AD05584FAE30CEF824B88AAC41D26FB182E3B38901297AEFC8193ED6B43511438B0FC3F65F67DC251F8B387B825C279D662A8325
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......d......Adobe.d.................................................................................................................................................:.....................................................................................................!1.....AQa."2b.V..X.....r4q..BW.R#356T7..8.........................!1..A.Qaq."....U...2BS..T.....R#...br.3...Ccs.4t....567............?....UEP..............................................................................................................................................................................................................................................................................................]}..3=..?%..,s+.m...p..K.....7.....Pe8.....$)*"2.5U..7K.6N....7P...'....i..4p . ..`m....Y...k.X.R*.H.T.EA"..:.T.os>W[...>.f.7n..G.z..3q..).H..q.'%&.}).9...i.x......%*........f..gq...".<pH...m...H...V.`.3..f.)."..v.xjX..O...B.....k.Z...)O.....

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\mediaWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 2-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):169
      Entropy (8bit):6.071667479933062
      Encrypted:false
      SSDEEP:
      MD5:1412A33E4419F737DC01F3C3D7E6A36C
      SHA1:89072FC7C997BAFD18874A5FDE5EDFC7C8155B35
      SHA-256:EAE4AD0FF4FA26B88AFE9CBA2390B4522E31C298787AFA7F29D822D825E8BF9C
      SHA-512:CB90AD78B63DDDE9FA6C0712A2F174ECA37B5C86338D0A60CBD33B1A6C99DC9BE63816FCC7499275F222F553240C122AC7C4DE1CE429CA931C3DF15043A46D40
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1...........PLTE..Y....w.3.0....[IDAT(.c.E..h..U.V-E....TI.e.u#x...L...n......Z..+!...................@9z.0....u'}y.n..".....D.].....IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\mediaWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 4-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):3832
      Entropy (8bit):7.895821570517996
      Encrypted:false
      SSDEEP:
      MD5:A6ADD16D896AC957FD49958597C36BBE
      SHA1:C13EC7F9234C6CA81A1EC8BD444B5C32E3F84539
      SHA-256:6EA1099E4A7F3FC932B7C1BB177E4509BA943D2240A99560E4C566B99F919A9D
      SHA-512:F0991ED317CE8D211E466486D2B537E66108835688F4C6BD7CDFB724A27E3081AF9F7550ABED3935BDCF99C4E35FAA2FDECF47010A138FB97ED2FDF352FFEC24
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:......-.~....PLTE...c....U..T....T.w.....S..ag..a....IDATx...A.....!+..%.....}7...................................................................A..K....B0..h..A..!s....>d.M...$.9..]...Y-.X./|.._....../|.J._....../|............}.w...y.k.._k.>.....?.u.._.._ud.../~...;...h-....@Xw.R.;A..w............n..OYH......i%.w..t..=3.|7.....O..kp4.3&.k*.~......6....N......z...L..?9gPL..h.hoa...,."@.pK6... ...W.|x..[@.g.i..n..V.A.e./.0.0.D........L._..m.=[.3.~<.P.o..d..v6^.......8.l.h.0&..6.i./*...|.._..........a0...2..gP....n!.k..z7.}C..7.......q..G.$..3..I&~.'~.'~.'~.'~.'~.'~.'.R...(.[....m...V~..oy{.{.;>.0.5....#....s.[...Hc........|..s....l.^^...U.k <MK.00N;....,..0...=..7..5.>..j..Gz.../xOu....%......8.....JH2D...Hc...Z.......@....aW...k......0..Yi.ae.P........hBu...eY.(..."-i;......Px.....n.q.k..d...=.H.:..cVV.K...m0...F.h=.."..$C..k.).....6F...{..7........w.z.#....e].Y.5....B..\.........S..|..........}..z/.......zo..lG..8.n<.?

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\mixed32-64WizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):3271
      Entropy (8bit):7.7790375828683835
      Encrypted:false
      SSDEEP:
      MD5:33320F11099AF77B11A43B4BCD1560BC
      SHA1:DFFBD3247341BCEDBE6D3D91DB4F2120FA3E628B
      SHA-256:441D3EEEC0C155EFF65775994D35AAD79AEFBB0E4C1602EE2CC85E2566BCBB32
      SHA-512:72E27F4866D3311D578EB817A1F42B274654833D0033559C30BB2BFD0536897E572DB51EA44F264C450942CB0063790CF83E8C2FA62E1ACF89D29ABE4421F7F9
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......rPLTE...c...........\.E...`..J}....\....P..Y..U.....................................z.......p.....o.............C....IDATx.....0.Fa.....6. S..._c-7...d..B..L.dfs./.....|........t..Aw..t........t..Aw..t........t..Aw..t........t..Aw..t......\.{t...A{.Z.....5.;....5.W@?.m.m..K...s.-y.bG.*.c.N.Q...$..-...uEX...e..{............uU...O.^.:k...5.Ky./#....ulH.{..F.m)....cz...W.._....R.....#8..w.O.....?....3.WBo...... t..u.=.{-.Z..1......n..t..N..q..3...>..].M.j.D..sg....Oc.....nJ?G.2........S>..+....Z.{Et.../.$.9...../@gz;...=..3.M....5.{}t"%....u.W/...G..;.1.......z."z.qP7...y.;....+.Wr.M.as^.....;.rP.....,7.{E.Z../../..Z."z./].O.?..t..^.7sI,....E..^.U...;.....;..8U....."...m.{.~.]...^.....m.{...&....m.{...&....m.{...&....m"B...&....m.{...........;.....;......m.nw.{I...t.A...t...vwzr7.tsZ8._.......W.#......Z..~....i..hn..k2...}...~.........In.z..2..{.4.Oz..\.kZ...|...{..y.'A...G.CY.K....s...E.....>

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\msiImportWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):15070
      Entropy (8bit):7.963914224617389
      Encrypted:false
      SSDEEP:
      MD5:01F16EF7B8B28C5227DF9FE031293CA0
      SHA1:793DF15B25EAEE4C6A52FD21A36F14AF6615FF5E
      SHA-256:C48647710052C037CB441B27A4BD55E06E2904391A115670D1B403A37E32CC65
      SHA-512:EBB4B5A3EA617CD3AAE005784258E98FBDEC0CBCC62EDC837693C86EC5BDB98A0F13F8006E8F4A2C9DDB363EE9D4414C790F8DF87C5B5D4B18E2BFCC70D7D87E
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE..............^..^..........u..a.....b............N..k...{..p..u..l...F........e.....X..........t/....v^.Q...n5.....w......r.x....:.IDATx...A.l1.C...a0..j.....-t....!C.`....E..k...=..Xd...Q....M~.Fn..a..ta7..9.Wf.3.v..+Q.+._c..\{.t...?.....B.X.....w<....#.*..PDl .I.e.l..G3H..EVG\..Q..E*..wS...?gk.B.9OF7.33.........{g<.w. ....P...T....H......@d.jhV0"E..7..P.3A..e?.....J...[bW.....SD.$r# ....6...EH....&..."A..@.z...Sh.....V...1.h....Q.v......L.+.[.. .;&..TEC:cQH+oI.".t..,...[b..............IA<w.A].]..a5.f...%J`..........6.Y..'..4...........>..;.}....>..J...h.YX......m.E.9~..E..P...6."....,P......XB..0...s..D.......-....U.G....v..c...b...U.....c9...e#CV*.......j.7...?g...;...:F.j....J.]cm...X..vW..X...(....C..I...F#%.d...b...`.&..M.. !.A......(7.S{k.`@....c:..b[6..X.z..-,I...;......|.6.@....6`..G;.D1.......).r...T...4....H...]l.<()..-.....w........Y{..$.a;L.#o..0..0.6N,.<.Ee....".7.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\msmProjWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):14847
      Entropy (8bit):7.958056520496433
      Encrypted:false
      SSDEEP:
      MD5:94E1133D200D2AFFC616DD93462CAD2F
      SHA1:93C391538F32A509E59C6D9E1706A9F784CE9DEC
      SHA-256:B3AC46DCEF5F68E3E1A09FBD37CB2A319D0BDE6F54D8BF2E95D7599D52D91F0C
      SHA-512:F4126F6B94C3A7ECF55798350F94007C4E50D93878393C6FCFA8979E7315679DE5AA22A35B6166678BE55E7A10429313BBE3FF642C62180EC171C566A270CAF3
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE................mm..V......}..y.<...........................|................n.......v...Y...........M..............f."....O......G................b......>.....9.IDATx...A.......\.t.._VT...n.T....R..\..".cw....|>...'.{....^...u......q%...).I{....k...G.nP.Tq....No.\..q(....`...$.*.)...FL.s.@.......*.>X.J....2....Z..........'.X!q...|m2% \W...V(......R.U.+...M...\..pO..\....L..W..9.|Ub.2..4tO!..{...Tr.."..2....p..|r=((.c....s..i...&..n.m..(.K.....s.4...{..8,7...\...D..a...K..;\..O...#.....x..}.w...0b.vY...&l:6..F(...n|~.Op.O..6{.._6p.ZH..p.6..........?....,>..J.`N...t...)l+..c.....|.|.....;...u........$....l...(........z.W.....It...S.t....ks...c.`.Q..b ...:.........v./P.L......R.1...G'.)z;;....5.E..TG..]..!.0wo.K...S.. ........u..n.p......c..w...~.{O.$Tb...|z..}....Y...:>Ri..P..y..0.....g*.Q+H.=..0j.b.u>..d.....#..:.....`...!!....G.6o?....$..........:7AB...8...J[<..>.=.Xu.9MG.F.....@?y.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\no-thumb.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 256 x 256, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):4195
      Entropy (8bit):7.880042557570241
      Encrypted:false
      SSDEEP:
      MD5:E6D285551A7F707076D4417996008F23
      SHA1:C9080A2A62C913A72A3AC41E045211906F3DBEF2
      SHA-256:62C3C9B07FB7A6134FE5C2D0C9F2A675F440C963C4A7846468AE10A549AE5F44
      SHA-512:2CA663FB0653342B8893ACE02BEF9E03536C88DE01116554652A6D2ED9333AA1309AA6B03EBC1510080A70A4C8A42394C0D4513E081645C497FDB6A9A95A7F1B
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............k.XT...hPLTE.....YZ....H.w....&.e..D.).J. .....8.....S.u...0......f...!.....................................................N.....v....V_......$.......................!....D......1............m.../........t.:..A..!....G..~.{.....................e.(....y......o.j.i..[..[.....^.5..a.>..2..........}..i.......E...C....g.K...{%..#.....IDATx...W.a..o...aQ.Es.$.6..M$#K.\p-..f..?.f.L.8..%..../.....>.......p8.....p8.....p..n....~5CW.......C.bz.......Zs..]A>.qCA... .!..W1....0.p..p.\.......L....... `.%.......?r.\....p....../.....V@....Jt.L..(l.....#..u.0..\s....\............3.+...........j.....M$..FWF..A@..s..&&.^.b..q..)_4:..xb!.n(.....Q./.p8.....u.5.O.$w..NzFFG...q..........W.......!`...m...DN.....j..W.\~u......B........8..Q.1.f.....'...=6D@.v..p.m...97@...d.Z<...3^./...[...,.....t.86}.@.u..,BoY...j...b[.%`<....S....@..,.=............G..SC....d8..N %X.%...w.....A|..h..f....@I.}.C.....9....WG@+..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\officeAddInWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):378
      Entropy (8bit):7.275543417740139
      Encrypted:false
      SSDEEP:
      MD5:7C8265E5628117C876821410F7FF0346
      SHA1:8A3C7E508FD16F7F4E5CFA4249E9998EC72F0797
      SHA-256:931035CAEE984A9B4B332F04C7EB993D2907132FE7F62117520905557D0147FF
      SHA-512:C7C6E78485872C93D44D81BBF8A792D4DD356BE2A804790CC1CCFF2D683CF3701986D9C7E96AA36AEC547EB2872B4F02A46F8D39E511FBF61C1AFA4FABB61576
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....cPLTE....:.c..\.E..........n..........~X.rI.X&..............._.c5.S .J..>.....D......|.k@f..{..[N.E.......IDATH...... .@.G......._i.F.l.M]....N ,.l......\.a...8.i...s.X....R4....U.q]._w...W..hF...Hg."-..E.g.....<%.}.&.i.3..X@.....3.*tZ.[..JQS.Jt....R..V...,.LI.&$.x.-..I|4.......a)L..b....5..%&..9....W1..v..l..........IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\officeAddInWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):10744
      Entropy (8bit):7.954047592380856
      Encrypted:false
      SSDEEP:
      MD5:3238A2E3B1F9A8D59440859C100D5C89
      SHA1:BDC0A8DAFFEE080A90BB4CF7D9EB4C34C27BE499
      SHA-256:87E5A866DB57EF9D05094BE9A040808D3AD3C36292D61717C957EBBCC8347486
      SHA-512:E3F1B4DD378E561339A3124198346C7AE527D980E1ADD963E3CA511BD9125BB0240BD439B4DA156B2E34157B1BD246BFCB2D9B7C99373F3ED89B44617480B3E4
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......]PLTE....:.............c........\.E..............................l.]........tK.J............~.F.@..)VIDATx...1.PQ..PIr..w....\.v.v..p.(:\2.E.QAg.o..}.j.j.tig#z..w.....-....?i:.i.J?|.?M....Q>..5....I!.U...N....pO...Z.=CY...!.u..1B.C....u..c.V...*.u..Uk.{.U....\.6.........M...7.|4..*............]g.....[.x..j.n.j...l....z.Ql,.!z(..n........|........<@......c.....k.P....\<......N.Z.A]'...z.#.-j.......N.JC.R.?.I0o.w.}.-)NhW.".A8..?i.p.^.CK..=..gE'...|.......x?+......A..M.b.......}.....z>...h!....:..@.C.R?......a..l.....nZ..}.....A.6.v..'..=.......&...].\..........5...?...]....l....V5...!..1.Su...\.6.....=...:8.+....$.6.....)!..;M....bS7........+Z..0..Y.B....v{a..#.V...+W8......6......<0.4....v*....^...n.y] ..v?m............t6..k............Q..V,....+.[#h............gm..o..qv82.7b..`.......5..^......j:.x.IsA.X5u.n...;V...rV..N.q.....=XS ~.....D....M..E.U.`..C.S..VAUc^Fy..d|.MY.q......m.?......f5).L{....C0_.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\overlay-delete.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 3 icons, 24x24, 8 bits/pixel, 16x16, 8 bits/pixel
      Category:dropped
      Size (bytes):4302
      Entropy (8bit):2.0242944184232825
      Encrypted:false
      SSDEEP:
      MD5:358F87FC39687CF24C6516AB6952B6AE
      SHA1:495EB03532B4A2685FC27E34DF39E6BC70110352
      SHA-256:85B6ED9C5DAB576627DC27AD3735AD9ADDA13DD43885B5736D1DD3D07A33EAB4
      SHA-512:C7EED9D3D42B2F2F10FBD00CC888C21E777CC23806037F5461415CF56CFAFB421A80813201A1D5E86642294BB70741C777D05F71E0FED0A3DAFD36B5B8034722
      Malicious:false
      Reputation:low
      Preview:..................6...........h............. .h...f...(.......0...........@...........................................................................................)-..;;..<<...................................................!...$..."...,...3...4..&+..',..,1..(0../6..38..#5..,:..*;..,=..#6..)<..*=..>A..;H..6H..>Q..WW..NP..RT..MW..HX..L\..N`..Ra..Yi..\k..dd..ii..oo..kl..qq..uw..sw..{...aj..fm..fs..bp..ly..t{..w.......w...x.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\overlay-nosync.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
      Category:dropped
      Size (bytes):1150
      Entropy (8bit):2.147238437465848
      Encrypted:false
      SSDEEP:
      MD5:CF782D5A997E76E58916DD1C6C07028C
      SHA1:343D26976B5FE0CED6762447D118BECF632715EE
      SHA-256:9A48A658E9892062C1DC68EEBDBD8E0750FD5CFD95EFEB0663B90A4B0314C173
      SHA-512:E80A84C05FDA34678C1F14D21BC7C964455F1178B3C8A0F2B67FC573719AE9AA8161630B553CDCD9136EDE4A85D809C9F9D52ECE8B92E112C965EC03AD539B0F
      Malicious:false
      Reputation:low
      Preview:............ .h.......(....... ..... .....@...........................................................................................................................................................................................--..............................................................................................................................//..................................................................DD..............................................................~~..KK..............................................KK..............II..................................................OO..--..OO............................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\overlay-sync.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
      Category:dropped
      Size (bytes):1150
      Entropy (8bit):2.428404162375153
      Encrypted:false
      SSDEEP:
      MD5:644EC082A2390A8B5AA688EC54AE9487
      SHA1:52C4DCEF88F406E54F913494925CC12CDB78057B
      SHA-256:2B1503D474C601868A0D6035574B1A5B7B23D463E7B083D41DC3804F2B124CC6
      SHA-512:99915F76118B0082882F4AD26DD2F353070C2B1DE38B44EF1DFAB1F59A12BFC23892932EFFA1F0B3F4BEE49756504BDE732511966ED0EF5A65B30B4B0F9F8E00
      Malicious:false
      Reputation:low
      Preview:............ .h.......(....... ..... .....@.............................................................................................................................................................................K...K...K...K......................................................K...K...K......................................................K...K...K..............w.......................................O.......K......b......e.....................................$.d..............b..b..b.....................................x...............b..b..b.........................................|...........b..b..b..b...............................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\patchwizbanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):825
      Entropy (8bit):7.703499442821986
      Encrypted:false
      SSDEEP:
      MD5:3097D4BC63D456F536A68DE3658DA518
      SHA1:017FFD72244AFE0445D0409576A31B0B66AB5F2C
      SHA-256:7DA74CFA5090AADEB965B8F1C5D76E69CAFE4B9F08A81E74FEF45377428B4818
      SHA-512:5147E31708F8F3EDFC432384BA361E27C8DBD9CFA50F06BE790CC025A0332804C7973AD4D9EEA27EE4837421015FD8A525DF2C74AD1D7CBB6599162F866553E6
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB...../PLTE...X..|..c....Y.m.z..[..k.....o..f........k..^..b..s..........w..u..r..h....Y...{...s......b..`.3....................................x..k.C.;.,.%.q..............}.....z....x..........}..w..r..h..S..N..C......................m..g....o........u..}.s~.l..P..N.{N.|8.{3.|..z..lO....IDATH...R.@....!&.Ih.....]..{/...n....;.p.7....e....f.?...:.....M..S......+)..J+..K.XW..s.2.l)..t|..Q.z...f..F.|...`@...x.!n3...X.Xq.y.^..qC..U.U.4tF-.:.AjX........Hi...H.d..F".!.f.....~..0.5 ....[Pb7....K.*......zA...w.D..1.D3\....Ao...u...@...../.5...5..Qyae..T....O..x.U....Z...9.2..X.................s....r......QIuM...x.....>..|.0..9.....e_..m...X.#....m.. .).}A..~.d.6..igo.w..6i......I....,...0.e'.....!......(L...?......>C...7.6..(l.....IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\pathvarsWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):3893
      Entropy (8bit):7.778305817605442
      Encrypted:false
      SSDEEP:
      MD5:7ED4A17834D0857C0A7005E7D94EB8BA
      SHA1:E391DA24247C4C8F80CFE612F500CFE8B95438D0
      SHA-256:7249C562A717B24B00EB890C41CF711B0E8FCEDC38FD56E4C407A7C0A6CE12BC
      SHA-512:E498A5AA4D449FCC4CEDFA973480976B7DA142ACC11D91171F98F6E62BEEF799AC0076580D091B71B252686772F1D404370961060E4A2CDB83015F299A76EDE7
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE...Z..^..^....N..{u..a.....&f........w.E.......K.-........(c..L..{.{.{*.y.....}......p..G.I.F......Q.........@..........>......U........n...t.........v...5...j.......}.. ]..l......`j..^......wf........].l7v..`.......e.....I.......q.....Q9i...j.....IDATx...]K.P....E.}Y.F.X\Z..uNlA.....z..V...&K..RM......*....yNX5..0...J9{...;.....;.........;......9{...;.7..m..]!o.]|..F..*u}.k4]......j.Zr.....M.&....V..=.46...;.-%.X!..t......"...O?Et......E..N..w..Q.>_..........u..N.w...u.....u..N.w...u.....u..N.w...u.....u..N.w...u.....u..N.w...u.....u..N.w...u.....u..N.w...u.....u..N.w...u.....u..N.w...u..q.E..|...p<..f.il.r...j.e.x^.d.&....nw....(V'x.d....0V....2.}.yi..t.f.dop...nw.<7.}...d.{`.i......|.h^.Ty_'..}.....%...z...&.7...S@w.,.....3.i@wi..... ..f%d..cu...O...;.>....y._u.7R...8-?......a.9J.z..;0..........4.wV.<....&...C....Q........vr.{.....Y.R.....^.sYN.......p..?.......N...gq.....Ey..y.......o..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\proProjWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 2-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):193
      Entropy (8bit):6.28408815024493
      Encrypted:false
      SSDEEP:
      MD5:644ED84D18AB05482315AB39412E3B94
      SHA1:28A31612D3AD0AD90D8C7FFD00226F8B4CFEBF36
      SHA-256:FCBFB878E8B429A4D284C0145A8FD67FFBC9DBB819F1A2656FD64B5EFCE738E2
      SHA-512:7F467458FB8B8DCC6E17FB8B1BE3422551C076597D000800ABD327693A6F563D5C4D855A2872026AB4252173A745DD428891B2EA8FD01A25D68A83E063616EFE
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1...........PLTE...c........<.px...pIDAT(.c@....@....2F.<.U.V-.......9RL..?.......xK F....{.?.g..bf..'..'.....J......t..JtSD...XC!.....N......h..=h.........IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\property.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 3 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel
      Category:dropped
      Size (bytes):2862
      Entropy (8bit):1.9389321413697567
      Encrypted:false
      SSDEEP:
      MD5:7ED74E93629AD131ACCA902DBE46C3B0
      SHA1:0FEFC2367B436CFBB584AD5F9BF8221B163B6EFE
      SHA-256:4209EF62E1C1F7B2359DB856ACA546377798EDC4CB3B051FD1BD5EE9F8C8E7A5
      SHA-512:A030CA7288CFAD9CB2F19BAADCB5A29B13B30C5AF8C5D496BC059BA8D0ACA1CD68956BE39C6ADC428D50917D6616D040079FE572046E6AC38D17592A5FA83C8A
      Malicious:false
      Reputation:low
      Preview:..............(...6...........h...^......... .h.......(....... ...............................................................................................................wwwwwwww.............w..................................................................wwwwwwww................................................................................(....... ....................................b...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_da.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):238
      Entropy (8bit):4.99958284033677
      Encrypted:false
      SSDEEP:
      MD5:8F6CFB71E4259E2CE5DA8CD0EC59DEEC
      SHA1:DD6DADAEA19CFE6DF9A6F6A1978366741D3D0594
      SHA-256:865C63E0844687BBFC0E798D7A7CCE836922034C7A06253C88C2694FFC36C7D2
      SHA-512:B2CDA829BE74819B154E7CB905C34D8B4B528B636C623FFEBA88FA963F07976D7F05C8EB35B1633AB35E66F0FFBE845843F2645ED4398E42AF2A19CB627E411C
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\froman\fprq2\fcharset0 Times New Roman;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1030\f0\fs24 Din ReadMe tekst skal v\'e6re her!\lang1033\f1\fs20\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_de.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):194
      Entropy (8bit):4.955947983342348
      Encrypted:false
      SSDEEP:
      MD5:325D81E451EC29A10AFBC111EF9CE350
      SHA1:68E4ED4FEDE3B0C6507E4E6F02409EC5707391E1
      SHA-256:B1480F42DF4494C5714515E5155602FEB92ACFF1D3EEFF9FDF49062496F8E1F9
      SHA-512:98D77E5926BD934AC4E8195DFFF057E17248086D0096EAA6EEFC91F6928BFDD90E0413E5812886CB3EF92FDE819BC0DF93B60FC5809C7A31475E5469796F915A
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs20 Ihre Liesmich Datei hier einf\'fcgen!\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_el.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):321
      Entropy (8bit):4.725554084621617
      Encrypted:false
      SSDEEP:
      MD5:7432B2F1E9237B661907F3B0D58B8D8D
      SHA1:DD170FE960793A46F91BC37C552380C339BF91EA
      SHA-256:A4C217385A258BE63CC186D6CF8FE16C3955600C0FC9EE9723309D5B1D5A8922
      SHA-512:CE539099AD0C4341D5EF7E1C3AAA49B2E1FDF9880346065A19516D00F83AA7F33F8A95155AFCAA54A148470EF0C560A95D42ED6196A0EF31F10A7BA399AAD25F
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset161{\*\fname Arial;}Arial Greek;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1032\f0\fs20\'d4\'ef \'ea\'e5\'df\'ec\'e5\'ed\'ef readme \'f0\'f1\'dd\'f0\'e5\'e9 \'ed\'e1 \'ec\'f0\'e5\'e9 \'e5\'e4\'fe!\lang1033\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_es.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):211
      Entropy (8bit):5.028698228491064
      Encrypted:false
      SSDEEP:
      MD5:24470EB394F0D6A1530D1467BB3438CA
      SHA1:BE760ED90237372A72BD04D9E8F90B4B895C277A
      SHA-256:1EA70DB807B69FB936069DAE1AFCE516645DCA138C8048AD3D012B4899019462
      SHA-512:2406BC286B12C375BFA74075698274EDACB34C89F5A42169CFBA118254EE016C7FE63E0C2AF0D23DBCEF9B875DBA08E7F9FF1B2B99AE5F165BFE138DDD054921
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\froman\fprq2\fcharset0 Times New Roman;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs24\'a1Su texto Readme debe estar aqu\'ed!\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_fi.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):213
      Entropy (8bit):4.909663743098118
      Encrypted:false
      SSDEEP:
      MD5:B2DE6DD795580674C1B4F863C1063410
      SHA1:83F78C3B3243C4735150D2E99C9A18604B8F7279
      SHA-256:84325135E24D865C5604E4729CF1A85B2E3B49D8C13A1AFF35FACA51017ED29E
      SHA-512:4314557223474F75031BB224AEBD0D408844EC1A52DC1FA4E37170C529096B53573AED39986118A976D9D7254BE182EE5FDFC399FE26A5F065DD6672E326F42B
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset0 Arial;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1035\f0\fs20 Paikka readme-tekstille!\lang1033\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_ko.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):467
      Entropy (8bit):4.811404329284938
      Encrypted:false
      SSDEEP:
      MD5:E20B26B1781C0F8FB4A69DA20A8CCF2A
      SHA1:1FCD1E813496F141F834FA4A6BA3DD77035D628B
      SHA-256:AE94952224CD2D7B2901ABB3D641A5FF95DCF3FB3C770A812E0501E5472F109A
      SHA-512:DA71D7D5A11921412CF858665C9AD4EAC445A45037170266E1BF7ABE2514D7FD9C5E1CBC814A89065DAE7372C94803CB3891965A5390BD9628A8E1A3F21AD268
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\froman\fprq2\fcharset0 Times New Roman;}{\f1\froman\fprq2\fcharset129 Batang;}{\f2\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1033\f0\fs20 Readme \lang1042\f1\'c5\'d8\'bd\'ba\'c6\'ae\'b8\'a6\lang1033\f0 \lang1042\f1\'ba\'b8\'b7\'c1\'b8\'e9\lang1033\f0 \lang1042\f1\'bf\'a9\'b1\'e2\'b7\'ce\lang1033\f0 \lang1042\f1\'c0\'cc\'b5\'bf\'c7\'cf\'bd\'ca\'bd\'c3\'bf\'c0\lang1033\f0 .\f2\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_nb.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):242
      Entropy (8bit):4.9463697822133295
      Encrypted:false
      SSDEEP:
      MD5:619ACE50D8C18D485A04E65EF1A8F774
      SHA1:4109B585BE0112C64C9231BFF92DF0EAD4D73F93
      SHA-256:8EBECA08EB6901C275D8B32B808CF1E0B9C90F61F420F17D53C87E39C58108BB
      SHA-512:6E8B6A3C53EAADCE3D6DE10EFFCE0A1F5C71F2B5C73BE23042AA9B4F1A500830E112DF591D9E5F7F86DC0ECF70D3742962861BD3701CCED065953BD1D3D13013
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\froman\fprq2\fcharset0 Times New Roman;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1044\f0\fs24 Teksten for filen Lesmeg skal inn her!\lang1033\f1\fs20\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_nn.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):241
      Entropy (8bit):4.949555766839748
      Encrypted:false
      SSDEEP:
      MD5:4576E40CFF6ADE6619276B163FDAC64C
      SHA1:945353D04C9A01B314F524A7957AC02B732874FC
      SHA-256:BAEE9F45887B808E8828BDAA38D909E1B3A96318F98E012D9F6E047ECEA5022E
      SHA-512:3DE93E923A2D2BF18067EF204AAA71984E7ACD9EF09F20726C6275943B34D44521569AF3026E8E6E59F3DF3A81D84264158F1A9CE1CE4AE69DB5A34F82B07962
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\froman\fprq2\fcharset0 Times New Roman;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1044\f0\fs24 Teksten for fila Lesmeg skal inn her!\lang1033\f1\fs20\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_pl.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):246
      Entropy (8bit):5.008071975981282
      Encrypted:false
      SSDEEP:
      MD5:9E389604CE9934B6F890FE0791391DB2
      SHA1:9015108F191C7D717ADFF196D9F95F02528D3271
      SHA-256:20CBAD961837C7C0EBC1D7687D41C165122D339FE0F89E5BADB7A2267C42E697
      SHA-512:30D44A7738C16A01A0C9484D9F34B586D9F1C1A32CC44F5CC8E66896548D9B694BBA63B3BC447B4BD202A9FD2CE86F38393E7AAED7AD28B953A15DC1764AEC69
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fcharset0 Arial;}{\f1\fswiss\fcharset238{\*\fname Arial;}Arial CE;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1033\f0\fs20 Podaj tre\lang1038\f1\'9c\'e6 pliku readme\lang1033\f0\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sk.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):239
      Entropy (8bit):5.053841712017001
      Encrypted:false
      SSDEEP:
      MD5:136CF183246940159521DEADC072EDBB
      SHA1:3850F6D9319BB7186095182E21301F38BC339778
      SHA-256:B30B7C233FDA3F616E498A93D27CCFEC31FFFAD276FACF26D77425C024EDCB2D
      SHA-512:5926ADE2B8145148ADC7BB4BEB70473A0AE4F7A18E3A83CC5BB9751B2BFB952900DC2B3B7DFBE70420F2FF7C0912E6638ACE8518D3631466B54B6A4CD56EF81A
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset238{\*\fname Arial;}Arial CE;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1051\f0\fs20 Text readme by mal by\'9d tu!\lang1033\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sl.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):215
      Entropy (8bit):4.9287886933179035
      Encrypted:false
      SSDEEP:
      MD5:BC71CEF492849ED11A126B55B0AA23CC
      SHA1:FFB32A58BE3161361C4069EBBD70F567E8F24F21
      SHA-256:CFBD9E58E906ABB61759D68AE34A9D29A7688C80A75B62033FD56DDE249F80E8
      SHA-512:9DD105875174701A20773233240C20AE64E93CA0091BCA76134E142A9B43BE9C887123BDC0A02972C7144518FC32551665300D76585FE46B7899DD613BB8390E
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset0 Arial;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1033\f0\fs20 Tukaj mora biti besedila preberime!\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sr_SP_Cyrillic.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252
      Category:dropped
      Size (bytes):513
      Entropy (8bit):4.6436388538500655
      Encrypted:false
      SSDEEP:
      MD5:C535D663BA31D20101B1B4E5E19E9AAD
      SHA1:5F7749E13E0540A9EC2E88BBD9C3556C913D8B57
      SHA-256:3DBEB1BBB38C0DE0CCA707337B31371DD712B51CF77C45865EE00C670E031BED
      SHA-512:D3B3B029B21F2A3734E15D6916D4CACE62899DD9E0AD79CD9770BE1CA181D8E16903D2749AD5475DB699CA474864A3C97A571E8D83601D76763F8D254B6A61DC
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0{\fonttbl{\f0\froman\fprq2\fcharset204{\*\fname Times New Roman;}Times New Roman CYR;}{\f1\froman\fprq2\fcharset0 Times New Roman;}{\f2\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.21.2507;}\viewkind4\uc1\pard\lang3098\f0\fs24\'ce\'e2\'e4\'e5\lang1033\f1 \f0\'e1\'e8\f1 \f0\'f2\'f0\'e5\'e1\'e0\'eb\'ee\f1 \f0\'e4\'e0\f1 \f0\'e1\'f3\'e4\'e5\f1 \f0\'e2\'e0\'f8\f1 \f0\'f2\'e5\'ea\'f1\'f2\f1 \f0\'ee\f1 \f0\'ee\'e1\'e0\'e2\'e5\'f8\'f2\'e5\'9c\'f3\f1 !\f2\fs20\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_sv.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):238
      Entropy (8bit):4.919475978148502
      Encrypted:false
      SSDEEP:
      MD5:283011393FD0A0F2A66E4318D65BD473
      SHA1:12364C47ECFA5B97E10B04021240911703D37EDD
      SHA-256:0D57AB901956E812613EB768CC081A603A663354EAA8A99F3908CDB1C5899280
      SHA-512:00C0ACD0789E1D31F8A24A1C7D7135A0404DFBE55CCE3D760D0D0ABBE7D0476354E2F59981E8823A55C4AC2B159E1CB18A1F1EDDFAB36D018D163A9CB836F78D
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset0 Arial;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1053\f0\fs20 Texten till filen Readme.txt ska placeras h\'e4r.\lang1033\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_tr.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):227
      Entropy (8bit):4.93505846087493
      Encrypted:false
      SSDEEP:
      MD5:6834EB42C2E1BD1D3E5F73C98044E7B0
      SHA1:7176A2329B5E98503EB3B5B35BC50F592DD98600
      SHA-256:0859444BFA02D93817A601C6EF63C063EF3C6372340F21E2E03B6F9C35BDA18F
      SHA-512:AB7CD2549246E6F6D0AF9C87EEAEAA784C708CE084EAB2C3AB95CFA6E48C1902423A995FEAB758BD2ACE56147E669C28513B3C9F1318342B437F78F6EFD88D5E
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset0 Arial;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\nowidctlpar\lang1033\f0\fs20 Benioku metniniz burada yer alacak.\f1\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_uk.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):414
      Entropy (8bit):4.845774502086495
      Encrypted:false
      SSDEEP:
      MD5:BD653217C1035B022AB53D56D0C01B25
      SHA1:5C1605FEE96870B60EB477EAB7C5A123C81D0A4C
      SHA-256:ABA738C65FDD72863B762A8FC6F7F8B417864778AEAA3D03B179B42CD7F2FCA5
      SHA-512:9F86A1E09B9C706AEFBC706357C519D2268DF3569D02F55140AE5CDF258444A4E976C569CF1CEB7C58770DADD4FCD3E29644F01F647C3B3B7121EDD52C6DCA2C
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\froman\fprq2\fcharset204{\*\fname Times New Roman;}Times New Roman CYR;}{\f1\froman\fprq2\fcharset0 Times New Roman;}{\f2\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1058\f0\fs24\'c2\'e0\'f8 \'b2\'ed\'f4\'ee\'f0\'ec\'e0\'f6\'b3\'e9\'ed\'e8\'e9 \'f2\'e5\'ea\'f1\'f2 \'ec\'e0\'ba \'e1\'f3\'f2\'e8 \'f2\'f3\'f2\lang1033\f1 !\f2\fs20\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\readme_zh_TW.rtf

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):259
      Entropy (8bit):4.854080823603029
      Encrypted:false
      SSDEEP:
      MD5:879217B69962C3867452E69A4EE34A7F
      SHA1:851BAD2D5EFDAB30AF5BEC618E29203BB34A2492
      SHA-256:960427234AB7FA99C4630D6F2C3CF96ED9454F3B63E5002E440D9DE4A8B1EDFE
      SHA-512:395CCD75D72ED762F0C170A9439AB8D570647C70FDBAF5BF46EFCBAD702DB5CD70528C4CB3EA7FDBE1A6D136B9D7B173F5058C388E9DE566DC85D38041726E0D
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fmodern\fprq6\fcharset134 SimSun;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs20\'c4\'e3\'b5\'c4\'d7\'78\'ce\'d2\'99\'6e\'b0\'b8\'91\'aa\'d4\'93\'d4\'da\'df\'40\'d1\'65\fs24\par..}...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\regWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):3204
      Entropy (8bit):7.731697958272881
      Encrypted:false
      SSDEEP:
      MD5:D87A3FE81D2F9A2A4FCDEA5B15EA60B3
      SHA1:BBFD05A7825172ACA497A6202B0D49580FC3C59B
      SHA-256:C07ED41B9E172B48ADAFAC35F509F7A3A9B0ADECFED4A06DEBAE941688BC2567
      SHA-512:D8A2277A4FBCCD086C63DE88266884AA84F81C27E001CB5AFDB591313B8ECB069A072B076C1D2DF569050DDB11093B2BCFF837E1A7B136FCAE4D2058010ADD8C
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE...c.......Y_..b..^..Y..\..`...vwa..V..W..[..T....Q.....Y...2.z.......<..S.K....Cz........v....+.z,..)l......k.\....w.}Bb....S..t..G....g......e.........._......_....IDATx...1..0..0.o.&.p.XH: ........w....x?...w....x.;.....x.;....: x.;..w........w....x?...w....x.;.....x.;....: x.;..:Hm...(*m....E...O..8.......)........w.p'.?.y.&.p'..w.p'.?.y.&.p......v..5?.L....^...m.X)...{.r.o.{.r.?x.+...x.....x....x....x.t.....]..).]..(.].(.].W(.]..(.]...............w.<...........{_....R;.Q.].w...x.............p>..=....q....x...u..G2s.<.....{(..~...<;w..~....q?..]....x..Y....f.......qo4...k.....-...;...vq...]..M...0l..`.)..^.. )...|......8.6....j6..Q.>=9i..._>....{t......wt..o...../..u.......>}@...w....}....>..w.O&.wt....:`....,..'u_.} _...{......u.ot..f>......F....{.{....{....;to....n..}7....to....k....n..`...{....b...F.w..u.#....n..~7....ow....v7...M>....p7....#......aw<s...Y~./5.d%)...L..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\remove-inifile.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 3 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel
      Category:dropped
      Size (bytes):2862
      Entropy (8bit):3.907154849097705
      Encrypted:false
      SSDEEP:
      MD5:898BE8DFD1856F75502850C450ED048A
      SHA1:17A9A31862DB71A2453F2F84867D7490296D8FEB
      SHA-256:C6A43803D78DF8F5BABD9397EF56E6F8B50ABD7910C650906C23B57E6A7749D2
      SHA-512:51604F4D4E1F30FF1840AB7E6B43032C655FDC0E2D62D6346A6EFD99634035439EA3464B03D32791766C1ABAE89AEB1C39314310DA17D202A3B67A8933BC4A33
      Malicious:false
      Reputation:low
      Preview:..............(...6...........h...^......... .h.......(....... .................................................................................................wwy.w...................................................8......3.3..............3.8www;.w.......w.x....3w3......w..x....wwwx..................................................................(....... ....................................w...y...|...|..--......)... ...%...'...L...S...(...+...0...4...6...7...:..._...{.......@...F...L...P...S...T...U...W...X.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\repackagerWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):2699
      Entropy (8bit):7.655462031020109
      Encrypted:false
      SSDEEP:
      MD5:7CA30C8F493582DC7C8A42E7C27E930D
      SHA1:6A8FFA44263EB4ED7D0E318414D033CD9844B879
      SHA-256:74444AC2B146D780EF434132C1103A332D9473C12AE598DFE2C2E35FB0F7B265
      SHA-512:8471B309E70859AFBBE812E55D97EE4D4276B8D78792E2762BD35E2AB91EA6626646E095B7EB9F4156F2394452B5BFC5936F7DD2F9B7612CF437F3758CD87A48
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......`PLTE...c.........mmQ..T..O..Y..^..[..]..V..a..u........j......................{.p....s.....d?.....IDATx...Qj...DQM(Bv..o.I.....>.d.s.p.g..Xx6.O*..tGwtGwtGwt?..X............R`AwtGwtGwtG..K..o...V&t.'..........O......2.{.L.^+.....2.{.L.^+.....2.{..X.............t?neB....;..;..;..\&t....keB.Z..V&t....keB.Z..V&t....keB.Z)..;..;..;.....Bc......tGwtGwtGwt?.L.^+.....2.{.L.^+.....2.{.L.^+.....R`Awt..t...]._tGwtGwtGwt?.L.^+........z...u].#w.>3..v._...~.....~l.o........?......~.._.......~........._..v.~Gw......0...."..F6e6....%:T.EL,.@|...s...d.gL.Qv....6.Iv[...=..;.E.v[..[m.=Qnv[...m.]....-6pw.Mw.G...{.k...{...^.X.....u...=.J.>.........m.=UT..n3p.h[...~.{l.N.{2..2..M..!w.>.#..v..p.=......c...;=..}h+..k........6.M.].=..nw....M.'Qtc..wr.......<k.rOFx..=...#....$I...=.{.E....'..H..zlw.E....'....zh.8.=.=9..~..S.y.....E...r....},v.\..>....<...},....q.Y{v.G.I.@.p..v..w!6...k.....y.p.m....Z;.m..[...S....k..g..~.N.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\resOvrWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):2389
      Entropy (8bit):7.6830085261146435
      Encrypted:false
      SSDEEP:
      MD5:8A303D17622E774F3DF1D843564E733C
      SHA1:76BFBC5CDFBC3C304A906CB4597F8AF19A14B0AC
      SHA-256:39FB1E013141A8FB049B2DF5783435126E36136939B9233C8FCD8040CB19C768
      SHA-512:6F5BF8EF349FAFFCD785CD500343C2B1FCA2F0686B8F01A89A590238D0CA37C5EEED839B75CA112C588C7B56C8D8BF25F148A710F69F611F012D12730BE7B855
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......ZPLTE...Z..^..^..u..a..O..V..J..R....X..F..B.....&f.4s.=|........i..HHH.**m.....XX.....<.w.....IDATx...j.@.E.Y.E.........$.p+C..}.T._..6.................=\.@.;..;..;..{.6.BwtGwtGwtG.pm............................;..;..;..k.(tGwtGwtGwt...P..........v.}..8.......h;....}..b&m..O~.m...j{^.......^E..}..sx......8.U.......:....=.U........}..t...i..}]...=....L..L..L.g.=....>....I.L.g2.3..3..3.I.L.{&.|&.{&.3..|.d...~.{&.3......t.{&.=.}>..=..t.d.g..gr.g.f....a0..'.I..J..............f..\.3.$.{..=.0....|..~.3.......=......8.{..u..W.w....t.E..;../.c.W...}.......gp.3..8;..W4T..*...yoS.....{..WS.....d..{.w...9....sg..w5...s..{G...;.y-...4q/=.......$...y.........W{.{...U$3..p..}..|..}...V...w........Y....7<..........#<.'.{...3..;.7..w..t.3<......u..][_^j..91.......W...a.9}.pgx.....N.{s.Ww.w....B.S..`wf..8.y..]:y..r....9..."$...}H..^Mfe..;..dV...j.>.....x5..Y{+>&.q..cE....'..x.;..?G.(......3<.Cd.v..SAw..{...N

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\searchWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):788
      Entropy (8bit):7.651584213841188
      Encrypted:false
      SSDEEP:
      MD5:62A485B0EAA67B113F3607E1A3CCB03F
      SHA1:F91EEB59A50C4BC5B03A83A4DDE82EDB6AA6A16A
      SHA-256:2CB23CEFDF062A9C18FEE8BD2A1F3674FE8CF77B42FC86C6604B358F003B9479
      SHA-512:ACB6EF2AD439C292E5C58A184BA832EE362633169DBC2133F5C546F67D574EE3A3339919C3D9A1E255F928B5CF34B5DEADA2A27464FEEB0910E43F053244EF29
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE............c..a..b..c..b.....c..c..a..a..a...b..b..<r....................................-d....u.....[..@u.................y........Q..8n.....................................Bs............i....p............j..^..L{.......g....IDATH...iS.0...K..(W..m...]u..U..w.....H.!m^8._0..?..3........^X.w..M.1.3.N.6...;1.h.:6.@..:..1.3~...@A`...!0.@..*s.Zh.h6_BD.....u...p..........r.......AF.....h.....V...4.."...Z.*..~]..jE"m...-2v...Z..P..x....D.7.2c.9.V_..VEL.L....GE....d.....:..Oz.*L.j.]...=z6.AT.'..h...*..o..B../......@...i..$c..+...p....JW..F...QF..F.b.#..:B.../.........6.P..j.;ga8....m...e.j...~.9.....)..S2M.T/.v....s....i..kN..,......3..K..t.....D..o...~..@~.1...f...I.o.......&..D.n....IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\searchWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):3216
      Entropy (8bit):7.766728188746467
      Encrypted:false
      SSDEEP:
      MD5:CBCA4AD15E6F5C3C62C865B599FDD1DB
      SHA1:651E89D2A63CA6DD2EF4936BCDF3D31DF74DC125
      SHA-256:1E9867665B2467811B672677DB173097EF2A4D3DD291804A4E87433419466B02
      SHA-512:050D85A3E26515EBFA70A7BA64372451C406E94B99B658CEDFF91D29706DCFC24B32BC0361A591E3F17444473A60B92DEC5B231BE539509CCEB4BFD865191084
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......~PLTE...q....^..^..u..a.....N.....'f.............K~.Du.v....T.........i.......i........V...._..i....v..........I..........&^....IDATx...jBA...Y.z..ja.B ..?d..H.!...Sm...L....M.Pm............................;..;..;..k.(tGwtGwtGwt...P.....................=\.@.;..;..;..{.6.BwtGw..{?.Pl...x9..)....Y...K1.....F{..P7..n.[...}y......W_t...../7..U..6.~..x...........N.9.....>.'.w.......).I.L.{&.|&.{&.3..|.d...~.{&.3......t.{&.=.}>..=..t.d.g..gr.g.=....L..L..L.g.=....>....I.L.g2.3..3..3.I.L.{............:..a...2..Ih;(-+.&.D...T......o...arL../.3.N...b.>....Z..h....|..N...>..S.n...K..i.n...I1....g........<..N....,.....C..C......N.G.w.Ew..;."...=.w.M...`=.......;.&q./-.yw...=....;.b..x...8.X.3..{8....o.......m....w.M....7..6.{8..z.g.....w.M.N_Z..lbw.p..........).PX..kB......]..m......C...;..._...............1......!.../|..mqo................_w...Bp....IV.}B..\^...7...M...$!J.<s.l..9..m6.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\shortcutWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):428
      Entropy (8bit):7.338912835516542
      Encrypted:false
      SSDEEP:
      MD5:04DA7AFE1B520B042DED7489930E02C7
      SHA1:CE25C3169B5F97C4B492A2420A9C6C29031E92C0
      SHA-256:9A4D20D721C75F050C3AD3A723538030AEC86666A55BA21BABBC751F7F37AED9
      SHA-512:1AEECD072DF8CC0A9ABCB79E38717DC3FD063EE0E65EC2198BF4C8205377F5069BF308F22FB238071F2268308CE6FAB6510A7CC356A67C9AEA3388CD89D05419
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....]PLTE...Z..........g.....j...............`..............{..............................g.8+....IDATH....n. ....V.E.u.s...Y.Hi.,.I/6._j>3.........]..t..5....q..8?V..c..D".%..o\......T....>o.Jw.h.@?|31k..C..^....&..hr*T...3N)|&..u.N"OU..*d...-..%..q*.;..R.Q6..B.....fo\a.....Dx....R.........a=..9..#b..K.Q&@o .q..a.E..P....9j.<.!..:....Js.N.).w../...R.OAg......IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\simpleProjWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 4-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):143
      Entropy (8bit):5.888428242371899
      Encrypted:false
      SSDEEP:
      MD5:0295208EB00543C7B64EAA14E3A3DD97
      SHA1:4F1DA466EC1E98FC95A1F2251F0259EC506FB69D
      SHA-256:D31B973168BE04643017E80B1BCA8D96624C1D73E241E6BC881385CDE1EE3CDC
      SHA-512:7C23E361F6B15A9F2D30F1C944839D381DB5E8C7D8EDAD7EBCB395CA97758A690D71D28621A8AED50F2E51CCA0DC24B6A7877565580B9C238A8E3D6D611438D5
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.......\/....PLTE...c...........b..X...;IDAT8.c..Q.;..28<.W.I...,.....2tt..8..C'.............?.....=7>7b.....IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\temp-file.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 3 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel
      Category:dropped
      Size (bytes):2862
      Entropy (8bit):2.6931679522381775
      Encrypted:false
      SSDEEP:
      MD5:E28BD14B0375EC7D5904495964AEAC49
      SHA1:FD5726C032BFA188631B86026075F0A1FBE5847C
      SHA-256:B6CB3D0FBD89F035E0BF7C775F5289E1669A9F37D8F61D6EFA543D86C48F47F9
      SHA-512:24E29BA65B045788AF791D813468088123A9035561512415E1AF3B6403CAF6F64C2DE60EF6A5000D66409D44DDB5F6F2FE410828A17BB7A53C2746EC5ED5687D
      Malicious:false
      Reputation:low
      Preview:..............(...6...........h...^......... .h.......(....... ................................................................................................wwwwwww.....www..............................x..............................www.....www....ww......................p....wwx.........................................................?..........(....... ....................................b..u..v..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\templateClientServerWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):4579
      Entropy (8bit):7.8208209956771775
      Encrypted:false
      SSDEEP:
      MD5:22F7BB350DC3F6767203113FA2876A2C
      SHA1:D90B10F9955795A822C3E0134C0D0EA9B1C51694
      SHA-256:BBEF006BBA58F852D8129B8BA732FA25B01E20104222F524556DCBD601E6F5D6
      SHA-512:DCE5EA3112762A3B87667ED2B8D4DDF72E5AA60EA874DCC9CE0DFCBD3B54022D2B1337084227858D65FB451FB9E7807F42CA638539086F9E4CFE5C57409E5501
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE...c..^..^........u.....a..&f.P.......................................................................................................D|.g....}..g..g..s.....w..`..4q.[..q....a...n:.....IDATx...j.0.@Q.`;d.b....%Cm...U#(t..+..3=.x.IJ.................H...................H...................H.k.e......?.......{.....5.........k...W..>.%..y..i...r9qzn...g.+Du.......Jx.+Dv.B...{..._.....{...c\.I...N|...}.Bp.....{...!+.w..-..;.w.......J...8.*..`...O....B..S..w....i5..un...i.y...=...c..Y...y...y.......g.~......bE..\H..v.)...w&...W.y~._lW.m..IB.........*N..<.Q\.o..(.e...;..I....(J.. 9L....(...a.$..9.'.z=qW..-......;....{.5...y..Q....%.T..(..:F.....a..].$.s<.c6....{..s.J.....;.Q._:.....iq..6.F..o.K]...k..u.Gs^7.j.W.............r....Cj.....F.z.D.......Y..5.....C.n.T..F.~....#].i.....h4.{..........[.......AoV.\.Cz*.<.dT..q...N~q..u.v......3...f.!..].....]k..w......mW@w....W.{#].N.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\templateDotnetWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):18004
      Entropy (8bit):7.971246601657066
      Encrypted:false
      SSDEEP:
      MD5:3333E173D4A6F73E1AEFA7A891322B26
      SHA1:0C088789644C6569EB89D7A38FA9788753C12A4D
      SHA-256:7B4520A0339E04BB416C54F24EDCE27639FC14A0BCA60CEBBA35EED5E19580D0
      SHA-512:9279E15FBEFD4762FCC03DA31427868AAC14F726C9A6994C10F0BD07BA81C39755CBCF349A0F9F64970FAF8C4455BBD59157357CF5C6BB9FDE542E64E8D712E5
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......%PLTE.....................c..JJJ......\.E.......................................................................................................t..y..n...........j..Z.....}........V........g..}..p.....x...........b.....^........g..a.|............v~..[.:...................._...........M..l......T........k.........x..%....~.....\..%..!..%..v..h..9..C..[......G....!.....................................h{.......5.....J..To.jjj5..4...VVW...J..J..`...........cef%.........R..6..k......e...........................x.>e.........3w.O....."...C.IDATx...9..U.Ea.`o~9.....h.....o.%.g...L.b}.......e,_.^..l.(J....Z./o.}.......@...t{v.$7.....r.j.j..~....W.|...g..7`.I..}..h.i....o....:......s..2L.e#.9..f.....7`.).|..'.}8.,.zQ.N.m|...S.Z..9...T......oy.t2...kTI..y;.H...F..........H=.Eqf[.o..i.%cYO^.R.Y.c.+...+.. .~|N./R..J.&->g.D.6...*..<.O.|.A.gR.,.c...Y.bAJ..,...?j.L... ...o.ENg[,t.3:E4.K.9.......G...=7.Y...vR.ZT..H..".k

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\templateTomcatWizBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):948
      Entropy (8bit):7.7213972130971955
      Encrypted:false
      SSDEEP:
      MD5:EBDB8E00FB1FDC58FD1CB5F456D13EC5
      SHA1:2BD4B8E8C732B943CC4293A292668725C6B33E68
      SHA-256:4BFC58AE307A26A1063127A0CB9890536A15BDC0ADEAD3AA4D09416450EA92D7
      SHA-512:854A527AC7E110B1060AED157EB11563C576E9FC6958EFD1B0B94F9DF7872BFBFA83B38B8E5D331E58CDAE8E6CC11295DD704C18730588601EBAD3617E2ED7C7
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE...c..\.E..........................T......................{`nc=.........................|..v..s..q..p..m..i..h.._NMK444......q[.......i....iR..~..................Z................~..x..w..sssr..mmml..e..d..a.`jg_..\..\..\..W..W.sP.rH.t3hX'PE#....y......p....}e.......................................y}|x..t..q|xg.f.f..e.c.a..Y.yY..T..O.{K..Je_JymGiaG}tFAA@vj?YR?.{:bZ5qc1.v0.m*\Q*YN&(&$&&$. ....I<..z..r....c.0&..k.YF.l......IDATH...N.A.@.X..K.............my !;..H...IN.J2.O...I...$`....I.g...#i$>..3...d<..$fP;."....x..YU.}EE..W.....c...j.j.b.X3..4@.$_..v..)y...z.Ao.7.A..d.......($6..6.4.e5J.....'...x...@.6lJ....7..xT.[:C.Z....u.b..-....n$...T...Z...62r..hy{....li..&.F]6.yd.Oj.}.=.t..j7....+...C.*..w.=.,..I..F..l6.r.xQ..0.,..(A..u....vt..Q......xp!..,_=.)G.)....vI2a.u...!.sRl}...m....[.D4....h1....Nc..8...E...,.X..k.../....G......;.jF#`A.=....IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\templateXnaWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):18411
      Entropy (8bit):7.973682715617327
      Encrypted:false
      SSDEEP:
      MD5:EEB1E8EBFFF765F18D3444ECA16335C5
      SHA1:F9DE5467C9004EAA6155D29DF5227A45CA8ADCBC
      SHA-256:12422779FEEAAFFCEF4223DEB73B63541672B792088F4EE7560405E8662AA890
      SHA-512:914898A7C15D09F720AA081CAFC8534B23299942E81466CC60134CD2DF0302DDFEA075CA45A7BD475A655A7C39C212B78F3BC842025453D7C0D679FB429FC9CB
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......&PLTE..................c....Y..........\.E.....H....&.w..e..).J......8.C..R......@IT.|.U`n. ....x..!.H..!.6.+..:....i........,2:.....Z.6.<..%.......N...@.......x........5.&........P..-.A...`m}..D......~..j..m|..pa.B.............}..l.s..X..k.G.lC.{*.....n$...f....g....F.IDATx...;.e7.E.......p..Hm.?#pg..A D&......,...mj...V...L..o8.q.].}...=4vz...9LV.h...3gO.0[.g6.l.O...+w.......}.4.h7&.f.Wv.....n...R....V..y%....`.6......kN.A...F...d2.......>..m..p..m.....ng%...!.N2...R..l..$..~n....lN..I...<0..O...pm1..v.....I.A..y......l1.I....O.%vM&.l..3`...8....@:r..p}..y...rI8*c..p...1..s.z4....e......c..D.0.@.....!....s.3.9..dNt.....!...[.LLA3.{p5..r.&.'.].3..&.h_.....|l...+.g....G.c.......9...O...uR...-.. g.`....crl..1.8..}....L.......pN..Z......3...Ld..........W2......>..p!.6.8o.k.5.L7..$....{......f.B..>f..0.I..br.}B:..._?.wu.OQ...8'...$.=ks0&gL..Q.....#.3}2.w...J.K.../i....s....3...k.$

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\transformsWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):15769
      Entropy (8bit):7.979282048069807
      Encrypted:false
      SSDEEP:
      MD5:94C5F78FF374BDB0C6C53E9D20CCE909
      SHA1:B7AF448B22D7D38BB7154C64BC1987122EDEE8E1
      SHA-256:3FCE7079532BC6041752AE67DEE2AC09031D91C1C00BB9739694670762671825
      SHA-512:1E8D80FE3FB1312DD8E319DFCD660F6797AA37C012C7E244C0A4079B2509C06212DF8386441E46248424AD033D33BD4EF16B96E3D8C1E177F7BE68EEF72A46F8
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......QPLTE.....................d...mm.............................t..................=.IDATx...1.[A..QU..`}......`.....LXI....!V.z.J+.Y.".5..m......)...`.=m.X(....8..{.YIZ......v.R.+.....a.Y..m.EKf.2$-..Ow...U=}.....k.T2..g.}=~]....F...=......$...S..5(bBMf......$2HN..V7.,.J.$.t...4'eZ.L%A.c,.U@...;..T.xGH.$.....O.d..M..E...s.7.^.ot......A..@.)P..Jo..k.e....^.6s(.V..,.L$\2...(..G].<.@...R.h....9L....:Z..;..=J\..K.L......D{..5.H..=...<w.....}..d..;a.E....$..b.Xe..2Y.O.l.H..\..m...."......%...0.bw..I....Pc...V...'W..Zc.#..k..&.Y.:.Sm.!.uJKx..A...6\...x....](..(.K..O5k..].+.k.b..e.q.a ...a....... ..iD..P"8..n....&.....x../(.D...n....krK[Z8.`...rxh.il.....hkKU.........r.Pe....|..DB..('......V...6.$.;.Y0.~.~DU..k.ya2D....3.q.....@h.......IT(Q...&..+.A...I".g.V[,.=A.<..C......(.<..W.x..V.MX^.y........l.6+,Q.........Q.&l......Z.`...z.w.1D.V..Ts.+K..e......Z..Q.........!..fgAh.....O...m.@......<..O.w6n..km..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\uninstall.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 8 icons, 32x32, 16 colors, 4 bits/pixel, 24x24, 16 colors, 4 bits/pixel
      Category:dropped
      Size (bytes):14534
      Entropy (8bit):5.08612958031438
      Encrypted:false
      SSDEEP:
      MD5:C2649AD15118FD46780D6FCBC38447D0
      SHA1:F32EFACB590F5028A9F5DA7236CC74086A3C87EC
      SHA-256:F0F4D5BF1DE9D2463031520AFF51FEB1E7D432ECEA447534A91CBBD79832AC89
      SHA-512:322EA628ED541713457248341B2CD0A95B6DD3661C9E1E4A22285368872A1B2A89808E272E2A6195B34FD47BD02C33AA893D0C324FBE35E4D65C5E5F401A81AE
      Malicious:false
      Reputation:low
      Preview:...... ..........................n... ..........V...........................h....... .... ............... ......*........ .h...^4..(... ...@.....................................................................................................................................................................................................................................ww.w............fg.fh...........fg.fg..........x.x.............f....v..........fx...fo.........fo...f..........w....f...........................w..w............wx.w.....................................................................................................................................................................................................................................?...?...?...?...?...?...?...?...?...?...?...?...............................................................?....(.......0........... .....................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\vdWizardBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):972
      Entropy (8bit):7.7393611413302645
      Encrypted:false
      SSDEEP:
      MD5:B80A713FBC870604EFDD855A37C972EB
      SHA1:9E24019F30DC9662266F995E1FE4A837B68BC5AF
      SHA-256:281510510F71C78E9825E6ABF82F650B799539717415059D66F19D70E0E1330B
      SHA-512:3D05A7ED711C8FEB802171AAE1E19092426C045CA34E18AE3C1164D2A061A93D87ED3CAF413FBD8B548380EDCDB94A8AA7039D2EFDEAA7E436BF62932FCD1003
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....APLTE......h!z...]..i"{h"{g"z~..V..m$}k&~k"|.z......P....j..b..i!z....._..........o+...........f..P..........................q....s.y:.r/...........|......u..n..{..u.....W..C....................p.......`l..v..q..j..b.fC................^........}.b[.cS..P............h........[....n....e..z.q?.f6.......FIDATH...WW.@....0..d..."H.).....tWW]..^....IB.5d..a..?p...;s..;...?..6K6{^..&%.I...h.B.6..*......ggx...vW.{.........W.z.A6?...FV..*3fO.s3.X....$.f.Vf`$.,........k.pC.4...o.....P@.3...]..L +)`..l....7.t.^.X..oh...C.]..f.{....z.^pJ.V..&.Y..u.B..P..(.M...e%(e...h.d..I..R....x.....L.....J...^%P........7....ymc......E.=q.t.R.X{}.9..]....W!J..#..<$.D.........1...g..s.4...#.z..<9b12B...1...[.9.U8b..v.5D.+NF.P..g..j...a!.5..B....x.<_..`!. ^$..U ..V..bO>........GW2E("..P.h.Y+t.S..T.._sa.i.O.?.....['.d'.,.G..NlY.....X..KW.(.N.@....nE!e;...^.SX...."kJ|.......I.9.......IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\vsaddinWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):15824
      Entropy (8bit):7.970533860835092
      Encrypted:false
      SSDEEP:
      MD5:47D0E1FFD43365C56F4D4BF6D310766E
      SHA1:5B3940D6A3612335576D402C5E05E4E4FDBA2EA5
      SHA-256:47D16C4CA9B45132671016BF0EF224E9D1816BDDB397B8E9867F8C87C9204AE1
      SHA-512:EEA85439C58D73929F70F4617B841D52A29C51AC9E1019D24F1AFA26649BDCC42A4C642C6F850C44B07AAA4E3039AD9139FB3A231BE9BB3FBA69F16334DFBC2D
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......`PLTE..................h!z...c.....\.E...g y.................m(........................{..E..b..K4...=+IDATx...1.cQ..QWu...0._.....n.p.J.J.u..qdO.tdF..I..3.9..k...q...az...l...q`.)w.aL,..g.CrcR....q.D..OT.c..a.....%QtHM.U.............(.U..R.f..TD..E_.?w...3..8..B..It>KW.%.A....rR.....$RHV....Ti...I....&hV..9..$h..&...P....X.Y.$..rsI.f.-'!..N.(.m%Al.m..6......... ....Y.......m....6u..@..0.Z.TO.i=..H......).......H:.^s...$!.k1g.t.E.........M...'..-..........qDB.;..]...........].......=+i.y..s8J1...VN...V.`.u..a..E.Cp^.?'4Q.....;.%I5Q[..8h........+0c.eI...Kf...X..".Un.O....$e.l.s....&..,z..IV......y.l..c.v@1.E..$....`C>d.y.].{act.pR.7..z..h..$..parA8>...xh..h....7q&....$..G7.......7..N.l....3))@.@i.<.JxJ.........6.qB7q"e.67}....D..Q.&.T......=s..?0).......3.r....+.a...[...r&q$*<..8%/yn..`!mNI%..3......z.!P,.E$.S.........Q.O..R_B..l=M....qz.n..Oh. )o..xkn.X.:Mhm....J.&)t.=.o.....RD.M.kUs..4!%..{z..yW.9.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\winceWizWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):15015
      Entropy (8bit):7.977400144480087
      Encrypted:false
      SSDEEP:
      MD5:0B2247FF6A7373884725752DBDC4EE72
      SHA1:54FE79716A70D9196767F7462B9E09CE2D53F3B9
      SHA-256:A8979F2222C3A6BF654E3BE90B6F4658BED58A1AE37981EC6B1F3DDF1DDA0F50
      SHA-512:62BC22C45B1BC1514442FB78EC965E1FCB449C8128CE9864F96321A88FA48D98288448FFD1F1A7D49F79BE0B8849FBB81890A1EE67916E67DA133DC188EB34A6
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......xPLTE..................c................2i........................N................................Av.......u......>..9.IDATx.....Q..QVu.1.%..............x..Wr..;..U.Zi.2+A$.....b.2......=.&.....\...<..J......h.(.ZKKZ......&Q.df.)...b..n.!....a....qm.J&"{...._.wb/..D.b.Ab.*%.....<b...P..2k.!!...S...)...!.}......2.m....1...*....u.r*I.#.m.iO.Q..;v.D..&...B...l..Ot......A..@.)P..Jo..k.e....^.6s(.V..,.L$\2...(..G].|...d-....$!.s...m9t.0.w..{..d..P..7.$.....jh...3...|.u.p...?....;v..E....$..b.Xe..2Y.w.l.H..\..m....".......K...aF..*0.L.us.....`.=O....9=.$K.MF..g!..N.m...)-....z.d...h....%.G..B..D.]*...Y....X.^..3./;vl.V..Q...L...P.}.~.v.V..p..L.$.;..n....&.......?....Xf...V..-mi.L.Y.Z....sVc./f...-U.z&#.H..K..MB....... ..@9a.X.......m.I.v..`.U...*X...1..l.K.cp.0.......Z.y.&.bs>5..%..S..y'8.gc.H.sA.-.......!QDRV.t.@...G.x..V.MX..y........l.6+,Q.........Q.&l......Z.`.......1D.V..Ts.+K..e......Z..Q....

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\wixWizardBanner.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1215
      Entropy (8bit):7.778824652072448
      Encrypted:false
      SSDEEP:
      MD5:020CAD517BA1065DE508B6272E70B89F
      SHA1:2AD7808952BF8F715587E9E018BBAE2B6EFF62AC
      SHA-256:EA688B9B62426CCCF34DB2134EBB4E846EDEF17B05066EB8D5098DE2088DE887
      SHA-512:7CD0C5792AD04294F5E5DF7AA2A13B59B93F49EAD7DEBD2A713F3E586C9AB8ABB8BE9DE95946B2A0CA1354A5D110EE1057FB3F43B70DB00AE0A75F8CF40A847E
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE............]...%V.................n.._...+1......a..........................i..f.............x{XXXDDD...............u.........|..n.....|..d.........k^.PQ.:>...............................{.......x..u..r.............mqkkk.vj.JO.FK.49.B1..........................j............|||.ru.hl.bd.RW.OM.QB.M=.33+++.$*...#.................X.....q..............u...........p...d..zz.v.pj.fh.f\.ZZ.NH.<A.9?q:8.=5.4).'"Y..^<.v....IDATH...WW.A.......VP.A. ....""..{....{7....w..r.1.y.....g.7s..Zx........nW....q......N7w.....{&.w...|....}.#..q[.f.8..1..en)C.....4.!..<oH.H...N...!v...!......R..........t..........e..{.....*.Y..%.\Rt.N#:^`.b.....tr....l.$.....%}.......@.T..h.$s`...+..u....iG4.@:#....Rl=...`...(!Q........{..|....pG.......{..6...FHXZ..$*...'.v.y.T..}.FZ...}.,.6{....K.U.*}...-T.....S(..fJ.s.J..%.@..6My.....M..{......465I4.0.d%.g..=..Cm.....4.q2.c......./%H.6.I

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\resources\wixWizardWatermark.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):16655
      Entropy (8bit):7.976352217526354
      Encrypted:false
      SSDEEP:
      MD5:252BD13CBD01EC33656258B2AD8B3C5F
      SHA1:02E815024161256206F3D4612519B650D399938D
      SHA-256:989C4C5675B769F520EB054ED7CEBE304247341E1B87674C220D9E9D2F87E36B
      SHA-512:55E869768FFF4CFB7559B25202261B5945FE3C59309F96A817AC8FE3A95451A9364428E8F82DE865255049D2B15626FCBED6553F9562CD4BF306317FAE942CE2
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......MPLTE......................................%............{............=,...]......................................V........b.....|..i...$....u.....9(....2$p.......8<.+.....~..Y^..........kq.......IN...ie......zw........../1.......m....I;..................t~..ZM8=A.PR&%'.##...JOT.........Y`fgow.....]...............?C...7..O..?}IDATx...K..Q.DQ.-R!.QTD..(....g.*}.......dg..A...VZ..'A$.....f.V...1...z...q.D).'......!S<.^.EK... y....?.N....3.hU.z.@.UUJ....*........a.f..={......I..S@..k..2.||../1...."...e.dX.*.U....k....'.....M.A4....u0g..e............K..-&#.2+L...9.CW2.....?H.D.o?0F....d4Qg.Pc....3..I..d.M..x...$.>..M('Y....C'Q.....+W.&;...$..g....@$.m.c.i......-I&y........qg.../k.K...U.*.s...D....;e...K.:.jB ../.+.....a.MZUwF5{`e.2.2..u._.......\.....Y..p1.3...A.d..g....NM.=W....../.Z2..$.J.L....j=|..n..\....&..2,...h.y...8.L.~.?8I.`....C9^>a._XP8.........J.....FF....D9r.V.A.y........d...][QH,j.}n..If..0wW...>| ~(.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\stubs\JavaApplicationStub64

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL>
      Category:dropped
      Size (bytes):14064
      Entropy (8bit):4.218793638292565
      Encrypted:false
      SSDEEP:
      MD5:754DD6D2D91B6BCE1AB7732A981C75AB
      SHA1:F63D23826D596ACECB391C3E87C29381CA5B33A2
      SHA-256:7DB1DEE4BAE28B922B122DAA17F3BACF52F81D1B454D148870FAA9DD7F4053CB
      SHA-512:DDC49F84F54E62266724A47E9D9DFB55AE3C222FAD524BD1B5235C733E87570490CFCFF0F950E855706251640F6291C8355EA0E58402D9251306857E0FE4FE05
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:....................`...............H...__PAGEZERO..............................................................__TEXT..........................................................__text..........__TEXT..........d.......I.......d...............................__symbol_stub1..__TEXT..................H.......................................__stub_helper...__TEXT..........................................................__cstring.......__TEXT..........................................................__eh_frame......__TEXT..........h...............h..................`....................__DATA..........................................................__data..........__DATA..........................................................__dyld..........__DATA.......... .......8....... ...............................__nl_symbol_ptr.__DATA..........X...............X...............................__la_symbol_ptr.__DATA..........`.......`.......`...............................__cfstring......__DATA..........

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\stubs\res\aijcl-res.dll

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):269824
      Entropy (8bit):4.81455952588303
      Encrypted:false
      SSDEEP:
      MD5:792D39A87D0A689FC31FDD25330CB286
      SHA1:11ED60BDAD2118362E10CE0D82C4AEC60787537C
      SHA-256:E113ADE2293D2734349BBD58550399A99FE95293C35A05EED9587AC514295F2F
      SHA-512:28DF465D85444C55A30031FB56FF4CEB48F293E4823C285FEFE1FB4ACFD02DCA3556E8E6D85B2D2B8579D80F698143944C43A6256661107D080B1BA91062E320
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......=.d.y...y...y......x...y..Z......x...Richy...........................PE..d...h+.\.........." .........................................................@............`.......................................................... ..H...............................p............................................................................rdata..$...........................@..@.rsrc...H.... ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\stubs\x64\aijclw.exe

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PE32+ executable (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):368640
      Entropy (8bit):6.15093177246459
      Encrypted:false
      SSDEEP:
      MD5:61FA75776AF2BCE08C52732B54ED80A4
      SHA1:A58250A890AA498F2A76B17CC0FAA4B7B30673CD
      SHA-256:AC8736D8F6ED66099403B19F85EB2F96EF423CBECB1742A1B093EE41C250A77B
      SHA-512:3A22C873FF08EEDF2F6A2F68B57D23461568E91454D31E0BDE2C60EDC4127F4C3CD68A31B43A457149CE667CB055B07069D98BCBA7BF20ED049AE75555574D04
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........j..........i......i.....i...........................................K......K......K......Rich...........................PE..d...g+.\.........."..................8.........@..........................................`..................................................T...................)......................p.......................(...........................xQ..@....................text...4........................... ..`.rdata..l...........................@..@.data...< ...p.......Z..............@....pdata...).......*...f..............@..@.rsrc...............................@..@.reloc..............................@..B................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\stubs\x86\ExternalUi.exe

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):2052096
      Entropy (8bit):6.324874382377776
      Encrypted:false
      SSDEEP:
      MD5:CFC524E6A8D47678ABD35F3B904196AA
      SHA1:C54791EF7454464F560900003D1A1DD792923F33
      SHA-256:637F10AC45D561D5F6E2C3E1A43BABB8930B75774009A54FEFFB32D9EC67D282
      SHA-512:59FB44B329EBA6102FA86C36A15B9626AE6B7EDCA5DD95ED82BDEA29FB0810C9FC940FE9FFB2D38D890F9836877A229C21636AB66C38875E77AAD3F5EDFDF68F
      Malicious:false
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......mf..)...)...).....u.'.....w.......v.4...{o..1...{o......{o..x... ...-... ...*... ...+...)........n.......n{.(...)...(....n..(...Rich)...........PE..L....+.\.........."..........r....................@.......................................@.................................`...(....................................v..p...................`w.......;..@...................\...`....................text...?........................... ..`.rdata..^...........................@..@.data....q.......T..................@....rsrc................>..............@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\templates\file-update-test.msi

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Code page: 1252, Last Printed: Fri Dec 11 11:47:44 2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Name of Creating Application: Windows Installer, Title: Installation Database, Subject: MSI for sandbox testing file updates, Author: Caphyon, Keywords: Installer, MSI, Database, Template: ;1033, Last Saved By: Ciprian Burca, Revision Number: {F02FAAA2-A115-4256-8A34-700EBBCA224D}, Last Saved Time/Date: Wed May 23 09:22:29 2012, Number of Pages: 200, Number of Words: 0, Security: 0
      Category:dropped
      Size (bytes):114176
      Entropy (8bit):6.551462055802497
      Encrypted:false
      SSDEEP:
      MD5:728453C1C78CD4BA60EDC55D8A65BC22
      SHA1:645E622D37798E7E3C0B396CDD368D3DE5F63AB1
      SHA-256:9A531029DD0C8ABD74EB03D94E2B099DD537B697F5F6335AC9BCB8A1766918A1
      SHA-512:10E628DE036FBC2FA5CABE4E787B50DB4B410EF490527014D34AC52242B080243A85D083A9BF94217F4BD3AAC087DDE51DEBEFBA6A1BFDF5CCF32DCD96AAB28A
      Malicious:false
      Reputation:low
      Preview:......................>.......................................................s...........................................................................................................................................................................................................................................................................................................................................................................................................................................................q.......c....................................................................................................... ...!..."...#...$...%...&...'...(...)...*...+...,...-......./...0...1...2...3...4...5...6...7...8...9...:...;...<...=...>...?...@...A...B...C...D...E...F...G...H...I...J...K...L...M...N...O...P...Q...R...S...T...U...V...W...X...Y...Z...[...\...]...^..._...`...a...b.......d...e...f...g...h...i...j...k...l...m...n...o...p...r...............u...v...w...x...y...z...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\templates\search-test.msi

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Code page: 1252, Last Printed: Wed Oct 18 11:30:38 2006, Create Time/Date: Wed Oct 18 11:30:38 2006, Name of Creating Application: Windows Installer, Title: Installation Database, Subject: MSI for testing the result of searches, Author: Caphyon, Keywords: Installer, MSI, Database, Template: ;1033, Last Saved By: Dorel Pislan, Revision Number: {4B4F45A3-0381-4283-B2DB-07CB0044A0B1}, Last Saved Time/Date: Tue Oct 18 09:51:55 2011, Number of Pages: 200, Number of Words: 2, Security: 0
      Category:dropped
      Size (bytes):16896
      Entropy (8bit):5.778910101821488
      Encrypted:false
      SSDEEP:
      MD5:56FDFCBBD2D821187921619983E2049B
      SHA1:E370BAC6890C7AF251F3AA1413FD2A6EC48DC5AB
      SHA-256:5968C8218B98FC24B268D3FC9DA41258ACAE136823BE6B52C0767A01065722D0
      SHA-512:B59F9B316B9BB456E98A905F7E54B4DF60EFC087D4FA642A138724FA7A13A0B8FA6A100224C0D9ECDCF273B09B2FD27114E8CBDE7CC89E9C9B35D8AC2A570AFB
      Malicious:false
      Reputation:low
      Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\templates\template-msm.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):362
      Entropy (8bit):5.229373164847667
      Encrypted:false
      SSDEEP:
      MD5:A8E822EBA8443DC6F12DE419BBBF231D
      SHA1:3D2004C9C94B435877250C5D582F226E0CDBF8E9
      SHA-256:A036CD8C89ADE8C5D9E270BC5D1002DE711BC827572C890EB53256794505D48B
      SHA-512:58D8A69F3C9F7315BCDBCE73F4396527E5529F11C152EAA25D7ABB0104B83EAA6431D1410A26DB2364C097523DBDC61E96DE34EC26C0924961FB7DE9B97DE5F6
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DOCUMENT type="Advanced Installer" modules="msm" RootPath=".">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiDirsComponent">.. <ROW Directory="APPDIR" Directory_Parent="TARGETDIR" DefaultDir="." IsPseudoRoot="1"/>.. <ROW Directory="TARGETDIR" DefaultDir="SourceDir"/>.. </COMPONENT>..</DOCUMENT>..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\templates\template-update.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):258
      Entropy (8bit):5.205446036144553
      Encrypted:false
      SSDEEP:
      MD5:B058E4E7351DF1436599C8CB62FA1646
      SHA1:DF06D75F3E6782EC50EB4FC3EFABC8E7B215051D
      SHA-256:A0385AED845E956B28B247EB59D187143172AF728AAD8A803B698C984A1632BE
      SHA-512:38E53E465D4212CCFF44FCD3D1B19C7E7FB39226D82391E63E9C273092D8C6641E34D82523AB016E81226599212C0EC5AA5983EAD3005776E2D1A7BC0785891E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DOCUMENT type="Advanced Installer" RootPath=".">.. <COMPONENT cid="caphyon.advinst.msicomp.UpdaterEditorComponent">.. <ATTRIBUTE name="OutputFileName" value=".txt"/>.. </COMPONENT>..</DOCUMENT>..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\templates\template-vsix.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):957
      Entropy (8bit):5.2511647163937845
      Encrypted:false
      SSDEEP:
      MD5:73B0893DF260AD1DA1B15A241EFC04DF
      SHA1:A084504961C8BDB37109952479DE526B2E227202
      SHA-256:36FA268F1EC6EA3E1C7882C6619D2CD7A73012DD552370653992862C241FD997
      SHA-512:295021191F3949468DFBA79F65DA57466C349BD3501B7A3408D40667B6F856461D0D047BED6A06E606B6255641B0E93C86A459644A06CF2D7EC9F3B2CDC0984C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DOCUMENT type="Advanced Installer" RootPath=".">.. <COMPONENT cid="caphyon.advinst.msicomp.GenericPropertyComponent">.. <ROW Name="Author" Value="Your Company"/>.. <ROW Name="Version" Value="1.0.0"/>.. <ROW Name="VsixLanguage" Value="en-US"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.VsixSupportedProductComponent">.. <ROW Name="Pro" Version="11.0" MaxVersion="16.0" Type="0"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.VsixReferencesComponent">.. <ROW Id="Microsoft.Framework.NDP" Name="Microsoft .NET Framework" MinVersion="4.5" Flags="2" />.. <ROW Id="Microsoft.VisualStudio.Component.CoreEditor" Name="Visual Studio core editor" MinVersion="15.0" MaxVersion="16" Type="1" />.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.VsixContentComponent">.. <ATTRIBUTE name="OutputFileName" value=".vsix"/>.. </COMPONENT>..</DOCUMENT>..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\templates\template-wince.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):603
      Entropy (8bit):5.28017750364972
      Encrypted:false
      SSDEEP:
      MD5:B01FCB8A853839D4A7647DE280358B35
      SHA1:C7D6146E5D85B698F9C0BD0B82FF89677E82B188
      SHA-256:E37E21535DED58E41572F634A205EFFB3395E2507D73E207B01CB8EFCCA908E6
      SHA-512:FB7EDEA9A2BD23042310244B5DBF71484E30D05BC0AF08B380AAF1D4510477908323FD69D13AF27A8110055E762F2DEE9D530FA50A5BA4361E74251A933AD0BC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DOCUMENT Type="Advanced Installer" RootPath=".">.. <COMPONENT cid="caphyon.advinst.msicomp.WinCECfgComponent">.. <ROW ID="Default" Name="Default" Order="1" PlatformList="DevTypeNone" Options="14"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.WinCEStringComponent">.. <ROW ID="1" Value="%InstallDir%"/>.. <ATTRIBUTE name="ProductName" value="Your Application"/>.. <ATTRIBUTE name="CompanyName" value="Your Company"/>.. <ATTRIBUTE name="InstallDir" value="%CE1%\%Provider%\%AppName%"/>.. </COMPONENT>..</DOCUMENT>..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\templates\template.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2946
      Entropy (8bit):5.439204327447027
      Encrypted:false
      SSDEEP:
      MD5:3ED781480BA5D9F344D08B234EBC3815
      SHA1:876994D6C9C9ED9377D63E6DA5D1C4D1A3044BDA
      SHA-256:279C297A81BC3C3A1CF951C68572350472699E3AD7E6F93D0A1DBF9AE166A7CA
      SHA-512:E003855A0F256CF964B25710B977683F5F11166C376D8091916155890AB8A1AC80AB7FF58BEBF9EC129E5BF7574F089D2E1F5AA6FA46CEA98FD8D6318371E8AA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DOCUMENT Type="Advanced Installer" RootPath=".">.. <COMPONENT cid="caphyon.advinst.msicomp.ProjectOptionsComponent">.. <ROW Name="HiddenItems" Value="AppXProductDetailsComponent;AppXDependenciesComponent;AppXAppDetailsComponent;AppXVisualAssetsComponent;AppXCapabilitiesComponent;AppXAppDeclarationsComponent;AppXUriRulesComponent"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ProductVersion" Value="1.0.0"/>.. <ROW Property="ProductLanguage" Value="1033"/>.. <ROW Property="ALLUSERS" Value="1"/>.. <ROW Property="SecureCustomProperties" Value="OLDPRODUCTS;AI_NEWERPRODUCTFOUND"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiDirsComponent">.. <ROW Directory="APPDIR" Directory_Parent="TARGETDIR" DefaultDir="APPDIR:." IsPseudoRoot="1"/>.. <ROW Directory="TARGETDIR" DefaultDir="SourceDir"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\templates\template.msm

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.0, MSI Installer, Code page: 1252, Last Printed: Wed Mar 15 16:40:49 2006, Create Time/Date: Wed Mar 15 16:40:49 2006, Name of Creating Application: Windows Installer, Title: Installation Database, Keywords: MergeModule, MSI, database, Template: Intel;1033, Last Saved By: Ciprian Burca, Revision Number: {F02FAAA2-A115-4256-8A34-700EBBCA224D}, Last Saved Time/Date: Fri Mar 19 09:19:44 2010, Number of Pages: 200, Number of Words: 0, Security: 0
      Category:dropped
      Size (bytes):20992
      Entropy (8bit):4.907398175176008
      Encrypted:false
      SSDEEP:
      MD5:FF247DD836AA5ED67E974DA8F8927691
      SHA1:61B55449325AE2049182569B174C6644B936369B
      SHA-256:E9C7FA36C8A2C75EC9DA78D3019A6C37329B0BE9F8C714B66159DCB8E2C0FE43
      SHA-512:E9637F8295C156297BA0496674472341DFA6FF9D12E8EFC40626EA00C6FB72A947182796BC34C0135E9380E84EC5FBE64044BE4E392F19B2AA2F4C753C17F709
      Malicious:false
      Reputation:low
      Preview:......................>...................................&...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\azure\fragments\FileAssociationsDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1820
      Entropy (8bit):5.2593284025308105
      Encrypted:false
      SSDEEP:
      MD5:05FB6A02D4D6229CD1CAB051B6AB0417
      SHA1:9BEB91286D1D28A68D4C0647266663265D63F454
      SHA-256:B11E45741BB8E459564EE3EF73A0B4C0CB8F1649221B0C5A179A91DB52ABC52B
      SHA-512:EDA7855E460246955A18542DB2790B8B580586B6F88A43C8FC5D1D6B3C5E7D743029AF57F46C2BF9A0880B6F9E8E253B2FEB5E40373DF5B585334BCC8BB7B1FE
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FileAssociationsDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Back" Type="PushButton" X="320" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Title" Type="Text" X="33" Y="23" Width="200" Heig

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\azure\fragments\PrerequisitesDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2415
      Entropy (8bit):5.290207738819624
      Encrypted:false
      SSDEEP:
      MD5:76AF2EAE0C2BACA11A2322D222797E27
      SHA1:B81072ED358F9B2C317A471EAF7830BE9D45E60A
      SHA-256:A8A12EE2CBC0DCC11736390AB96E9AA054EA324C8BCDA337570A68D962683EE5
      SHA-512:121AC90D43B3892FC982E6D6084A83C02FE9316C33CEEEA5A1D40F1C8ED770FB0C6C12E5F521153E2DA4205FA941C0A7985133EB732A432237F5414FAC22772F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="prereqlogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\PrerequisitesLogo.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="PrereqLogoIcon" Value="prereqlogoicon" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="PrerequisitesDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Ca

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\azure\fragments\SetupTypeDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (364), with CRLF line terminators
      Category:dropped
      Size (bytes):7789
      Entropy (8bit):5.267734992622189
      Encrypted:false
      SSDEEP:
      MD5:B1E7AB777C9902D0D3F51C68D2A63E81
      SHA1:C831C736E4790ECD5E2339CADA2D8A7ADECC444A
      SHA-256:45D6656E9B0C4F3DA34316AA200E9BDDD486C2344ADB2EB54087F3C7C634E871
      SHA-512:7CD50677E83965B679A096618DEEE399D24DAAC07A8271DA6AA3E2D3187CB86F3A91DCB09B4FF5B208F5A62991BFE3BCAB5A80BCA4D699DC2603682F0D2092C0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SetupTypeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="SetupTypeDlg" Control="Next" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="0" Text="[ButtonText_Next]" Order="200" TextLocId="-"/>.. <ROW Dialog_="SetupTypeDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="SetupTypeDlg" Control="CustomText" Type="Text" X="110" Y="188" Width="230" Height="30" Attributes="65538" Order="400" TextLocId="Control.Text.SetupTypeDlg#CustomText"/>.. <ROW Dialog_="SetupTypeDlg" Control="CompleteText" Type="Text" X="110" Y="249" Width="230" Height="20" Attributes="65538" Order="500"

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\azure\fragments\ShortcutsDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4535
      Entropy (8bit):5.377601616818688
      Encrypted:false
      SSDEEP:
      MD5:EDA9E1DA635B9F05CEA67544295F632A
      SHA1:5DBF2A8AADDAE775BAFB85F70A28D8102AFEBE9E
      SHA-256:566BD3DF640A77A835966EFDE8A041E67368187E419F21BADB3D7341E2862487
      SHA-512:226AAE6187D537DFC5E7758AF998730C285BAF8A38EFEF67B6FE01D4FA747CA09FFBAAB05DF2BFF3AD7A63496FF9CE53226C411A8B409327D719759BB190F616
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="shortcutlogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\ShortcutLogo.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ShortcutLogoIcon" Value="shortcutlogoicon" Type="1"/>.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTMENU_SH" Value="1" Type="4"/>.. <ROW Property="AI_DESKTOP_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTUP_SH" Value="1" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCheckBoxComponent">.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1"/>.. <ROW Property="AI_STARTMENU_SH" Value="1"/>.. <ROW Property="AI_DESKTOP_SH" Value="1"/>.. <ROW Property="AI_STARTUP_SH" Value="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCon

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\azure\fragments\StartMenuShortcutsDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3679
      Entropy (8bit):5.303218811960221
      Encrypted:false
      SSDEEP:
      MD5:36A94C37D41BF0361911894909B649D9
      SHA1:C9CD16C4E3FBEB9719B6B7AF60C0A06EA34E5723
      SHA-256:71A4EC7E5D0CCC7EE54F41397E8F9AEC0C7FD18F78D8E046D494FE839B32175A
      SHA-512:7FBFED5D7DF3941E75045BA2B30E35948022153D5AD87DBC80B0FB37930FCD311443BEE4A74941278CC2BF52A6E4823246208271FA1A339CF4AA0E4C1DBAA032
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiComboBoxComponent">.. <ROW Property="AI_SH_DIR" Order="1" Value="[ProductName]" Text="[ProductName]"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="StartMenuShortcutsDlg" Control="ShDirDialogInit" Type="DialogInitializer" X="0" Y="0" Width="0" Height="0" Attributes="0" Order="-1"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonTex

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\azure\fragments\TomcatServerDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3901
      Entropy (8bit):5.319791522443766
      Encrypted:false
      SSDEEP:
      MD5:B6EDCD808A62743C45BBFD6DD3535798
      SHA1:7C559583D5288D361FB05F813918B63C027C317F
      SHA-256:74ED44ED2ADA500CF4248275F2E9D2F36038ABB1210749D9FBA481245DFC0588
      SHA-512:819BF35763784FE914C3C9CF813D159BA389541A6ED8CC7E7E152B19A246B100477CEEB1CA47EFA60615039880AB4E659AA6CB01882B4C0DE316553F482F4AE5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="tomcatlogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\TomcatLogo.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="TomcatLogoIcon" Value="tomcatlogoicon" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TomcatServerDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="TomcatServerDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TomcatServerDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Ord

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\azure\fragments\UpgradeDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3897
      Entropy (8bit):5.357783898852521
      Encrypted:false
      SSDEEP:
      MD5:BC13368BE67E4D19E7B5C95A33A6FF6A
      SHA1:3523537E9FADF00280C06543A7DCB4DC8D70D6C6
      SHA-256:19A338F53A9A85D94CE066A2E45DADCD2D860122054FDE60ACD48B36AB9C1E1D
      SHA-512:C9D6B89517F2731348AED1584BDD8CBFA60C895DE867E08CBB74B8329F7733CBBDE3B6CEF794A3358C11CC4360E1919E607A7CBC010D55D61A3F81EE55B0A1A3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="upgradelogoicon" SourcePath="&lt;AI_RES_COLOR&gt;UpgradeLogo.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_Upgrade_Question_Yes" ValueLocId="Property.AI_Upgrade_Question_Yes" Type="4"/>.. <ROW Property="AI_Upgrade_Question_No" ValueLocId="Property.AI_Upgrade_Question_No" Type="4"/>.. <ROW Property="AI_Upgrade_Replace_Question_Yes" ValueLocId="Property.AI_Upgrade_Replace_Question_Yes" Type="4"/>.. <ROW Property="AI_Upgrade_Replace_Question_No" ValueLocId="Property.AI_Upgrade_Replace_Question_No" Type="4"/>.. <ROW Property="UpgradeLogoIcon" Value="upgradelogoicon" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlConditionComponent">.. <ROW Dialog_="UpgradeDlg" Control_="Question" Action="Hide" Condition="A

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\fragments\ClientServerDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5452
      Entropy (8bit):5.230039717375
      Encrypted:false
      SSDEEP:
      MD5:4296603775367F17260AC6FAB1342589
      SHA1:9F7D4DDECCF36F6062679DF9BD9C5B561413C924
      SHA-256:07A27A119B7AE4984C47D16B25EF6F2D985928338B784940F85DDBCCE3E8F570
      SHA-512:46B75447F2E13E17CE5987832EFC923810B55ACA3D54DBAE5F5F85E03F907A975439681BF408E846548F1057ABC25E287E6CF2E9725451F5C95C29210025473D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="clientic" SourcePath="&lt;AI_THEMES&gt;classic\resources\clientic.ico"/>.. <ROW Name="serveric" SourcePath="&lt;AI_THEMES&gt;classic\resources\serveric.ico"/>.. <ROW Name="clientserveric" SourcePath="&lt;AI_THEMES&gt;classic\resources\client-serveric.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ClientIcon" Value="clientic" Type="1"/>.. <ROW Property="ServerIcon" Value="serveric" Type="1"/>.. <ROW Property="ClientServerIcon" Value="clientserveric" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ClientServerDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="1" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\fragments\InstallTypeDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3659
      Entropy (8bit):5.287961086930949
      Encrypted:false
      SSDEEP:
      MD5:90EC9DF50F1199B10631808B24ED09E2
      SHA1:B73A5C1212C4F5D548A340618F61242A48B71BFD
      SHA-256:1850ED513150C4C333CB8FB8B6E752EB3C7397A81F6CA620AA77A539EAB3A489
      SHA-512:7BBE3483EBD3A1EFAA30D2F8DB6FB627ABC49916387746DF05676ECAFF47909012023F57640A0143FC5B59A8D20E4581E9BE060112F37A422ECAB5396238E463
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_InstallPerUser" Value="1" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="InstallTypeDlg" Control="TemplateDlgDialogInitializer" Type="DialogInitializer" X="0" Y="0" Width="0" Height="0" Attributes="0" Order="-1"/>.. <ROW Dialog_="InstallTypeDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="InstallTypeDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="InstallTypeDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="300" T

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\fragments\LogonInformationDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3598
      Entropy (8bit):5.22990947855681
      Encrypted:false
      SSDEEP:
      MD5:99FA7CA68D14258D5A6AA39F6C3352C4
      SHA1:870C8D8CD85D01782E346C32AF02063BD5DE3CAC
      SHA-256:483E9259602936382B688099D8768707D3368902CA68FEBA82D87EC793525A05
      SHA-512:E89B3E0B14DA3A5AF6091567249047D5B828F8C7E5E64F5AF8030740F640E30F9B183790E536DCB3FD96FD68DF22A0F38CF9625ECCEBB2359FB74CD1B5CC4D37
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LogonInformationDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="LogonInformationDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="LogonInformationDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="LogonInformationDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="400"/>.. <ROW Dialog_="LogonInformationDlg" Control="BannerLine" Type="Line" X

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\fragments\PrerequisitesDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (312), with CRLF line terminators
      Category:dropped
      Size (bytes):2601
      Entropy (8bit):5.25449417468173
      Encrypted:false
      SSDEEP:
      MD5:F8AC80CBD327B03743412FEC658EF11B
      SHA1:1607222776564E803519E187107EC8EE393F31D0
      SHA-256:8092F16028EEBE408DC16A45E9F703E1D1BA1B6A59D41B564894F89D7BA1CD27
      SHA-512:3C393B5199830BE4D4D04DD7D5291F328D8EC6173A954C87FD1689C0529B4312D9BB669D8C65717557DD128F8C0071D1B18A5064E8DAF5E2D4BA0A2DCF1197A0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="PrerequisitesDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="PrerequisitesDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="400"/>.. <ROW Dialog_="PrerequisitesDlg" Control="BannerLine" Type="Line" X="0" Y="44" Wid

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\fragments\ReadmeDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2357
      Entropy (8bit):5.233073507907521
      Encrypted:false
      SSDEEP:
      MD5:7658FFDFE18A9486887F593430110225
      SHA1:8EF57AF6CF241446F08097B3B406AB7C412AF249
      SHA-256:4CE5C01D114C032DAE57FA323A0CA6B2D8F61F99E27B2BF4BF9DEF895295024A
      SHA-512:B085678DBFAEC21381C6379B6937153E0C2CCB54C1F5468EEB573A3AD84563CA5A4E2BF04891F91722C577369492D32C958CF0285FF43D71A3673D0ED4B0D5D4
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ReadmeDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="ReadmeDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="ReadmeDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="300"/>.. <ROW Dialog_="ReadmeDlg" Control="ReadmeText" Type="ScrollableText" X="20" Y="60" Width="330" Height="150" Attributes="7" Order="400" TextLocId="Control.Text.ReadmeDlg#ReadmeText"/>.. <ROW Dialog_="ReadmeDlg" Control="BottomLine" Type="Line" X="5" Y="234" Width="368" Height="0" Attributes="1" Order="

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\fragments\SQLConnectionDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4814
      Entropy (8bit):5.25205105497923
      Encrypted:false
      SSDEEP:
      MD5:4D5F3E0B2576F72C2BEC4B8D23464979
      SHA1:B9E3E27521F475E1E414CA85E532DFB06BD0314F
      SHA-256:AC8C8126F2915504C1ED409C5768156FCF1053370707C4A91ED5A9D30AA8FEFD
      SHA-512:F9EBF21072B5FA0FD4338FF988DAF66329D165F7B29149022812734C2F0D9E8245704E70BDF237F3C7711BC77271D6916EC3264363080DBCE08FCBB177E80C10
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SQLConnectionDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="100"/>.. <ROW Dialog_="SQLConnectionDlg" Control="Title" Type="Text" X="15" Y="6" Width="200" Height="15" Attributes="196611" TextStyle="[DlgTitleFont]" Order="200" TextLocId="Control.Text.SQLConnectionDlg#Title"/>.. <ROW Dialog_="SQLConnectionDlg" Control="Description" Type="Text" X="25" Y="23" Width="280" Height="15" Attributes="196611" Order="300" TextLocId="Control.Text.SQLConnectionDlg#Description"/>.. <ROW Dialog_="SQLConnectionDlg" Control="BannerLine" Type="Line" X="0" Y="44" Width="372" Height="0" Attributes="1" Order="400"/>.. <ROW Dialog_="SQLConnectionDlg" Control="OdbcResourceEdit" Type="Edit" X="91" Y="57" Width="253" Height="18"

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\fragments\SequenceDialogs.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):914
      Entropy (8bit):5.22569277351555
      Encrypted:false
      SSDEEP:
      MD5:8BEB9FE4D7C01473E7C15601FAF75418
      SHA1:6028BD0F8D78073EE4D2317E10C8C3F8BACB1A11
      SHA-256:FC57205DAE82F23BB552474018C8A75A6FDC564327A8EF02838A8D8B4FC1B9EB
      SHA-512:4D1E53AB9BE171A0FA18BBA52C34358D0267CDCDC248FDAA20665AE76A13F13C910C04ED3E7ED739BABA05CA1316C152283028950249B9CC85DFAC36AAED8110
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT type="ReadOnly" RootPath=".">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiInstallUISequenceComponent">.. <ROW Action="ExitDialog" Condition="NOT AiSkipExitDlg OR NOT AI_INSTALL" Sequence="-1" SeqType="3"/>.. <ROW Action="FatalError" Sequence="-3" SeqType="3"/>.. <ROW Action="MaintenanceWelcomeDlg" Condition="AI_MAINT" Sequence="1250" SeqType="3"/>.. <ROW Action="PatchWelcomeDlg" Condition="AI_PATCH" Sequence="1260" SeqType="3"/>.. <ROW Action="PrepareDlg" Sequence="75" SeqType="3"/>.. <ROW Action="ProgressDlg" Sequence="1280" SeqType="3"/>.. <ROW Action="ResumeDlg" Sequence="1240" Condition="AI_RESUME" SeqType="3"/>.. <ROW Action="UserExit" Condition="NOT AiSkipUserExit" Sequence="-2" SeqType="3"/>.. <ROW Action="WelcomeDlg" Condition="AI_INSTALL" Sequence="1230" SeqType="3"/>.. </COMPONENT>..</FRAGMENT>..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\fragments\SetupTypeDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5290
      Entropy (8bit):5.219987373074262
      Encrypted:false
      SSDEEP:
      MD5:BEAF47D8E8772F9489F806B53A70D0CE
      SHA1:51EA9B3FD9647C61B5B8E700D76E5C53CB4B13E2
      SHA-256:87E48E0165C1A623CAC849B235371F3D29DE67AD5C77A8882501696E94ADB2F2
      SHA-512:175CA3820D491E5BBBC3CB9D8DD1EA345475BF12EC436CDD9C4D5C89285F1CF3D2DC6CB406A873281E1E2075D287CD3FB7CE0E13A36655803BE7257116C36FEB
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SetupTypeDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="1" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="SetupTypeDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="SetupTypeDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="300"/>.. <ROW Dialog_="SetupTypeDlg" Control="CustomText" Type="Text" X="105" Y="131" Width="230" Height="30" Attributes="3" Order="400" TextLocId="Control.Text.SetupTypeDlg#CustomText"/>.. <ROW Dialog_="SetupTypeDlg" Control="CompleteText" Type="Text" X="105" Y="184" Width="230" Height="20" Attribut

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\fragments\ShortcutsDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4749
      Entropy (8bit):5.354425164628563
      Encrypted:false
      SSDEEP:
      MD5:AF21638D791C723B6877CD2943D615DD
      SHA1:582195573F94E6B944A99D0CC11AF6F03E942F92
      SHA-256:BB334AE6C0DEDC5631962C065F74A8E0E69A93F4DDE46B02639E302C89F1DC4F
      SHA-512:1DB15B9B7D537B5787A5AC61EA613623DF2BA6544BCEAFC079B84D081ABE030DAAAF543A5CD3353CBA9A3F957AA15F8FA46592038E2205E6AE9B740CFF3E8668
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTMENU_SH" Value="1" Type="4"/>.. <ROW Property="AI_DESKTOP_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTUP_SH" Value="1" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCheckBoxComponent">.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1"/>.. <ROW Property="AI_STARTMENU_SH" Value="1"/>.. <ROW Property="AI_DESKTOP_SH" Value="1"/>.. <ROW Property="AI_STARTUP_SH" Value="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ShortcutsDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="ShortcutsDlg" Control="Cancel" Type

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\fragments\TemplateSeqDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1930
      Entropy (8bit):5.286479850200119
      Encrypted:false
      SSDEEP:
      MD5:27121E61A94B62EE6F568115AB05F5CD
      SHA1:A64CE324082883E8D0AD4B9D3298295A55EA21FD
      SHA-256:B40861625D08B2CCDE8ADFD414C3D7F5A7740408BAC061A88880942BF957A7F9
      SHA-512:AF3E803A662EE0C47572D78586254AC957FA89DA117A46D79438A405BCAE9D7432ED38888D96B548BA5D77BC48935AE0895AF34ED937D11CDEE0C4D3E952A78A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateSeqDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="234" Attributes="1048577" Text="[DialogBitmap]" Order="300"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Title" Type="Text" X="135" Y="20" Width="220" Height="60" Attributes

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\fragments\TemplateSpawnDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1454
      Entropy (8bit):5.305905523862256
      Encrypted:false
      SSDEEP:
      MD5:27BD32E84DF082CB59B8AD06ADD7CCDA
      SHA1:39A2501EB408462123A93C5D135D89D29217A307
      SHA-256:589502B35025217340A77D7F7D3594C2B7DB43D031616018F36BF90D7776656A
      SHA-512:8E530A518321B07CB9CF3E8CB4B8E45CB58952E89592E564731B2F5ADFB03F5024A79C673DBDF68DCB7C99D53372F269CB886AA61845CC3A0237901A1F159D38
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateSpawnDlg" Control="Yes" Type="PushButton" X="72" Y="57" Width="56" Height="17" Attributes="3" Text="[ButtonText_Yes]" Order="100" TextLocId="-"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="Icon" Type="Icon" X="15" Y="15" Width="24" Height="24" Attributes="5242881" Text="[InfoIcon]" Order="200"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="Text" Type="Text" X="48" Y="15" Width="194" Height="30" Attributes="3" Order="300" TextLocId="Control.Text.TemplateSpawnDlg#Text"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="No" Type="PushButton" X="132" Y="57" Width="56" Height="17" Attributes="3" Text="[ButtonText_No]" Order="400" TextLocId="-"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlEventComponent">.. <ROW Dialog_="TemplateSpawnDlg" Control_="No" Event="EndDialog" Argum

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\Up.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 1 icon, 16x16, 16 colors
      Category:dropped
      Size (bytes):318
      Entropy (8bit):2.0369361465218003
      Encrypted:false
      SSDEEP:
      MD5:83730AC00391FB0F02F56FE2E4207A10
      SHA1:139FED8F0216132450E66BDA0FBBDC2A5BD333AF
      SHA-256:573E3260EED63604F24F6F10CE5294E25E22FDA9E5BFD9010134DE6E684BAB98
      SHA-512:E3DBE1956BB743FD68319517D1D993DDA316C12BBBBBBD6F582ECDD60C4FDE24CC4814C7AB36ED571F720349931EAC10B03E9C911BA0F4309B10604B2C56C6A9
      Malicious:false
      Reputation:low
      Preview:..............(.......(....... ...............................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\clientic.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 3 icons, 32x32, 16 colors, 4 bits/pixel, 32x32, 8 bits/pixel
      Category:dropped
      Size (bytes):7278
      Entropy (8bit):5.356061172000735
      Encrypted:false
      SSDEEP:
      MD5:AA91A2A9BC572399CC539116007A7760
      SHA1:5DFD7ED8F40A2CA20268DED7EEBE4D967565B184
      SHA-256:C0DC39679A485FDF8F589C7B09E7FF3C031C16995D4EABE096A30D560AA518B5
      SHA-512:705AC7ADD8759C0AAD07958FEBA647F3C3492F50EB5B9723BBB51DE6ABB223D1ACDE7229590E49F311A2D851A04523641BDE7BC6FF75D68BBFC846BF92A9C659
      Malicious:false
      Reputation:low
      Preview:...... ..........6... .............. .... .........(... ...@.................................................................................................wwwwwwwwwwww.........wwx.............x.x.............p.x.............p.x.............p.x............wx.w......pDDDDDDDDDDDDDD..ffffffffffffff`.ffffffffffffff`.ffffffffffffff`.ffffffffffffff`.ffffffffffffff`.ffffffffffffff`..vffffffffffff`....fffffffffff`.w...ffffffffff`.wx...vffffffff`.wwx...vfffffff`.www....vffffff`.wwww....ffffff`.gwwww....fffff`.fgwwwx....ffff`.ffwwwwx...vfff`.fffwwwwx...vff`.ffffwwwwwxx.ff`.ffffgwwwwwwx.f`.fffffgwwwwwwxv`.fffffffffffgwwpp............................................................................................................................................................................(... ...@...................................""".$##.&%%.(''.+( .(('.*)).,,+..--.00/.211.433.443.655.877.887.;7>.:99.<;;.?>>.G:..H;..H<..H;..H:!.H9$.v]..^O*.{^4.|^4.{d+.{e-.|g1.~a4.}h2.}i6..k:..l<.BBC.FE

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\completi.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 2 icons, 32x32, 16 colors, 32x32
      Category:dropped
      Size (bytes):2998
      Entropy (8bit):4.359062242965858
      Encrypted:false
      SSDEEP:
      MD5:45B0E074F96A859ADAE198187AB9FA11
      SHA1:AB89AD71FC239D10C71476E42CDB66B080D75BED
      SHA-256:050282E679AC80F6A357FFF92F1E7A95D30A06B35247E25CBFD2DD8CEEE1A412
      SHA-512:5B0A2ABAED2E285E8F0D25148C03A05F090FF8FB69D9A178DA21B779427ED138AB16876163500D266123B036C23F3AC56DCDE8D4D103B37102B4FC46A2B04520
      Malicious:false
      Reputation:low
      Preview:...... ..........&... ..............(... ...@.....................................................................................................................................w................{..................p..........x.{.wp............{.w..........xxx...................w.........w~...xx.........~......www......z..xx...w..............w..........p...........................w......p.........wwwwwx...............x.........DDDDDOx..........vfl.Ox..........wff.Ox...........vflOx...........wffOx............vfOx.........~..wfOx.........w...vOx.........w~..wOx.........DDDDDOx...............x.......................................................?.........................................................................................................................(... ...@..................................................................................k...H...%............z...b...Js..2P.............k...Hs..%W...U...I...=...1...%s...P.............kk..HH..%%....................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\custicon.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 2 icons, 32x32, 16 colors, 32x32
      Category:dropped
      Size (bytes):2998
      Entropy (8bit):4.298568796986908
      Encrypted:false
      SSDEEP:
      MD5:3EAEBDADE778394F06B29659C9C01ED7
      SHA1:3E2A80761C8A44E509C4E06D275BFB25E704DDB0
      SHA-256:719E644C31D0CC6B891F6A1253655DFBA39A3B78E06D24817BE1D8492B172B48
      SHA-512:14628B5C737045B9916AF5F3ECC9343EF6349C9988F45D1E93846CD79FD38A20F9E7922EC2E6A846CCF14F02AAC84E518279548E8BC9B29AAA3EE553D7A74F59
      Malicious:false
      Reputation:low
      Preview:...... ..........&... ..............(... ...@.....................................................................................................................................w................{..................p..........x.{.wp............{.w..........xxx...................w.........w~...xx.........~......www......z..xx...w..............w..........p...........................w......p.........wwwwwx...............x.........DDDDDOx..........vfl.Ox..........wff.Ox...........vflOx...........wffOx............vfOx.........~..wfOx.........w...vOx.........w~..wOx.........DDDDDOx...............x.......................................................?.........................................................................................................................(... ...@..................................................................................k...H...%............z...b...Js..2P.............k...Hs..%W...U...I...=...1...%s...P.............kk..HH..%%....................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\info.ico

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 2 icons, 32x32, 16 colors, 16x16, 16 colors
      Category:dropped
      Size (bytes):1078
      Entropy (8bit):2.8642269548572474
      Encrypted:false
      SSDEEP:
      MD5:554FF4C199562515D758C9ABFF5C2943
      SHA1:9E3BAB3A975E638EAD9E03731AE82FA1DBCD178C
      SHA-256:9AE4A96BF2A349667E844ACC1E2AC4F89361A6182268438F4D063DF3A6FC47BC
      SHA-512:E302EDF3DAB3A0E9EEB5AFA34E4910EE177099C017B42F86847CF972143C87E8C40BC47689A3C8845051EAB98258A392CCAF331F414C271A1B6B751F503CE221
      Malicious:false
      Reputation:low
      Preview:...... ..........&...........(.......(... ...@.........................................................................................................p..............wp...............p...............p...............p...............p..........ww...ww........wp....www..............wwp..............ww...............wp..............ww...............wp..............wp...............w...............wx..............w...............w...............w...............w...............w...............px..............p............................................................................................p......w.......w........wx....w...........wwwp.....................................?...............................................................................?................(....... .............................................................................................................................p.......w..x.....p.......p.......w.................................................w

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\classic\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PC bitmap, Windows 3.x format, 500 x 59 x 8, 1 compression, image size 2298, resolution 3779 x 3779 px/m, 5 important colors, cbSize 2372, bits offset 74
      Category:dropped
      Size (bytes):2372
      Entropy (8bit):2.6114732592489567
      Encrypted:false
      SSDEEP:
      MD5:DAF14D3480C7AA73A53415FF483B10A1
      SHA1:DB240A22410AC7536F5C833CA98322CCA4180C3D
      SHA-256:0D2715E6689EA0CCCC6CDFAD328DAB66F61DF466FBBAF043CEF2D05F9AD420C4
      SHA-512:7741A04025317179EAF14F7843F313F0E8922FD219C1D45DB91E65E58229A1C948FB12120806507162D064B03DD4A45A8380210545A8A61910E622F0B3C736C7
      Malicious:false
      Reputation:low
      Preview:BMD.......J...(.......;............................................................................................1...........................................................1...........................................................1..............................................................-..............1..............................................................-..............1..............................................................-..............1..............................................................-..............1..............................................................-................................................................................................................................................................................................................1...................................................................................................1................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\default\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):4033
      Entropy (8bit):7.480081609552213
      Encrypted:false
      SSDEEP:
      MD5:C6B57F973A3273CB37A77C11B1AA498F
      SHA1:6AF839D76ECA45AEEAFDBB47A54B73C1A960E105
      SHA-256:4503E6A9FA0484AB39CEE9BDF0AAD9A9186658F5D74727E96DD33F7CFA64C8EF
      SHA-512:E0013A2F6C749F0ECF5D9F0F165FE25269082D950DAB7AA0DD49485460F4D5B40898B1CC55C76A8FAA3C732E660AE71F6F1240705BF9CEDC1F5817D8ED06A867
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................;................................................................................................!...1AQa"2#..qBRb3....S4.C$.6G.....................!..1..AQ..aq.."2B....Rbr3....#.CSc............?......................................................|Q..39. .G.c.l7)...Dd.g...a...r.p..lk...O....n.2H....s..TT...[...L'.`^..m......l.V..r.N.....'5.0.>+2...;.bN.G9U..w.p..y]....Y...........7=..?..._wki....V>.?.O..\........v.oe....+V9..Z.$S..[#=.9.Q}h..z.QW..n...t#WB....t.O.<c.r....+q:;..kh.o^.V{c.b.LL#.S.yl.d17Ks...K.Us%.=2.(.'...)q.....KFq.g......Y.j.lw...^..+.....y^...z...3.7.v.G......t\..h....m+..D.<r.S.i......S.................................................S.0...%J...?...f7....{...Xw^.r+l.S.x]...S.......y..1.4.i..:...r?....'.....W}...q....O}..?...c.o.|vy.E..$6.6f..W.|)

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\default\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):26931
      Entropy (8bit):7.890424018956788
      Encrypted:false
      SSDEEP:
      MD5:8A372C8339A8FACC35088CE99A977D96
      SHA1:BF83CAD6C9EF75277ED308A6999A08491DF106EF
      SHA-256:6A9F617AD2117B3756188FF46AE14E43981F0672904D68B9BA0B9C5AB3525ECF
      SHA-512:F23C3A0427B743061CFFFC0310D97F7D62BF152E0ACC3F13076F4C75EE653EF327EBB6A8F1B0553E7BDDFE129B7261F061865B35791109A5CA08C4E00C73C1C1
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......Z......Adobe.d.................................................................................................................................................<..................................................................................................!...1AQa..q."....2Rb.....Br#3...S....Ccs$4EvDT%.'..9.....&6fG8......................!...1.AQ..aq...."......2B%5.Rbr#.$.4..3CD...............?.......W`...#..*$3..Pf....<;..*F...**<;......**<;......**<;......**<;......**{...e....{..h... $^"o.. =j.(9...8...9...$.1..$Z3:..=.p..e...Y5..`.s......;..U.x....,....9G..u...{.....){I>..$W..8......6L..nr7R.<...ak...zzT.d..1..\.....xo%..<yA..(.._..b....ho4u#.lp.....'i.$.o..M......Au.m.....<.B.. .... .... .... .... .... .... .... .... .... ...J?.....j..w..G...Q...P&C...B5...R...w..G.......AQ... ...z.Tp{.H*8=.....R..d.^......xK8......+..d`:Y.c.X...O.........e.Z....X...I^.2..7.$.....y.....t.&.e.B.(vP.K.p.t.G.O.#....bQ,.>i.t.Hk$.%.q.$

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style10\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2644
      Entropy (8bit):7.141177590567323
      Encrypted:false
      SSDEEP:
      MD5:797EA90803AE2A59DB3BBB3F6D12A895
      SHA1:4CE5DEB60FE74F9FF13D11124F5D3DF62889D8D3
      SHA-256:4A9216537C550FE1861B34CFA440FD7F90C64CF965569F0E46ADD664D1C802CB
      SHA-512:27B0F7A384127A12F5FA068479E03536F1DAD373D2A63EA9329CD15EC074565EADA1BDD08A8916C468C35EF7FB1E20AAA9BA3CC79B204EB0A8E6547C08A9946D
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;...........................................................................................!1.".AQa2BR..q.#4....br..3Ss.%...Cc.T..Eu.f.7.....................!.1.2.A"3.Q..............?....................................................nw(}.Q....I.E....F.k..?.v.....q..K<.4.t.;..r.*.....R..v:5..$T.........jxUW.FR....vw.lJ...5.".Z.=S.Z.a"^...bT..\5..s...<.N.J.y.M.w....T.."..=...clr..t.*yJS.......$....#....D...H......y..Q..E........4...............................................Q.d..}...Im-]..s2Dj9.......N...7g.9...6...e[.l...s....s.Q[.J..8.Cn...v.uen..N....a..B...3....*3...+..1.Vy...q..0....F..N..K..M.{ND.I..J...e.znI.tNg.E..>...L.....].n.I.3..0..%_5.............Qh...TG.*".Tn.\*/.*/.^...M.F......._N<.....z0|.................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style10\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):17474
      Entropy (8bit):7.852188454334886
      Encrypted:false
      SSDEEP:
      MD5:6A7BFAE066D01178C2632BDC5DE7C271
      SHA1:717D8A486D1AC8E39EDA901710B33279E10287A0
      SHA-256:6A7D31442D24FCB25AC5527CF4F2DF8998797E02BD7C218CAD09E6D260CB0F1E
      SHA-512:8DCFBEA42440BD577247FB6B505844B542A7D08D53AE219C0C02E20FAA6390CED6FD59743F0AE76F9EB36AE88175AFBF777C569B2BB3708904FA2354D87EFBAF
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!.1A..Q"a2..q...B#..Rbr.u.7.3CS$....c....5e6..s.4D%U...&V...dt........................!1..A.2.Qq.3.a."..Br..R............?...w.%.?..FY\_.~&..[.....P.......*`w....Z.u?.slyl.cZ.hZ.0.F.8..C..Qb..g..2......%?.....T^.F..VM.K.8.....J....y....=....+{..w.^;.f.e..-..=...e..G!..e...tok.'......%...Q..{..\H;.m..7.3..A$Mce#........aL/m..qs..;....;.[8yIs...l..7t!...r...<._..g...PB*.......,n....nZ?..;H....A.,..@-......{....3.....[U..C.y}]...[....D........................................2....6./k...3.6....fC..PM.?{....$...g....]..>U......}....[4.....We.xh....M0....Er.....l.v{.n.q.....\[.....n."..k.s.R+.V{....o....~i..|lp.....|...^.m...[..1.Kun..nmo..{X._9..I..e...e....C..'dQF.......k5.V

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style11\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2782
      Entropy (8bit):7.190710632241448
      Encrypted:false
      SSDEEP:
      MD5:12EEBD23AD7685C3B6DD2A33FB72AD2A
      SHA1:B51A306B0F8B3A8C17B58D996EF6943568998DA2
      SHA-256:07D22C13652069BB7C3BD278DF226855F8A0B7517260C7FB62C53E169479EABE
      SHA-512:5CE52B290859FE56E20D3370226EDAC1D2CBFEC81264A642836754A964A9790C80CE0346939BA265270B0FEE74AFA235093A55681DD92EF46D5405456D77BB2F
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;..........................................................................................!...1.AQa"..q.2B...Rr#34D..t...Scs.....%.6......................!...1Q..Aq..."2...#4a.r3.............?...................................................*......?.a..o96..^W....gGc.V.'WQ.{oO.:h.4st.ZD..i..Z6.:...=y....7z.r...K......Ki.I"......QS.^...MI..6>vF....r.'X.&-..O.....t{....I.J..._...\.k..x....C..q.G..3......&\...2..k_.....n.=....................................................s.l[.{V..]R.F.?..8..$.f"...&m..,..".....s......{%.ZBsjyi.k.r...Z[*s.1.T.D.K.9....V.a...&.JE.I..dk8......].[..+..5........k3QeF"b...JwU..B.y"R...Y.k..gb.....P..0...k#U\X.}_.Z....5...v..wi.T.z.y..is...d...".Z...Z.ub4.>.*E}+f...e...=....q.Q...*=....U.Q...Yt...x.K>..R..r.Gd...-)C..[.?.}

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style11\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):15540
      Entropy (8bit):7.583824027496592
      Encrypted:false
      SSDEEP:
      MD5:3DA7780C9BED33C109FD0E28F4B75130
      SHA1:9C352EB4570DFB5576B654BA3859334EE9CF5103
      SHA-256:22FAA343913C54525260B78E84F26ACA0C620BC9EC3CA68A93D726D23D4D4E4E
      SHA-512:23EC23CA1953C7F213B1538D7CCDC9DCE582CE63693B0C261DDCA3B85B81E91C8690764D47E9AAC4F5BCD7332EE4A052F931180365183B6A45D7E716ED12799F
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<............................................................................................!1A..Qa"...q2...BR#.....br....3..7...Scs$%U.6..C..DTdt..5u.'.E...........................!1.AQ..aq..."2...r.34..#..R..$.s.Bc.............?..e....X.n....=..6....k^....U.."6.K..ff9<.....o.6.c...Ymm.-gJ.[kX...r.+I...F....5.dr..V...V%....R.QL.a.ZYQsG2..e.cE.Q...W.q.N....[.Y.|.W#.......,~E.../.:.m..u*.1.b#.v..-3<g.}..............u....'.w1K..I..^l..J<.S..........................................p..w...'...c;._....*$......EK..>O=.......\.U]UWj...@...X...<.A.,...l...g..9:Q"..w...f#..^...4...$.....$..@.$...>G~.p.*......'.y..(..N.wH.........................................}mmn..b.....N...LJ..r....H.....6..qm.[a..l...rI;....Jw.w......].....g.1.;.cc.......$.....$...>G~.p.*......'.y..(..N.wH

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style12\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2645
      Entropy (8bit):7.154157874585457
      Encrypted:false
      SSDEEP:
      MD5:F2549FCE84EF318E22EA2042BF929872
      SHA1:4D0704E9C3C9FC83FDB9187D3BB70362C37C267D
      SHA-256:C1C4D78C39FAB4EA450FC4BE77211B3F0D32E70025C25038863F7B8C452575FB
      SHA-512:604325B041A0D4C34E1AAC4E560F159B93750522F859082C2DC2506424365EDD19E0EAA58785D091FE48E4545A569DCB0334A8920BEAA4C776ABB35FD35DB80F
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;........................................................................................!...1..AQ"2a......BRb.#3S$.q....r.cs4t.......................1!.A....Q2#a"B..q3............?...........................................................~..A.:4+.j.W.6>./CM..D.G90^).Z..38W.u.FR.....m"bS::WS.]G..SQ...l{H.2....M.l.p.r..T..^.B..skza&...................mr"vpT...t}.g]1....'. ...W+*..UE.!s..).Se.|.....DW..w.4....3..~...g{...N.ME.>.n9~...5.....W...V.................................................GQ:../n..C..o...2.\.G.j.!......l...}N.>........q....#*[/6..g..H.{..qH".1..\P.....\...oP1$....K.[..../.+.P..n......3.U<[l.@.R.d..Rg"..G9WQ.jW2qy..LYJb0.~.2..UrS...+0.W,....D^e.....K.toG.....j.k.....c.3..yJ..9rjfnl..Lq......e.{.................................................\]-....

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style12\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):18502
      Entropy (8bit):7.8571346825347375
      Encrypted:false
      SSDEEP:
      MD5:C6D189A246080CAD12B3227503E61FDE
      SHA1:42AA036D96FEA45C5B43386B8A6384DFD1690AFB
      SHA-256:0DDE51321E6FAF7BFD4AC96F741D2626962D9C9ADE4C04F0BFD5EFEBD055F773
      SHA-512:AC59CCB7EBA17D74040498AF03C61BFF591EEB3102B1DD17B9CDCAFC53BF43D38C1067C3987E8909369B6DA0B27F2875DF328E359699F49F1C9FE813D55D9A6E
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!.1..AQa"q.2...BRb#....r..u...3Cs$.e6..Sc.....4....T%&..5v......................!.1..Aq"3.Qa.2r......BR.#.b..............?...=..8.H.N.CB.--.........Fo..g4..-u..x=....i%.W.+....q..8........b..@.d.. ....2.wM7."D).....I..4v..0.o,.J.bv.cpto.msMA..1\..,.....u.KX.6.w....`.1.....k.......b0..c\.T..N....6.S.G...f.78...[]0..n.k.....P..x..../..y....^......b&...O.ga.Y.>.1...R.=<.tb.6...(..sI...{T..sVSi.pJtK..PlZ.5.K.>......N_..^......^...{m..W..EH ......GIf....t.M...m..j.....g..z[.U..k...{W.....4...2...7p...v....l..id1.C..\I.kE@.w.AQ.N....N.&......2....J%Ym.Q|...g.m.^..\U...i.h.w6.H.....M........h..0.._H.s.$...6.0=.*b....>...}.W.....f..!.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style13\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):3006
      Entropy (8bit):7.278485324595002
      Encrypted:false
      SSDEEP:
      MD5:C7AE6F929175694329BA7C1479591C81
      SHA1:A404EBBC4DFAA88ECBAC4A319A568F5BE210C92D
      SHA-256:56108A4FFA159B80FF77A237ACD2BDAFCA7FD2DB14181160CDB73FACCF6122F1
      SHA-512:38C1F567324FAD89DFF5ED40E5C837B9F18885313DC6C146CD493EDB1356CA09B2593D34769E90B146E32855FE518320ED9C1324722219C3EE8EEE507EA54E17
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;..........................................................................................!..1..AQa."2..q..Bb3.#S$4%...R..sD.56........................!1..A....3.Qaq......"#2B.............?.. .................................................=6..+}'.&...v.W"l{.B..b.P..mL+..t.[T[.w.".i V#...Q....U.b.-.p..H9...7..._..+..Dq.-S.jO......2...]rR....S-Y].W...[y.....|.....{.Ot...'W........U._.'T.3....c.^..Gt.ksWu+.:.........$..o..&.......t......s.........5|.Z1.-?.....O7I.4.;i..J....;U].O.&..s*..#......]..&...h.k...V.7.....C.lwc.j..................................................~e.T..(......V..,.w"l7JeI..Y. .jb2......j.6.-W..0XlnH...f.U{}...O.....L_8......n.m.g...lq1..(.{.W."y..>......X...._Z^......-._y#..>...|:.1...U9...../O.M-t..T....Aa..s..D.iVd.OR..{S^.5..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style13\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):16510
      Entropy (8bit):7.849278916393292
      Encrypted:false
      SSDEEP:
      MD5:98A2746A9B72D9EACAE709428E07B1F4
      SHA1:E7BC5556E62480EBD65545BD20359BE2A3429341
      SHA-256:8EE35A221DBD82A29F716DACC4F08A25D493075EA4344F7F71649434DD80913F
      SHA-512:7D0E9025ADF7224776C6F8C8B4D289061EDD7EB3AA889977FF4D2BBBB25481B683AF9CAE7CB8D7B1F79B63408EB5307FEE3B16090A9F750968140DC80F4F99AF
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!...1.AQa".q..2...B......Rbr..#T..u7..3S.$...Cs..4.%5U6V.c.dt....Ee.&......................!..1AQ....."3..a.2rq#.....BRb.............?.......#+..k.....^..[~.d..w;r...j.E[N.sl._cSW...U.@U.-y]2.u.VX..;.9..+'+..0..'*9.-x.b..Y..p4.(....<Kv6.......p&3..h.2.Xk..8..L<..*Z..._[..".J0.....*fH..*+..7V.UY]..sv.8.Fr..7..:.J>.pr...z..7.;O45.T.P.......I...:..l..._K.:...<..U.".......a6.+.HkOMH>.^l#\;..d..zO.BO.a]N.bh.z.cc.............................................x#.....L=.6../E==|^k./...u....:.j.F.Zt.*.....n.......4.?O.....H.k'1..x,..f.k{E.Q.n...Z$..M..I.@.ZW.^.....i/.\+F..5[.|....o'd....J...mr..P.I..p9..H.%.q#5F....9S.v...w....S...2...9C.p......5.`4.Rk.y......u9...iat.r..*.AL3

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style14\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):3122
      Entropy (8bit):7.293594397305784
      Encrypted:false
      SSDEEP:
      MD5:64E447B9B303D386F4970839DC815705
      SHA1:6042A4EDC7D8E2AB41C589530283C3C43788EA0C
      SHA-256:CA9E2568668E53B2D5F8E276581F31D517CD8D490DABA5013A743BD497DE5F73
      SHA-512:2B35642EDBB881CD45EFC6CFBB3C39CEDB235B0A17ABE12C2194CD352109F9AEB646DD70279C2290AB8EA2E043528786FAC61404733B7987EB8172C6EE81DB98
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.............................................................................................!1.A..Qaq.."2..BR#....3.C...4d.%eu6.........................!1.A."..Qa..2.q...#3..BR..............?....................................................d.m@....%.l.Z......u9.i.....1..*~./if.cz.g........L7]K.Y..m..K.,l..$..E.".:S..{...D#c.L.#..n...m.L..ds..h.EZ..%..R..N.6Y.Y.....I.9..zO.q.PG.t.I!OK.k}dn..r...5......>.nd...-.....VK..N...~/I.c.Z....t.....N.-..V.9.}../...9}.r.&.>..k...OAy;.[k|..x}|..k..7e.M........$..R.....\..G...u^^...~.....YKcM...K..]m......!.t1}lU..Rr`...............................................x....n.b%..^.TH.(:....k&..);L.....B....EN........,j..J*s(...R.p........x_.q..;5..,...F>f.%e..F1.U..T,zn...^....VS.s..[....".I.l.WLlD_c...4..O.}.q.s=..b3x.u.....'.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style16\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):15900
      Entropy (8bit):7.602191998339488
      Encrypted:false
      SSDEEP:
      MD5:A0C1C8F1312B83E16C0DE859359379F7
      SHA1:D9FC9BA5EFC8C290149736454C647537C74D2CEC
      SHA-256:12D1C43731D066B46505428A2F831F6F74C20833A21864C83BA217F54DC0AF72
      SHA-512:C5BDABE84A12F46FD0B51220F897197DE84E84E97E0BA13ADB264CD09751D401192792151640A27986CB6D14401C9365A6553BA41AF37418BBEB4B452296EF18
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<.............................................................................................!1.AQ..aq."2Bb.....Rr..#3s..u..C57.Sc4.%e.......$DTdU...t6.V.......................!1..AQq"2...a.3.....s..BRr#4C$..b................?..w}.n..Q...R....;h..!.7.1l...Q.....z.}-.9iE..<.{F.=N..=.o.s.V.Lm.}.!w;....z...^........>....?G.<.lO.l}Q...q.t...S...|{.1.D..U..]_/;-.R..zO....y....jF..5.Z.k../y...U..-.c.9~....Z....<.2.n...kWo....|..s.;...<.#.7-..1.U[....OW8r^..7.3zR...WN#...^w.\.u..L..k+c....V...1..s5....m.....Sy..:&..N..z.K..%.(.I.../.o3W...u..SW.d,.R.66...v./.z.....8.~b..g..nW..N...........5....t..dD5...XC.W..V.k..<.o....l..Oj....'.P......u.G....=.<.I_=.%..qo.....Y.k.7.......V..=...0.e=....Y....c....}..d.P.....G..-....)Z.L...+....N...S......./.../..O/..y..I......

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style17\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2932
      Entropy (8bit):7.257825994258189
      Encrypted:false
      SSDEEP:
      MD5:BAF9993E5244193B30B320405158D01E
      SHA1:3D1BC4E84BBDD5242FABB8CA4BC580C8FC9F4D7D
      SHA-256:8D2E20910D7C2A2D2AE14055E9976B51F9D684D04010A218E453495CBD7D8686
      SHA-512:43D54845B091115A91F077E18F2F8D97B3E63740BBC85166ED4A56E0C42AF9E27F6664D561AD0113F4A4C499CBAA3F83BC6DC1A5FA52DB3204DE1F8246376E7F
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;..............................................................................................!1A.Q"2..aq...#3..BRbr...C...cs..4T.5U........................!1......AQ.."2#.aq...3Bb.............?.................................................o...S.msUZ...."V..)W.i.Qi.#.)\0.m%..d..V:.....6.}........i/<.9...$...JR..+.i....5....tR7C..R....4...OMvd2%(.*..}{MwG....6.L.-<.q}...}.G=i...y.r...K.EZ....^....6....]Y.^.mp...E...k.......7Y."..N.t...j&....%"iO.&-....bU.l..F.D...x........R.....[]..0..Cg.kO3..?.D...r...............................................W....v..+....R....Y....5..%.2....*#..6+^..S...3WK..-...k.;[....\*...r.-..:5...5dm.e...\.esU.Uk.V..T.".a.>..lm>..d.9SWK.:...d{..V-V...QiGqN%.?...fI..sr.:.s>....2..'..F.b..\J.y..N;...Yqr[~.0...$..p...z....<...f...7.d

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style18\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2962
      Entropy (8bit):7.2562169029182595
      Encrypted:false
      SSDEEP:
      MD5:C6EA557A86C18B1CEB260896EC2F3BB8
      SHA1:FC28CE27DB5C05BD5BDB5EDF2B71C7CB94F3521B
      SHA-256:A5AD75F224483F430AC7CD7833485CC563E803F8490DB52ABF0FFE3AF0FF4C45
      SHA-512:3DAF63176046B20B75129FC3769DF1503C233D7A287F8A3268F2073D98B3785842851FA89ECCA1033A911DB0276D85E6D4F285889D0F4D29E7314A192D893E4F
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.............................................................................................!1A..a"..Q2#..q..BRb....3c.$.u...C.4t.5E..'7.......................!..1A.Q.".#a.23.q................?.. .................................................y..IZ9..w.b".....[.X..E....1..-g.qR.k.J...eH.js........7o:m.g.7..Y.E.F...[.:.....Z.....&I-...v.!.]Z..n"vl..F..?V...^'.qy(\..s....h.{.&.-....=.....|.i.s.[....>..r..u.q..%..[#...6.nV.v_m.Dc.j.R...1:..f+o.#.J......~...&F.D.:c.:.#.o....VKT..c..f.UUZ..5..*.v.i=Y..."..Hd.sc].........0....n_[v....}..g.8},..............................................+?>.d.!i.zG./..+EH..uR.KO.o..Uym}..u...bi..F.m.Q.FF.......J.ub+9...-...zy..7..9.{.s*._B.v.....g....|....V.o..x6...'...E{k..*....l...q..q..u...U...k.f......s.s%W.W...R....+)....

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style18\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):20688
      Entropy (8bit):7.877574291471352
      Encrypted:false
      SSDEEP:
      MD5:3ED436594D91A3DE3B24A5B19B4D7D8E
      SHA1:B59857821A2C6FB51C2EDCA16C3D2A0EE8043399
      SHA-256:648A5F10ABCB39DDD211707D1229B15EBD8A111BDCA3100B1AED5D1B0052D981
      SHA-512:9CEB4E1FE3096358A5DD6A3C6A577EE63341D6D74B50C26375F712D694147A6677EC40547942A8BD9FE17BE6AA49B6746077A2CF20D77F54FFA30159FB5E9607
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<............................................................................................!..1A..Qa"q..2B.$...Rr#.....b....3S.t.u67..Ccs..%.5Ee&..4DT.U.d...........................!1..AQa..q....."2r...R.3..#s4..Bb..$....CSc.............?..y........N...xn.q.=lv...{%..J&..U..P.c.e..`.B.2e(e....0.K.....N..2..2.(.C.xgq....m.Y2eF2eC&U.+.."7.k....^.............hz..W....o.8....Z>_\........Vd..\ ./<h..,.H$2...4..........W..x...V-.....n.Z.z....F...q;..reC.r!.".r#$...6.5....5..X..c.......8.r..2...2.h.!%...p.-..,`.v.'.5...6bz.p.<W{..R....YFe.Tc+.#3.i....^...C....R.O..W........q..}~.|..l.e..Io.O.1\...........................................x.........lO..I.j.f.....|8......8.....E..e.Dg&D2dC.C....]..q...w..3.k...V.7.).M.#s....|!.Rw.....I

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style19\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2765
      Entropy (8bit):7.195650534781549
      Encrypted:false
      SSDEEP:
      MD5:B5E2CD74C91C60A3546BCD7A7DB37FDF
      SHA1:C344ADB44BF92A0F439B70476BEA08EFAB7C2124
      SHA-256:AE0D57BC8188ADB7A661EF5894D1BA973685464070B9DA06BC878F0B05C6FD5E
      SHA-512:EEAC524FDB1E1C94072D85174D2EF1E417F638C604CD1F07D73FD2FDD4E67CEFDC131AE3CB6C9DF155897D4A9308D908B33F2986B196752B298ACFFB3D264B14
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;............................................................................................!1.AQ2..".aq..Bb....Rr.3..d....#c.$4D&.........................!1..AQq.2.a.."#.....3$4.............?..H.................................................D.6K/....Rg3....=.N.?[.....}..:y........H.....w......j-^.k.-v/.:.7..?>_O.*.....l.j..e..w{...l.........6.u....cn....N....|...3.i4..!1......._)/...6....EgN.{s].{.....,.us.Z9.u4..{................................................W..4t....LW.L.G.x..xn...c'>U.}..N/.-tu....|!;j.y9wd.f..7.0L..4...o..sk.t[.==...)n...".~....d.I...D.D..tE...5.j.o.....,...;..-w1..c!.oG.FO.4g.t.....g...N....R..W*sTmI:..ti....m..4..k............5...Y.w.7"...>Q~../k....o..DRc.....Z....>jT...==..K5.................................................Q.X.v.Nc.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style1\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):14555
      Entropy (8bit):7.550599516763776
      Encrypted:false
      SSDEEP:
      MD5:89BB240BADD363F1C767D848996E5545
      SHA1:66CF8282F06FD10CAAF7C1C76C1F01C8E05E8EEB
      SHA-256:940BA03BEB88C3E538DCED5D273C179288138F81184FB9EFFCE534493B359BE4
      SHA-512:68A7E895AF4C67E2475F4BCC9007A1AE93B712BBC672B66A51EA8CEB0135875D72BA9488C5EAD3EF11F2C0F7711CD6B04E2455295378935BCB7F21786D13DFBA
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!..1A.Qa."..q.2S.....B#sUu.67..R.$...br.3..4.f..Cc...DeV..T.'.....................!1Q....aq...2.A..3..."Bb..Rr..#............?...}.m...V..vk.!........j..p....i.%....',..Y..Y#"...dL...!..#&....F....aW6....?..cs.M=.........',v.K...e.nuYw-.k.k...b4-LgKq...eT_...i|g.~-.u.*p.1.!m.K.../..6.W.Wa..?......m9U=..~.|c.m.*....o./.sm..T.v...e.m........L.1..S...7..9..r.{....2..6.NUOwa.._...i...?......m9U=..~.|c.m.*....o./.sm..T.v...e.m........L.1..S...7..9..r.{....2..6.NUOwa.._...i...?......m9U=..~.|c.m.*....o./.sm..T.v...e.m........L.1..S...7..9..r.{....2..6.NUOwa.._...i...?......m9U=..~.|c.m.*....o./.sm..T.v...e.m........L.1..S...7..9..r.{....2..6.NUOwa.._...i...?......m9U=.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style22\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2831
      Entropy (8bit):7.223832604189995
      Encrypted:false
      SSDEEP:
      MD5:C9FC93093DC87F9E569BFC90EC976093
      SHA1:8C124DB0892E8175ACB7D98DD957C70D13DB43A8
      SHA-256:98EB0ADE223FEB6D429626534881ED5ABBB0EED08613F156B475A98E69B7BED5
      SHA-512:1A64A936A2E81CF811FDAA156053C859F4EAEF98DB16A7FCA595CC0A1BE9ECF0E9BD5E6B0F041EE9DCA9225A963871E2B18C09E98E1C1334D8837D8A3EB73254
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;...........................................................................................!1A"...Qa2B#..q.R...b3CS...c$4.u'......................!.1A"..Q2q..BR............?....................................................c].{.U..M^.cWm]...~.{.~......9Vg....S.V.[.!..T..:..r.r..6)yk.Q........j.E..3....X..{.%x.v.1.....3_..4h]..T.\==.F6.rM*&...y=XNYL~...../.5V.>W....;..-.j...V8q.,.g9.!p...[...%...i...../.6..:.g2+.....z.KV...u&...W.........t....=x..............................................i_...........5...=f..>.o......WX.Q...M..t':s..].....C6.<..F...1.*-\...w.Go...a3....?U..f..4.7...ksS.]........Y.....W.nk..)........f""Wqi8.Dz*"...M........u.'r%..g...m.b..R.....=.sY...+O.BQ/..'.d..o..S.^J.[..]g...6...................................................p'.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style23\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):21165
      Entropy (8bit):7.885942662197169
      Encrypted:false
      SSDEEP:
      MD5:147882C30B9B7F065AE0D830B9CE962C
      SHA1:7D9D30D37ED7305741C69F76A8F78A9A41BEAE6A
      SHA-256:F868666C7C8776EE896D50A45C09582B18614875086FF888D66258DFABA2AF14
      SHA-512:29CA93AAE392C95CD3850D1394150E997FB1A5147F5A800B313D11E78A9A730FACFBEC9ABEA8E4013DF73646FD571B4EBE039A9803A4F4A178610B0B2579A3BE
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<............................................................................................!.1A.Qa".q.2....BRb#.r.......3CSc..$d...s..Teu.7.4t.5..6.......................!1..AQ..aq......"2r.B.#..Rb.3s$..4....CS.............?...J|.........U.J.1..Z..q...89..-}]8.f'.....N.h{.'%.F....7....7.o1.:w...V.h......Y.l.:7ppV..9Mm19y.G..,..$....O..k....M....g..\..^.(.Xj;Vx..e./.....m..m..t..=.$.Qa...x..vE.8..-...[Z..W1.N..v..~{..}..o.w.Q..\...y=..V>[S1...-.. ..JZ>..V....Cv.U.`..ZY.....T.Re..|.~W...7.F.A..n=.v...a.|..::W.c6.^....x..1s7.....o.7Pe..K.g}xWt.5U.o.[O.O......GU+.c..6W...&^..y.zf..}..Q/k.n...>..?.i.1_.=v^..y............................................h./...2...Js..d.;..T.j...Sae..M..l7......h.).r.w.!{..O...w^..&.X....0{........g.....W....x|O.....z.U....m.MM9..g{2....2

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style24\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2609
      Entropy (8bit):7.128381353705633
      Encrypted:false
      SSDEEP:
      MD5:97026EE38844E50899487FD669CEC5F8
      SHA1:B278B3EF31B4302D2540E9C2F478E0D051502A7C
      SHA-256:E311196D57D3713357FA2A675B0200BCDFFD75EBFDFFE681323F870137BA96F2
      SHA-512:8884E07CC7201D9ACE12DC631C19A64498004E554B65C08EA014F4FCBC08C3D75C084EF7CD243355F3C47133DE7BAA9BC15F49CC67AE4662A8131988E571AFF6
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.............................................................................................!1A".Qa.....2B.q.Rb.T....#4s...$u6.........................!1A...Q...a."23.q.#4R.$............?..................................................U..G3%...Vv..z.?..+.#..3.NT.UU*s...Z.%n?.j..y..jY.j..j........~.6.I.b{Q.qm..{.z3..E.f..S..v..,oz..7).U{...`...,.'a}..nV.....]..V..uR(.$..9.%r.g%[.S...m..c..?z.S..n...:.W..w..n}dV................................................U...rx+...........W...J...f'.Z....e..#.I..=..^"..)..bcD...7e.-.+t.k.-.n.....Z.]...;.k...c....H.....#..+.kQUU{..kDQ....j]Qm..H..s.zn..."..W.k..{..vM...l.d:KN.L...D.p1V..Ju.rot...K....+"#r;.>[.....W.W..5.M...R.....................................................O1k.XU?0..qY.O....7...=["*m....Y.n{...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style25\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2584
      Entropy (8bit):7.120744613447925
      Encrypted:false
      SSDEEP:
      MD5:3F303965900661670B296451DAE5C8AC
      SHA1:05671D8C5DB947EA8E080D3571E80C38332E8816
      SHA-256:8B310B0DD43162E161F45C35C5E26B992DB1ED647102870883ED16542EBD3749
      SHA-512:26B7491D47E7BFE20A38FFFDC86CBE298828F7B287B1A38BD33939CC37C3C9601B32E9A62FBBE5B9EFAFB553856887594F7138782FF39F00EC4023F7A2FC4E54
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.........................................................................................!..1A...Qa..q.2B.u6."br...R...#Cs.........................!1..A"....Qq....2#B............?.................................................i...h.j.WP....jR..;...]..X.E..G.c...)..Z..%z}..I.^D...y{".go5....>Jzr..{...<`../#...F_[Of.{)q..2%De.."..I..**x.V"v.z.r,.]....wR.......n....MD..............................................#>........_.R..l....F^....*.%....}.%h...W....l..w......>L..5.)\.m.|mBH.UTUTd(....n.=.|.g....4.S3`.9n&...a`...lE...$.|V.a...]=[.1h\..S..J.j..vY...M.3L..VY.;9..|.s...%..i.........5r........8m.<J.?.]}Z.$c.k.Qp'W..w..I.nN.......e.* ....................................................O.E. ..$.;...Z.w.........N"o....L.J..jSf.......^..R.].\........REnj..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style25\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):16028
      Entropy (8bit):7.8339749331999595
      Encrypted:false
      SSDEEP:
      MD5:5AD842E25E9E39F42311EB41454F509C
      SHA1:803E0EB096D2B3575020900C9007C3AE9ED5535F
      SHA-256:BC61E266910FDC52DE4DC41FC33DEB3DB329B06C430F6628FEF9D95037C43056
      SHA-512:2F7B10D5806D58BA6F5EF40292BBFE00C4FE70065C53C3C279F65797B6330A93C0D177172D24EE828A3333BB0F5401BC5C1ABB3FA84F4D1DFBAA53489AA6CA11
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<.........................................................................................!1..A.Qaq"...2.....BR#..u..br..3S$6..Cs.4T..%..c...Dt.5e.EU......................!1..AQq"2..a..r.#3....BRC$..............?..Wwl}.F'.4qq..|d>..6....jN.,.V....Fd....'..l.7Z..I.n.c..L+f%.....k..t...+R....2.z.m.......!.-...O...o.g..s.a....`...9.s..~.=[..v.k.R..........kwK.d..i...t..r.s-....E.p/iu.S..EU.Vm......5....%[Vg....y.X...y`29.A?#1..T...0.SY......a..c.*q.....wG..h..}.]PCiJ..._*.g....\M.c=,K.....ekXk.F.Mj@.W-.gUa6...R.Q.@......1...v..Q..,C.{$n..l+.1.`<.i..........1>......s{....'..h.e.o8y...q.y....0cO.y....i........&...I...u)_..%.....=?......s.X........8.........................................r......9...(W.C.>........z.&......0......fn.xLQ..T...wx...K.f.[.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style26\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2509
      Entropy (8bit):7.091352866930563
      Encrypted:false
      SSDEEP:
      MD5:CD78CB3C50E322A1B9E6E2CE4DD7BA96
      SHA1:DEFDC62511B5B4C006E1EBA9234761C5BD6C3B74
      SHA-256:C68882BF96A548327D7EB8F58A6B2B9D6EEF7F79B444F35816F9E9D675FE61CF
      SHA-512:3F25BDB43ACE98E6A5E9ACFAC3FDF8EEA81FAFE9ED2B847915B42425E49D2DDE23724809E10F7F27DF8C0D0AB385221D734FC28A3E8DD7A7092C71E911758C8A
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.........................................................................................!..1..AQaq."2..b#....BR.3.r..5...CS..Tt...Eu..&6.....................!1."2...A.#3QBbC............?.....................................................Ie.c.kY#.5d.T.=....R.~.\....^e..l.w1...8f..fdTtj...j..4.9[^....U.f.........-].p..p.,.....6H....d.q.zQ./')M.D......[.\.n...S.e.[...^.F..H..mWY......j.....i.MD]..Z..*....76.'#fEj.*......'.75.)(.pw1..I...]...:..p..n.................................................kO..g.....]%.X....2.....o|_...o..W...(-.d.&....s........z.K.....*Y?B.,..6[..#U.c.....y.FJwr.>Y...\.M.rB......F..%~..F..w...L...S6a^*.G...X..zE.*.U..U.9;....,.n'..b..F.1\Q...S...AM.k..n...k...qV...V.p\.b...fj.x.......?...9...................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style27\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2555
      Entropy (8bit):7.115724580551151
      Encrypted:false
      SSDEEP:
      MD5:33BD0C19597128A0212CFE293D077E58
      SHA1:FC4EB51DF557BEE9958199DC523B0A8E6AE825AF
      SHA-256:FB156DAA01F7D31DAF77CF750753D06408B631EAC1BA3F6558A3C316329995EC
      SHA-512:E40B1A157F857C8734D412DACCBFFF2F5876B1CC947AF2C46D16A7C0E7B517041A137D0D0334940CCCE35B5484353C9AEE793858BF8D1F0F08728EA829C104A9
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.........................................................................................!...1.AQ"23.aq.B....r.#..b.4.....R...C.d%e.......................!1.A.".Q.2.aq...3..B............?..................................................TN'.x..F-...y....T.W"S..p'.L.[....Iq....i.dU...z..1+.....z..U..;v.5...tr.~.Gp4F..S.^n...UYer.....9...3/...as...^N..U..."..Ve_.i)..g..g+...~.J.{.Yr.p#...p.................................................5...*u.....u.. .Yd..}k.s..D..5..tg......{u.u.KX.......UQ#k..\...Q;^.?5...f..]Y\"..*.^..r".#.......e..;u'.6.}...[y....L...k......q<..\M.CU.j....c.+.v"UK...w.UU%F...E.......r...xj...j...I....{62.g].g.O..u......^..8N...............................................h..~.-.[.....T....^q.F....rXm...).G...V."*..+.=8q;Zb*...g.u..\.I....J"V6e

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style28\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):16342
      Entropy (8bit):7.8486482331657115
      Encrypted:false
      SSDEEP:
      MD5:8A3442F0689944D6E70764E6D0654BC0
      SHA1:871E8D07F66AFF073568396E38C72D433EB46AFA
      SHA-256:2DF6A4A85FB42C4EB6D02B290B48FB37F4B5AEF676265A5E20BAB7E859352BBE
      SHA-512:C5D658465A7926C8010CE69B5933E01F408B832AC0EABB7B64B8434122CEB80DE5CB42CAA3025764EAA15EB992C11729F0864FEAF9AB1F729C07FEE23F347DD0
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<........................................................................................!..1A..Qa"2.q.B.....R#...br...$t.%eu.6'....3Sc4Td5..s....C.&.DEU.......................!.1A"2.aq.Q...R.............?.....A...L.FgQ...^...c`_...D..e-g.?..&.....H..6.Dyy..H.?5....V....e.+3.......y;...1E..#.$..4T.H..e-...........W.\2.....;.m.:5......k.4....d..U,..;[ .....0..Qd...._...X..oy...rF..^..afg..!..%..6.mZq.E...l...}B.....+.......p...=R.c..I..6,/.....;p...8o.+.S2.q0..v=J.&X.j....5..[.YY:.D.0{..M[..[u.ZH.W..*e....t[..0>.(.$.{Z......0..<&-..'..j-.[~C...:..F6d......m:.....Z^. ........0=.&G..#b....y8..EF....X6....).s.......=....I's2<.8..JD.hU0s..V.596`.FWm...CR.b.....N...[.v..(J.%k...Pi>/.J....[..[.........9..y*.R.^S.W...&...V....

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style29\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2764
      Entropy (8bit):7.171384995618273
      Encrypted:false
      SSDEEP:
      MD5:345E7B624E5079FDBA8F8050EF710243
      SHA1:902A5E10ECCFC66B84577A095B11A2CA9A4A5F2D
      SHA-256:AE88B1159B607DD061E6A92CAB22D7BD9ACF555A63D084B08DCC8F4F8163FD7D
      SHA-512:D36B42BC3014ED7FD20DFDCFBBB52A31F2B0FF1B71C78A158B1076CCCED10DB2D7BC13362B58C739408D5333765F98EF690D8352F2F581F46099A7B5BC8D090F
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;............................................................................................!1.AQ"..a2.q...B.D..Rr.#36.b..C.5E.F.......................!.1.".AQa23.q................?.........................................................#..F.Uh.V.I5.e....}x.......i.....drwKi.WK.j......UQ....r.k2.e..."..U.gV5TV.-.f6....e.s..'.T..%Z.....;..........O.[67...b.....Y.JX.2.Mi.t......h^......U..6m..;k.3"..&. ...i.I.._...v|KC.V...M.....j..RL.k..x..............................................*..J.pqH...j.W*x....f...oQ......r.tXk..h....;.fxGKB?...m.0.....e.....Ul.?.Y...ZV......W....S..|...cG/s..9F=c.Y._..L.U....YgeQ.[...1$u......|..+..a$.W6.v+.g.|.V.V\Z...*sEE.z..[U#t.>.tNV...F....)..0.&^.ye..E...s{.\........z+/K..My.F.o..x..............................................+{..[.\

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style2\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):14174
      Entropy (8bit):7.537409975406876
      Encrypted:false
      SSDEEP:
      MD5:1CF73D2AEF75361D305DED217A331A8A
      SHA1:59397C6371130C997A8ACCE5D47320C99EAB38BA
      SHA-256:5169C1348E7A549D58150E20B13D1B6B94A6CFBB3721868DBA9C268CD7E33484
      SHA-512:9500F99A6DE64897CBF5FC249BA9DF852F5BD454D4603FE99979872DE8C66F36F23F10B886CAE3FD2CD890873411DEE3CDB61C9F2A61507D0110202B9F03C214
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!.1A..Q.a.."..q2B....R.#...br...3.T.CSs.$Dt.Eu&.cd6..4%U.......................!1..Aq"2Q..a.3..#...BR..............?....<..........C..{....k............K....s_.}....z...!+[.R..T.@.a.)...........................................O(Q...F....T.....7../k..._.\/........_......o.'.z.[ .$........!.....LT.....................................~.......N.Ht..........H..%.2.K.....C..?..m...p.. a...ko...8....>..J.....P.Z...\X..<.........................................!.../(...C.~..S.c".S%U....K..J2...Q.... .. ..{.......m........K..p..s_.}.y'.P.Z.J0*.R!l(.^D..ejdM2.`........................................m.....`.U.De.<].E...".B.c.4....8.[.Iz...DiY.e.\.....FY#a.e....^...O..#.^.9...m...k.I.}.Fy'.:H.P.T.)VH.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style2blue\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):20146
      Entropy (8bit):7.295541491388251
      Encrypted:false
      SSDEEP:
      MD5:B52B5C11021C8E15B6D02BB456D30C84
      SHA1:3E3970E90DD1B0C3377AEBDD6265FD175B46DE9F
      SHA-256:2116748C51D692441F851AC0D47C1FBF75ADAB46000A8C50C3F8DEB0755A9AF8
      SHA-512:AA1D739630B78E65B88BE2EC610C2058AA3EB19DE095B342415F80C7376A0CE5405FC7B3F8C6274BE14786A24715D2449D7248D771ECB6DF2EB8F7744B7032A1
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<.....Ihttp://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 4.2.2-c063 53.352624, 2008/07/30-18:12:18 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:dc="http://purl.org/dc/elements/1.1/". xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/". xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/". xmlns:Iptc4xmpCore="http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/". xmpRights:Marked="False". xmpRights:WebStatement="". photoshop:AuthorsPosition="">. <dc:rights>. <rdf:Alt>. <rdf:li xml:lang="x-default"/>. </rdf:Alt>. </dc:rights>. <dc:creator>. <rdf:Seq>. <rdf:li/>. </rdf:Seq>. </dc:creator>. <dc:title>. <rdf:Alt>. <rdf:li xml:lang="x-default"/>. </rdf:Alt>. </dc:title>. <xmpRights:UsageTerms>. <rdf:Alt>. <rdf:li xml:lang="x-default"/

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style30\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2545
      Entropy (8bit):7.07530933625052
      Encrypted:false
      SSDEEP:
      MD5:B4EA33D72A78CD03929C66EDDB5663EA
      SHA1:1702383EFD8214F09749DA1F396904A4303F607F
      SHA-256:DF5235A4EE23AA54AA809281C5E99429A32465F35432C74B52694E8B41547D75
      SHA-512:892B4CBFF795DB9718622854702C4E4780A72AC5409517263AEFD9C7F3469E363E259EF0EFD46BA359ED27D6008A8095FAA41723FBA69F4CB4E13D7504AB4364
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;............................................................................................!1".A2..Qaq.....u6..B#C.Rbr..3c$4tE.&......................1.2!A..Q."..aqB............?.. .................................................).......#..1c..j.?j..(..N..V.'i.V.2......ewC......x..6..,.M3...r...g9V.."q.\:9.k......T_.M...C..x?.L.a..s.|..q_ .J.OGX..q.....................................................tU.M7!.......f.'.......2[;.{....S[S...E...U.U.w.U.J.z........[.....]$.R.$..u.].ZW.6..h.e.....M.4..bEgg.pQ$....9W.9.J'.....Rc...Ni.I..Y...p...U...M.-..[.="...../t^.X-..YE.]=..l.F.#......K...;...s9.l.ZN...{cz....a.{+.z....j..sS.3..1~Mk...&..................................................U...-...3.z.hv....#.m{.S&6>.f.........qD:..n_...:..4......U...6.V....j..UoJ.oy...Y.Y...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style30\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):14751
      Entropy (8bit):7.904795754832879
      Encrypted:false
      SSDEEP:
      MD5:5BFEC7BF2CCE2A2A61B13F1C6CAA2F20
      SHA1:18C65648296712FDCFDD7B71E8F2657DA9B6A58B
      SHA-256:EF31019E3CA4BF904AEFCDC2A7C1AA958691A661F6BF8327144747022F253EB3
      SHA-512:D76098095FADF3CBB5DD7AF26D625950A951F3F8DC5B87CEAC3AADC124A636D45D9B064D9D9E441A4DAD1E597DBFC73182696A882920F33577A26E9B0EF1389B
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......<....".....................................................................................!1A..Qa".q.2B.....Rbr#3.t.....4..Ue.6'.$..CSc..%....s.DT5..d.E.....................!.1Qq2A..3..a...".R..............?.....0N='....].....w..P....'3s</}..V.9ZH .L.........Q....OH.....}5.#...9r.".e.rt.v........N".....3..a..c.}%..K....e.f.7...Mg..a.Yw6..:,YL|\....Z..r._H.....E..o.:t-a..[F.....25i..EA.x..w..G...XN../.l....;..&u.n7}..Os...Z8.;J.g.wokb..J8|....z.v...p.;..c..C{.y..vi.7.WE..._.....k..../.w.....@...5.........y..#>/3{or....S5.........6.>..3..f......W./0..........a>iY9...s..V86m.N.q.*.....s.s.51.........V.~d...X_.+}.~U..u.w2..=..>*.63...xv.E.c..w>.y.k..~...5[v.I.6F&yv.Cy.....O.b..\p.&y...X...c....4N1.'....i."S...<j..Hda.....(.I.W.7...."..B.|..79.r.)y.W\.sF..O...6...1rEoz....n

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style31\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):1857
      Entropy (8bit):7.215249408614814
      Encrypted:false
      SSDEEP:
      MD5:3093EEBE80B2F2CF879D7BA3BF3C2A98
      SHA1:B670BCA048AF3A9E69D08635172F34C2E259A5ED
      SHA-256:E2BAF1F27CBA052C7E5FD3721193D2D38E40CD3D455583BA570AA3A56066FA30
      SHA-512:73CDA9A6FC761D5F489672FAA59DA659DAD8D4C346EED6F79364B713D25A7937914F1F69CA35A42E16790B1FCF26A91DB1543E8F7017F90E81660392D3F92F62
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......;...."....................................................................................!1.A.Qaq."2.....B3C..r#..Uu.Rb...cs....$T6.....................2.!1A.q3.".............?........................................................E.......1?xU.9.<p.......!.....9.G&...'.Q\[m.K.l..v..................?V..K.;../d........uU...)..*......I....2."Ve...9[t.{f.........9(C.a..4..;.m...z.r:?Q..e;...YL.lW..r..h}.M.....n...........Q...7..z..K|?..-Y."zx....o..>Cd.....;.EU..VR...K......==..(./E./[\&&..|;.k...........m....................................................F?. ..C....*....?L...]U...1.6....5..8.S.O?.l......R........9G...e..O..i.0z.g..Mi...qz......l..Mz/./.....|..S9..>FD..WfcQ).B0r.r.+.G.....]XT..].......niB..(=.lk.....ij....5..5....c<'..Q..............r.N]..W^....oS.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style32\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2442
      Entropy (8bit):7.0305937867254915
      Encrypted:false
      SSDEEP:
      MD5:A49B07F0A96E1FF383768F34075C7BA8
      SHA1:E4B7FF4FC3366C083E8418B831C80574B4EA3460
      SHA-256:DF6ECA31C58B7FF13A68007CBF006C0EE5482B20E06D249CD9DF0D17602163BE
      SHA-512:F7294923ACC1101BB8ED4A88636FEAB255CEA6789D09E36C28B16978E4C4CEAFC9C76CF452500220F9C1FF0E07D1BEBCE46A4541D0803C89C76F030B9A85F6BC
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.........................................................................................!.1..Aa..Qq."R...2B..3...S...br#cs..$D5........................!A.1Qaq...."2..Bb.3..R...#.............?..R.................................................mF..z......d=.D.LOw.7..H..W...........L..]:p......].Z.8./2..jN..%..1t... .......wY...mn|"".4..-..W.q...l..v.....B1].:9..DVm.1...{:.R.g.+....W.v....2z.!)s.we.\...J..?I.k7.-.).Y..w...^..../v{7:..C...........[5sc..=oV...[-yOf.R......L......6..,-.Z..L>dySl.;....\.S....X.(~.....%=GR......a.....k^.7.....{n.......................................................N;].'Jr...]......;H.R.m.....fmN^.....^.#...l......<g..urr.uEpZhO..W.I.R.U..}_..,?...).^.......N....".-.2.\./.....\.s....s{...u$.4.cF.T..c%..zD....<.Y....N1jQ.2%.YH./.*..

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style32\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):15062
      Entropy (8bit):7.569291717022306
      Encrypted:false
      SSDEEP:
      MD5:1418121E7BA640529869485AF7C37C67
      SHA1:FABA3DC0CFEC716DEB50D101E2DEBFEE9521F736
      SHA-256:03B39F8FA7228840A07B3F83C25FF510BBA2CDCB419C293BE293658DA796C5FE
      SHA-512:C25FE52B05A93B35164B2F2AE5FED961A71BA4DDAA54D92B8148E84C85ABFCEE60F5E5FFE65A0E28A53BEEBC605AA81F55AF31AB9644ABB922473BF55F0B7F59
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<..........................................................................................!.1.AQ.t.aq...."2R....5..B..#3S.br..$4TU.....s.C.6.c...D.E......................!1..AQq.2.a..3......"Rr....Bb..S.#C...c............?..WU.BU.b.........E#...W.u....-qt.h&..Y9....4Lp.(..>.B..A.GZ......v\.-F..)8.SyB.X..&.S...:!..p...-.....p._....U.d..P.x.W...;.}....x..=j5..h.l.*.6..r.....3..h........7..z..D.9....Fm-........9.....)?...........j{.)?...........j{.).Gt...k.).......)U....(N5.ao...C...>.0..kLi....E..r....y.......r........oO.r..r...x..o#.3.d...-.'{..Z...oCO.Q...j...g.Z...oCO.?s..[.N;u..h....>..._.n.8..~.......4...9~...[m....X..mF..n..N.....)g...K[.M.g.O..k35......................................~k.%J.#CO..u%...x_a&...c..j..L.'Q.N.(Q..i.(.<IdvgV9.v.o...CS.cOz

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style3\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):12957
      Entropy (8bit):7.449910761873419
      Encrypted:false
      SSDEEP:
      MD5:532D3853E3C52A53D1B5C1B5A3E6CAD8
      SHA1:BDD6F81424332F0229AC503670ABAC17D17E1BDF
      SHA-256:5003B3FE5D4D1C2F9EFF86C9217DC9CBEF5E33E5A280B5B07D62FC1E18A4856A
      SHA-512:A1F1CE757CC5FBF3B634519A41858105BCFCEBFD0AF2C77BB570D82C6EF8322ED54B131D99BF72794CAC6DD136E616F97EBF4C4DAD7DBAC48A41144C1F2B875E
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<..........................................................................................!.1.AQaq....."....2...BRr..#...3.$.u7.bCS.%.Te.6..4dt...&'.......................!1..2.AQ.r3q...."a.R..B..#............?...c.R..A....7.j......O.0"......W@.J.]..q~..5X.\.w~....i].)...Z...P+.....n..W..|.d...)V....[..Z?.:......;qRQZ&......GY.X..^..;....._.mB.}N.T.......um.>.0+.f...oH...P0..R..._.-AV..Y.T..X..mF\....^.h.....iM5kF.......z..^.....Zt.UZ...........\.^..g.!i..W...u....^..................................................%....5..g.S-gIY....+.w.......MQ%.G...W..[m.KO......rT..j..V....Y.....`E.5.U5.....G_`....../..U....>..4Z....f.Z.!^..r.(.UCxqz.r.6K)....eV..S.Q.cD.{.i.;.U...'...f....MS....q..W..:...h..\o.93.N*._M!.~..v.....U.z../...7,..\....S......@..6!......S..#%+..m

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style3blue\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2226
      Entropy (8bit):6.879083376948445
      Encrypted:false
      SSDEEP:
      MD5:8791B619E5AF65D4DE7D1796EA52CC42
      SHA1:E219ED9209A502AB9B757ED53C4B1D0EA70BB7A0
      SHA-256:D6815E17F00B992561975ADED3D6F05AE015284BAFF738B69F0F0A197EFF6DBE
      SHA-512:2833C256035EF056FC4A5281164AB9486C4CE4CC953980D5796DE043CBC0C499C5DC5D6C85D4D38255B9DA83B2C0863BFE078883079DD7E3ACB01BD03E2E0D67
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;........................................................................................!1.Q..Aaq"2...R...B..br4.#3s$......................1.!.AQa."q2....B...............?..R.................................................P...'...DTYnw.i*T..mA..o.t..?})...9...Y..<..y.p.......... .k..Zb.e}.z/3.!.....zy....Vr:Yo-.Ea....[..VGM].H......................................................Q,..8...q.E...P.co'.....4..yF....#_........<z....F~Z.v.f......g3f.x0..y..%.:->.Y..nwv..xB3.;RX..a...x..j.....,..'......n..yy..CL....g...n.._..qe..X.s....I..G..G.....+.*.......`@...............................................4.J4.'.b...w....e.U.....~.J..f......&........c...u.Ym.n_5.ggw..v(.[.$.l...em.~..{..qt9.U<jR.s..U.d.9.='....\.V|c.Js....'rK...E6....;...n.lmE..<..6.9=e'.l...Om...SSQ..8.o.KXxM

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style3blue\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):20532
      Entropy (8bit):7.440043261654626
      Encrypted:false
      SSDEEP:
      MD5:DCF8DF2C45C49A36C928A31C27B9FF33
      SHA1:22860795D3D1D454D9F6B86D6439F86D46EA2685
      SHA-256:717182C423DF9D3EC0CB29C7D1A7E81736CE1093885196C3C43FA6732678B11D
      SHA-512:5849118B73E5708978688ACAB6547F58FD8502F93537A65D4DB89097730A91BBE5918DF256C4FF93EE560DB17171CBE1A62CC29288EA9FD78EAE14642F3F12F0
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<.....Ihttp://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 4.2.2-c063 53.352624, 2008/07/30-18:12:18 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:dc="http://purl.org/dc/elements/1.1/". xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/". xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/". xmlns:Iptc4xmpCore="http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/". xmpRights:Marked="False". xmpRights:WebStatement="". photoshop:AuthorsPosition="">. <dc:rights>. <rdf:Alt>. <rdf:li xml:lang="x-default"/>. </rdf:Alt>. </dc:rights>. <dc:creator>. <rdf:Seq>. <rdf:li/>. </rdf:Seq>. </dc:creator>. <dc:title>. <rdf:Alt>. <rdf:li xml:lang="x-default"/>. </rdf:Alt>. </dc:title>. <xmpRights:UsageTerms>. <rdf:Alt>. <rdf:li xml:lang="x-default"/

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style5\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):7395
      Entropy (8bit):7.466151286925824
      Encrypted:false
      SSDEEP:
      MD5:9937F5909468C0F858F50988A4D698E0
      SHA1:11DEFB7925C6AABE74A347D89E275CF2325B3A7B
      SHA-256:419C260F92EF500C6CF510DE5DAC7C598F98B247F199C8A9EF01C9C2D300E412
      SHA-512:5CC0DBAB3962627567D2DE306EEAB7CEC588F7709CB5FF2A9E1A39037F3A03E057E957FBE23F7697D419136B1FD604697C1616B89CAD56DF291765076263673D
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......<....".....................................................................................!1.A.Qa"...q...2..tu..Bbr#..$d.U6..3S4T...&.R..CcD%5s.EeV.....................q.!1Q.3A.a...2...."BRr..S.............?....>..P.H...............@....4......l.....6p....................................................je..'4e.e..qTZ...(.E.z.(.MKu*."..@.....S.....2.\..@T.T4 z.....bl....)?.&.'.._W.k..............................................d.rf$..}....[.gW....2.X../..7.5.>%m......2..q|.....4.R..e.>.6z..5.#,....E...r.E.z@U..Z...0.Z.=.u[{t..._..t...>^;...N.Os......+..1\.........................................S.z".Kl|..sV.q2E..|L...l&_.1E..=...,R0..YX...F..v....+u`l..Y|fj).c 7!#b...U..b&Db.. d.+)h.rF+'........U..;...K.....\.?.'N....W.k....Z........................................9O&c.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style5blue\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2487
      Entropy (8bit):7.066916300234175
      Encrypted:false
      SSDEEP:
      MD5:D1FD1CEFDA5F68B33645F4C85AA66C8B
      SHA1:5397792E2F3B130B1F76D2B17D41CF82284A8857
      SHA-256:633C433A21BB465C5E710E92BD0E43FD36E1FA65907724B2C56DC69892C46EA3
      SHA-512:ABA293FEB9BF08073F038F28A115E20A9E4F6182F30FC25343CE325B335A0451768ADD804D53F9CCED571D4F29F43B6344E30F2D2E295E2D6D9E3C59AF73BED5
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;........................................................................................!1..A..Qa.2.q"r3...BRb...4....#CSs$%........................!1.AQ.2.aq."...B..............?..................................................A.M...t._........~..c.].E.4eE.z.s.8a..........6.....Zh....y.U-.1.n...m..i..v..j..^......m...TN._..f....~...e.......Z....y.......R:=..H...Jp.8.df..Y.aka......~m_*'k..f+.......c./W...5..O..%?...?.7.i.tt..................................................7.F..GU.L..G..q.dwk...m..#..10J.f......xp.gn....7.Nw...W"Em..O.......+_..c..h._...bl.....j...".......\.EEF..`.Z.._.:.......r2TMX{..z..-...N......bZ.d.S.Er.h....Oq.<x..b..]G.m.=.E.5.Jhj...z..].Ne..*...r.<....#O.C....s.K..O@...............................................7.m[.... .=......79i.)z.T

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style5blue\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):18862
      Entropy (8bit):7.862167173930468
      Encrypted:false
      SSDEEP:
      MD5:C53B3BFDA82EC124F9F865C2806B4856
      SHA1:73C75FF856CE6FCD7B2D1D004DC453F49960DE54
      SHA-256:17985FD337F91FE7477E6B806740104EB17CCC0A984DEE7B8078CB9B18A63CFD
      SHA-512:FD2A170A954BA3712A2A67C0899BBA5D801CDF6ED70364029984F74C53B6885044F0923C3288DE6C1ACF7F2E7BC008AD6D0626071A2F4FC028716DF248E0CD99
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!1A..Qa".q...2#....BRb.4.r....3s..t...S..$%..DT5..C...d.6.......................!1.AQq.2a..."......BRr#3.b.....S4............?......p.u.mmWF......8.wi..yK......`hdy..14.-..C....9.X.5....w.]........k@.kF...[.3..U.V.\g>s.8._g...&.cF........[.e......`.n....d......0m......^.{.O.,....G.E6*..dQp.v.]..&...BV].i..=.a...l.R9.a.....&..{.........so....*.*.b..X.......3....1...z9.....f.p....[.r.!...>E..3..x..%...kI.....8)............%g..`....V..).......u.VN8.=....w.99....p....oGnh...uv.....3~\{q...?K.m.9y.OW^+..........................................y}.>{s..L..{X..i..'....m..A.._,....y.h.+..5...C.k.......A<...t.y2<.N......1.....\..s.s6.\D..v.{...n.f....c.ww<....~_.]f.2s.N..q6..]A.......O

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style6\banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):1932
      Entropy (8bit):7.210173003011022
      Encrypted:false
      SSDEEP:
      MD5:C8DF10E174EBEFE6FD629388EDE100E3
      SHA1:ACD7CF7271517F41F0873A6646759B6E469CA06E
      SHA-256:7B78411AAC25B0A28FDB60160761AB13185BF2286638EB38B356D89812DF423F
      SHA-512:723A2DE2C88925BC95BB404224407B790A94C8954BF511528A75D6DA9D50FB369EFCB5D1D2B6B485D1F504C752A704011BBF56A74A7EC4874E6F8252CE423921
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......;...."...................................................................................!.1A..Q..."2B..aq.....#3.rC..$u.6.....................!Q..1Aa.q..2B.."3............?........................................................G>o....Z_J_d\'R..r...z....J..X.0..t..X.P...g..8J.]...-.D2.e.....q.P.1t...v~.g.U.7s\.].rW\2!+Sj.;....8\.~2Wm'.m.SFn/g....woY.....[.+.p...t"r....r...I/.$.........q.Wu..u..1.e^...Q..&.n.4.=.U%K....V..d.~.....o.gJ7ck.F+t..d..v..O{..\.....'b.goE...5.9..c.$....;.\T..T.....v...Fp.....z..{..%..Z.F....4.K.3..%..+R.&.:..K....9JK.".6....[#......m.S.;.....?..7...-....... .........z..s.@...................................................._...].0.....j^..zU..........F...i.9/..'..?.M....;...|.:.V.Z.R..........3w6......<y`.....^i.1...k.++...-B.A]...U.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style6\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):11128
      Entropy (8bit):7.643351834025235
      Encrypted:false
      SSDEEP:
      MD5:07FBF5F33162BE39530545C5BD66EBC8
      SHA1:B4A857E4A3E4C11AA2A6A3A7BF9F7CA8FB3CC6C2
      SHA-256:871774E4B6A266C169BF522D89FAAAF3BDE0E1EC503876BE8FEA0D2AA98AD1DF
      SHA-512:2BAF1DABCBDF2C6797437F7A9F5DA7BC10CBF8C2B8CEDC464AE1B0053D1C9838A7DED65C4500BE84CA269987E27F9D271E3C0CF3A78214267B72430AF58BB9B9
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......<....".....................................................................................!1.AQ".aq2...BR#....r..u6.b...3Sc.$t...C45.s.&.%......................!1.Aq.Q23.a.".....BRb............?...f.p.T..T%.E.Gdu>........vYl.J>d..<.s/.Q..+.N<..,.].)a.y...^.8.(..33....)W..M2[....m..[\....5.>oct6.]~...+-.&....*0iG.>.......|...n...UW)...b...Qy.c1....>....g.S...R...>.....x..t..lkmW..E,(...=..s..u.....4..._-+.......&3.-..6..R..\1....{Eg..........g....5.d.xp...e."J........m..+^..Z.|85.%F..RX0..........)......9M........jR....(..yO-.gIV...AY..7..2ye..m...c.e....kL.(.7.k<r.J-....{.y/9..2..c..o...........d.....e(.T....y..Y..Ii.R.d..)w.T{.V.s8Gk*!O.I..)a..)...Qq.o:.,.....a(.DowY]4.....%.<..Q..4.^-..B....u..#.{.e'.7$...g...Y.l....8.}....F...N.M...Ue2kO.b].=!U.bQO

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style6green\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):15801
      Entropy (8bit):7.602289685714489
      Encrypted:false
      SSDEEP:
      MD5:5121400C0BAB4D9D4428C4D44F63FA01
      SHA1:EEB075E8125576B724BEE3387CC1756AC1A6DE70
      SHA-256:0B5BC976042E1A7B0013A1F7A63BECD7CA5BE40FC20C5566F6277148933B516D
      SHA-512:C39775AE41A53985838591654E296FF07F5B967D45CCA1267C8936E4F6792373802E8ECD6F7DCB5D1569FDDDCF3D67678C4F371ECBBA961E3BBE9116D86E3C8B
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<..........................................................................................!1A.Qa..q.."2....BR.#s...br.3.$t.5..CSc...4Td.%...D....6...Eu&.......................!1..AQ..aq...."2Br3..b......R...#..............?..!......r.~.V`..}.Qm..F.}`.I.8..M.9W.i..y..y.r.?:>..l.....IE97.mdL.k3g)]W#&...V...w19...J.9.'.0..%)t.b.X..T..N.a..*.O.NV.7rM*I.I.0.*..m.7....K...k#&.Oe.......&...j.y.....4..Z.^!..ww<..qJp.\.s...{..9...a.......M...v.vN^VRo=f...V.yyY.V.N....R....Q{.s....z.?./++.=f.Wt.9i.\...imn..'......._{tz.....................................|.....7s&....2}/....K[oyw.u..I.u.{.....gi.[...~.^.p....t....Yi...w...N.M.}........R8..g>..8aj..-.r....S........F.P....Ot.5 I..?..^.....)}.m....XJ...F..^...&..j.0.G*..r..FMyht..c.K,mj.(~...BI:q{...3......n..mn.E%w.O.%...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style7blue\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):19109
      Entropy (8bit):7.87219444334325
      Encrypted:false
      SSDEEP:
      MD5:40E9C790FC05030071EB615D195C28CA
      SHA1:3A90C8770C15E7ED07B95D49F33299E1142C054D
      SHA-256:1D7D8D52ADCE21C1317BD7ED5717292E7BF3CF50332495DE73FF6B8C0C9CD31D
      SHA-512:BA94E19388FE82F06E1F89F37CFFBBA608AEB3BF5229FB99110D740AD510DD2A47AA16C1CA4D3B501E6112005CC4CAF4661437ACE2DAB71BD223B5F9EA21E5BB
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<.........................................................................................!..1A.Qaq."..2B......Rbr..#3s.5.C$.%....c..4&.STdt...D..u.6.....................!.1..AQaq2...."......BRr#b.3................?.....+.fh{(...cy.)06.>.Gy...;u.P.......%C+...Nu....:i$..k.....k.%e]....hF..u)......V.}..7..*..p.r_...5Klm.i.4.#.A.l..I.......3..F..v.s.#..`'......{k.t.;3....<.K.x.....y..G.8.~.w..Cv...cm..p..W.w.m.j9....0.+J.O....|..zr...m...S..=.ag+2b...Al...d.g|.=O...zOL...v..........................................9.J%..H..G;...Y..X...}.3.q...w.-;[x.E.<N.0.sK?....Ae.S...v*.'e...oXP.%.a\A....l+.B...t]n.Ti.gz{.....u..Ei.z.{a.....q...9.<#~f.G..I.N\.sF;{.1.H..j..$...fds.^.G4U..(.,..|.D...v..9+.......1..k..+...'..'.-.?....vk.n.Z@YV.>....Z.G..>..1..S..=...>i...@@@@@@@@@@@@@@@@@

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style7green\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):17199
      Entropy (8bit):7.863359226087665
      Encrypted:false
      SSDEEP:
      MD5:410189BE8CAFD04436F33930905390E3
      SHA1:2BD1967E834BA580BF4C73DA00582FB378C6AB37
      SHA-256:3C260A9D5BA2EA062FFB10A7EFACC5D4E8BEF492692BF12313D638A3E6E4DAA1
      SHA-512:93094DDB6F381D69BED609C14214AE62EE8770243B2BE863077ECCB8F9A5279A0A4CF5C15378FFC57CA92F65073FDC76F43DBC197845B4ED18EB7CEB6ABFA8C6
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<.........................................................................................!..1Aa.Qq."...2...BRbr...#3...Cs$.%5...ct...S.4d.T.&.Deu6........................!1.AQa.2.q..."....BR.#.br3...................?...6.aj..4.e,}k.D..pa..f..N.z.L....iq,.mp..Eg..{.^.{.M..[ax&....4#aP.T....y..W..+E....&.../.O......4.....r.9i.a...9.hZ...J....`'.w....:V.{..\.....]..4O;.A.7.4...B...B..6....ecI..../.b...(.9..2...i..\.q...P.o....ssK'Nr~..1P...P.Q..97.d..w.b...._.|.. ..V...9..[.....G._..x.?V.....I.....Ea...o......`*.F..[.U.M...oA..U.j...@.9\*.&9.b..k...N[k...7vj.]...8..nO......\..}.o~..1.(,[..~H..$h.o...5fes.{...Zx.[]....J%`.s.H.._I...)..u.q.....}C..OV....?v...GI.P}...A..o..\..h..._.z.. ...].`

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style8blue\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):15309
      Entropy (8bit):7.556700425863634
      Encrypted:false
      SSDEEP:
      MD5:CBC1FC0E37EC938A2F5971157E64A181
      SHA1:7E4841135D3BA80131CA8FB7ECA01213FE8BBC77
      SHA-256:1E49BD20D519D3701297815F4AB8055EDC6DC1F289E9F74CC4DFECD6DD29F29A
      SHA-512:79695E708A30A5494898A32E28BC8B3A7EC9A560674E123A22A03480FE921D2E26CF2FCD7B656A80004347427EAE1D0DDC60690C2CBB7A69275C475F12388968
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<..........................................................................................!1.AQ..aq."2...Br...R..#..b..3S..$4t.5..s.C...%..Td....&......................!1.Q.Aaq2..."........B.Rr.3.............?..VE.1.....mU...y.f=..Zj.E..&..c....ut.8.G...jq.m.Mj...e..mN.z..g.?....h.].]...S.Y.q.......'u.."".Y(x....~..(......e......]......#........-....................................>cl.m.+.i.I..nS*..C._"3.-$.y.^......T.._q....~...V.y.).U.....5.........w...T..4..tv.|U...rRj^=......|........-n....\.<..M.|..y}..gT...k.....J...].1M...&..g3*.<.+..c.}..F.i>......p.k..S.soIE....=...Y;7Mi...ke.........Q+{..Z.*......W.y}..G/?wo..S.[....................................|..._S....]"..;.EN..%...kK..Q..e.{E9w.!..t.../..K.../W.MN..2,...>.BSk.).aM...M..!......e..i.r.8

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\classic\resources\variations\style9green\dialog.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):14009
      Entropy (8bit):7.78426028548639
      Encrypted:false
      SSDEEP:
      MD5:D3F7220F9A2738D58190AB8C9A3832BB
      SHA1:D35397C6466D8CD29D3B70D19A763CFEC913D7A4
      SHA-256:40633CA599AF04614128C3FF5D109EF3790B96F961DB6D0E4B895E73184CA92E
      SHA-512:F25C1183EA0513CC9DDE8C61EB08177F77C789C040509553C78687E66220E5DBDAEA1A4E3F49ACF679972622490760C3F080026AAA27C84154D8042FA9FECBEB
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<.........................................................................................!..1AQ.aq."2..r#.4...BRCs..b..3...S$...%U.c..T...tEu.....................1.!..AQ.a..q....."...r..............?..i\.5"..>M..H..3b...P0(.4.D. ................[...+v.....J......:O'...[.b..z.b.B.......]....OO...D.........................................$p\.5.K...b.Y........A.....x....8.EE....f.7c.*..6..r..gy...".lR.......S..... G...h..^..W1I.H..Pj8.+=@@@A.y?......k...*....\h....\....:zxNWj .1\.9..$.?......!J.&.(..CN.y.QQn...R.D]....\...H]#..\x..B..Y.4....0..g.........5~.._.1#...1N..l..e..'.#....A<,`.&..nv.....M...u.SE3..psN..\.@A.y?......k...*....\h....\....:zxNWj .2.y...vG...."..7...P7u.6...TI!...vn'.Ue...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\ClientServerDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):6211
      Entropy (8bit):5.249268795019198
      Encrypted:false
      SSDEEP:
      MD5:A618ED3763987C69D3186DE8A45843F2
      SHA1:16124F3FA2DA10791B0823FC433290A10BB28F4D
      SHA-256:FE98E5432ADE8BE66F2157B55EF7F5C3D05120B612318E317CF1CBF1DC68D09F
      SHA-512:2C3861D34CFE29E5182E579321CC3520184AE8D90943133DF3C77D7E171B19884BC0FE3F7123F38A4CBFF7F4342557DB437F471756062C442723FBA9470C1D6A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="clientic" SourcePath="&lt;AI_THEMES&gt;classic\resources\clientic.ico"/>.. <ROW Name="serveric" SourcePath="&lt;AI_THEMES&gt;classic\resources\serveric.ico"/>.. <ROW Name="clientserveric" SourcePath="&lt;AI_THEMES&gt;classic\resources\client-serveric.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ClientIcon" Value="clientic" Type="1"/>.. <ROW Property="ServerIcon" Value="serveric" Type="1"/>.. <ROW Property="ClientServerIcon" Value="clientserveric" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ClientServerDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="ClientServe

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\ExtRegDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3513
      Entropy (8bit):5.275528166844745
      Encrypted:false
      SSDEEP:
      MD5:8C12EC845ADF504625CCEF6E66C51051
      SHA1:7DEEF280FEF573C8F0C6606F384D5F1682BCB04D
      SHA-256:FCBE671B0DB86BD98A3EE61255C7E803F62236A3B179A938495A7A83A68B5DB2
      SHA-512:5ACE1CC29A71EDF2238792E8DD5D04C9C3E81B71A720D156103143E249FB9C24E30654B0475D8159F7519FAF183DA4F30E912E60C3827129C368E997168E985D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ExtRegDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="ExtRegDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="ExtRegDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="ExtRegDlg" Control="Buttons" Type="RadioButtonGroup" X="176" Y="184" Width="314" Height="40" Attributes="3" Property="AI_EXTREG" Order="400"/>.. <ROW Dialog_="ExtRegDlg" Control="Back" Type="PushButton" X="312" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="5

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\FolderDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4049
      Entropy (8bit):5.2462777128099765
      Encrypted:false
      SSDEEP:
      MD5:0D16DD0EB913683D9F1DB6A6F1D4B94C
      SHA1:B3728621ECFA7AEB40F9E470153B47472BD8CE5A
      SHA-256:DF2D901AF8BEDD4A988C07F45C925E844285A7E7EB48784B4B06E5A8693EF525
      SHA-512:07272FBF8CE498FC102B0965F64F95EE9004B7D77E23D01C20F6A87A7300BDD5F3F2129C931D91CDDF5F7ED7CD7ED53D0B09FDDB3336E91E7E9E892AE30BF0A5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FolderDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="FolderDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="FolderDlg" Control="FolderLabel" Type="Text" X="174" Y="192" Width="348" Height="12" Attributes="65539" TextStyle="Normal" Order="300" Help="|" TextLocId="Control.Text.FolderDlg#FolderLabel" HelpLocId="Control.Help.FolderDlg#FolderLabel"/>.. <ROW Dialog_="FolderDlg" Control="FolderEdit" Type="PathEdit" X="175" Y="204" Width="252" Height="18" Attributes="7" Property="APPDIR" Order="400" Help="|" HelpLocId="Control.Help.FolderDlg#FolderEdit"/>.. <ROW Dialog_="FolderDlg"

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\LicenseAgreementDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4161
      Entropy (8bit):5.271899903591803
      Encrypted:false
      SSDEEP:
      MD5:88F374E82599CACA5FB4A9F03B3FA006
      SHA1:E72B3856ACD8C639A99CF41DC9EB87ACEE500D50
      SHA-256:09E0D9514E61771D50B10E033D8CA9C3288589E5CB3516425D4003EFA356DF01
      SHA-512:6088F19B3D8420AE21952057B7BC76597327482DBA7F610CFC60DEF96E11E54EB6A9BCD476DB39FEA5E4DED236E9B94987569C727BAAFC4DF266B2F4F1617C98
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="IAgree" Value="No" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LicenseAgreementDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="AgreementText" Type="ScrollableText" X="175" Y="104" Width="323" Height="120" Attributes="7" Order="400"

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\PrerequisitesDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (342), with CRLF line terminators
      Category:dropped
      Size (bytes):3252
      Entropy (8bit):5.271669649921692
      Encrypted:false
      SSDEEP:
      MD5:CA99E59C0E291CDFD65584669E1ABAE6
      SHA1:3D8F691BF1CB49EA28FC2FBA229F0890CDC4FEE6
      SHA-256:85F3BE3C55C352D8221E11A0B247F303C176CFA0235CEF0E2EA6E6E77D596892
      SHA-512:B85DA3EC15A7CFF0228E35D6B53E6AF8B0380BA22DBF749B8078A4F615315DF37411B8CED7E4AC6F55ECD4708A2394C2FBE33CDB100888AFC70B6D5BF046CB9F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="PrerequisitesDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Back" Type="PushButton" X="312" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Title" Type="Text" X="11" Y="9" Width="200"

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\ReadmeDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2981
      Entropy (8bit):5.256576590697771
      Encrypted:false
      SSDEEP:
      MD5:A6AE258246D70389FBC8D4432229A431
      SHA1:BCCB1A710212B0A43AFA794947F18F4E33B328E0
      SHA-256:4ECE2F4D00DECE5C1FD8AEC98D5B5C74EAC4715293C2817D1F09AE33BEC81BB6
      SHA-512:DD2082CAAA293E6700E4FE96C156D62C753AE13FACF68043356C1E7F90B3813E5AE715B7CC20B35B9503E885F51E956E5F4561F82D92C552AFA0AF371FC38534
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ReadmeDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="ReadmeDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="ReadmeDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="ReadmeDlg" Control="ReadmeText" Type="ScrollableText" X="175" Y="100" Width="323" Height="150" Attributes="7" Order="400" TextLocId="Control.Text.ReadmeDlg#ReadmeText"/>.. <ROW Dialog_="ReadmeDlg" Control="Back" Type="PushButton" X="312" Y="372" Width="56" Height="17" Attributes="3" Text="

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\SQLConnectionDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5346
      Entropy (8bit):5.268912586201043
      Encrypted:false
      SSDEEP:
      MD5:C800175DCA236979265CF19B87812E73
      SHA1:1F138A0E7446124E778472CFE3F96B3D8674EC77
      SHA-256:4F223986C0488C968F326940F8240CC85E24D589D1F4B193350166F65E536E04
      SHA-512:46AD137A79FCACCB4147BCB23319649319D8384FD1050A04CE35DCEE6793907C2C35F74F5B956FC4C02445362F598EF4B867B1ADDB504194E1038AC2D3BBC2E8
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SQLConnectionDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="SQLConnectionDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="SQLConnectionDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="SQLConnectionDlg" Control="Back" Type="PushButton" X="312" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="SQLConnectionDlg" Control="OdbcResourceEdit" Type="Edit" X="247" Y="11

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\SetupTypeDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5772
      Entropy (8bit):5.290566101964744
      Encrypted:false
      SSDEEP:
      MD5:29BD171F2C878B2280299F583D000D53
      SHA1:EDEBC84DD7E82B1B2D971F8F258B268CC3E1E725
      SHA-256:FA01EA48055FF30F45227F2E6B4D0794FECC1A31FC191865AC94FA2315123AD4
      SHA-512:BD22A8EDA19F072EB5BB51228789C3B44C8E4AFE3D580E383089C46C8727106FE804EB82CDC48C29D2B01A5D143E96070F015CD1CFCAE0EF06B07300861EBAC6
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="SetupTypeOption" Value="Typical" ValueLocId="-" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SetupTypeDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="SetupTypeDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="SetupTypeDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="SetupTypeDlg" Control="Title" Type="Text" X="11" Y="9" Width="200" Height="15" Attributes="196611" TextStyle="Title" Order="40

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\ShortcutsDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5247
      Entropy (8bit):5.365195354072342
      Encrypted:false
      SSDEEP:
      MD5:7E8ADC3EED21A0B2FAE80C9F82E82CF5
      SHA1:D1C5B6FDC1BD6F3B8DE510A5FF461F8DE8046EE3
      SHA-256:A73026E18A1BD097FCC2E32D2EE326C5DDC4453445B9320F6F7BC20244F94A18
      SHA-512:7DE210037156AEB4C33E287FE8B198F2A4F81CB9B67D19F681C7E75F916B3979C19E9754BC3A8A0AACBEC0D6DE681076C992AB8E5F7D084742D518F80C7ABDF4
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTMENU_SH" Value="1" Type="4"/>.. <ROW Property="AI_DESKTOP_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTUP_SH" Value="1" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCheckBoxComponent">.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1"/>.. <ROW Property="AI_STARTMENU_SH" Value="1"/>.. <ROW Property="AI_DESKTOP_SH" Value="1"/>.. <ROW Property="AI_STARTUP_SH" Value="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ShortcutsDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="ShortcutsDlg" Control="Next" Type="PushButton" X="368" Y="37

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\TemplateDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2810
      Entropy (8bit):5.258230557372304
      Encrypted:false
      SSDEEP:
      MD5:F9A1CB76A23DA3539692A2C123A26BE6
      SHA1:AA4BF9C11A35DB9C8F62593B6DA7C71870B9BAFB
      SHA-256:80D0B91A297BDBD7497DAE24067D155D87811E1D554E68AFE57847A372C84752
      SHA-512:84E7393C594C1BB8BACC54823EBB70BC48461EADDA943E0CBCB5DDEC0A03EF0287A0312EA3C4CE66152F2524D07484C3F9348C89CB9283BA93A3D5CE2296BAC1
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="TemplateDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Back" Type="PushButton" X="312" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Title" Type="Text" X="11" Y="9" Width="220" Height="18" Attributes="196611" TextS

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\TemplateSeqDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2849
      Entropy (8bit):5.276731800730296
      Encrypted:false
      SSDEEP:
      MD5:BBFFBFE8709B7F3C8971CAEDC22CCA84
      SHA1:2B8B7E675623AC93B2DCBA275DEDA675A975954D
      SHA-256:38133C9A257B10148626B362CF910BD3F36E78485610B19E090D628D643749C5
      SHA-512:23C0C3DC9E0B90510824EF6829FEF8781B00A52E0868D20AFC87E91BB45DFDE2D09A6D478E14212081BEFA6157C7A5E6FCCCAC92EF9F5B1F0A86DF8B9126C6BF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateSeqDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Back" Type="PushButton" X="312" Y="372" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Title" Type="Text" X="11" Y="9" Width="220" Height="18" Attributes

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\TemplateSpawnDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1691
      Entropy (8bit):5.322591079643616
      Encrypted:false
      SSDEEP:
      MD5:B56AB4B1C3AFC869F6616A81D539C99E
      SHA1:CE0C174F6FC19214659FC47E374F02904A0E271B
      SHA-256:2C74A60BE088E05AE8654C5ABC24777E1549ADB3ED538FCA8EBD598EE9ADE511
      SHA-512:FB8C2BA56868464B7BF6436AC5ED236F5B93587CC5E14E2398E3282FCFA1C13F9439B8B617CE486CC941440B5AA0CD2D89A4E44DBA006D431CC68259E39196DC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateSpawnDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="335" Height="69" Attributes="1048577" Text="[WhiteBackground]" Order="100"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="No" Type="PushButton" X="273" Y="78" Width="56" Height="17" Attributes="3" Text="[ButtonText_No]" Order="200" TextLocId="-"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="Yes" Type="PushButton" X="213" Y="78" Width="56" Height="17" Attributes="3" Text="[ButtonText_Yes]" Order="300" TextLocId="-"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="Icon" Type="Icon" X="18" Y="18" Width="44" Height="43" Attributes="7340033" Text="[InfoExIcon]" Order="400" HelpLocId="Control.Help.CancelDlg#Icon"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="Text" Type="Text" X="75" Y="16" Width="232" Height="30" Attributes="196611" TextS

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\TomcatServerDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4497
      Entropy (8bit):5.269785884589849
      Encrypted:false
      SSDEEP:
      MD5:762B115C5BAA123B0838D33DE32CB7EB
      SHA1:09A57DCA0B3A9DCF2D5A00C47EEE0B2312C7DE76
      SHA-256:CE275B222884E3F9A256FB97F2F70BCE9420BD4D5F02E79AB4893DEC00F07C6A
      SHA-512:E7E83D1B4CFA489B151F3518E375F9062D6B64C2A7A3D1219642062C29F6F22526946F0C9555D74B3BC4FFDC900B0E45FDAA3DAFA374A8A87183565019CA869F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TomcatServerDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="TomcatServerDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TomcatServerDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TomcatServerDlg" Control="Back" Type="PushButton" X="312" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="TomcatServerDlg" Control="HostNameLabel" Type="Text" X="175" Y="106" Width

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\UI.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):64679
      Entropy (8bit):5.290544492563791
      Encrypted:false
      SSDEEP:
      MD5:E1F6C2E4CAAF9C89553001A080598DFD
      SHA1:07C54E71DF77D15F075F2C4A785F75FF162C6720
      SHA-256:2170984F3516B907CB95D47FD1529D4E58B8AE20F7E6CE08AF820B693E037B6F
      SHA-512:6ADB485E5F33D720E681F0A5D21924E5BF3AB7826FB0ECC5C68378E3093FB22FE5C4EA497676D20BF9BFDFED71E206D2A296EC84AB48F271F8C44C81B9E33F48
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="info" SourcePath="&lt;AI_THEMES&gt;classic\resources\info.ico"/>.. <ROW Name="New" SourcePath="&lt;AI_THEMES&gt;classic\resources\New.ico"/>.. <ROW Name="Up" SourcePath="&lt;AI_THEMES&gt;classic\resources\Up.ico"/>.. <ROW Name="typicalex.ico" SourcePath="&lt;AI_RES_COLOR&gt;insticon.ico"/>.. <ROW Name="completeex.ico" SourcePath="&lt;AI_RES_COLOR&gt;complete.ico"/>.. <ROW Name="customex.ico" SourcePath="&lt;AI_RES_COLOR&gt;custicon.ico"/>.. <ROW Name="removeex.ico" SourcePath="&lt;AI_RES_COLOR&gt;remove.ico"/>.. <ROW Name="repairex.ico" SourcePath="&lt;AI_RES_COLOR&gt;repair.ico"/>.. <ROW Name="white.jpg" SourcePath="&lt;AI_THEMES&gt;graphite\resources\white.jpg"/>.. <ROW Name="whitesmall.jpg" SourcePath="&lt;AI_THEMES&gt;graphite\resources\whitesmall.jpg"/>.. <ROW Nam

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\fragments\UserRegistrationDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4898
      Entropy (8bit):5.266423369290429
      Encrypted:false
      SSDEEP:
      MD5:90B27B1DA66D1C418A33AC81A6AE8EC3
      SHA1:8474A27786D953A80C79988EFAC0880D41A811CA
      SHA-256:A323D0F1BAD8453125A676B168392B13E76E490B72B46372B010B208775A030B
      SHA-512:8B5DEEABB372E54D8F3E3EC1AD0F10A2296409413FC3AB16B9F0B29F841DB4E054A87C82D06DED1FC3E40A36D25450599E6BADC29CA0AA2DE4EF27B5554E3D44
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="UserRegistrationDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="UserRegistrationDlg" Control="Title" Type="Text" X="11" Y="9" Width="200" Height="15" Attributes="65539" TextStyle="Title" Order="200" TextLocId="Control.Text.UserRegistrationDlg#Title"/>.. <ROW Dialog_="UserRegistrationDlg" Control="GlobalProgress" Type="Bitmap" X="14" Y="88" Width="14" Height="86" Attributes="1048577" Text="[Collecting]" Order="300"/>.. <ROW Dialog_="UserRegistrationDlg" Control="CollectingLabel" Type="Text" X="35" Y="90" Width="104" Height="11" Attributes="196611" TextStyle="Labels" Order="400" TextLocId="Graphite.Control.Text.Dlg#CollectingLabel"/>.. <ROW Dialog_="UserRegistrationDlg" Control="PreparingLabel" Type

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\resources\white.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 493x312, components 3
      Category:dropped
      Size (bytes):1232
      Entropy (8bit):1.290282383283862
      Encrypted:false
      SSDEEP:
      MD5:57D130DDF327FCC5DA636A6AB4D7C112
      SHA1:D674F332D4F79C70D4A97BFD9E504A8F3A2C26B6
      SHA-256:990EAB9FAAAE9F78201EF00A72F7B59773EED2B2FC9EC72250C67F376EE0500F
      SHA-512:E2F2141973CD9B7B52347EBCC89E89FDDEAA5B9721011C2CD7B2F2EAE434EF0F10D02537EB0F1AD6276FA182147AE935277EF9BBE31960EE2D82437C0741D39D
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky..............Adobe.d.............).)A&&AB///BG?>>?GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG..))4&4?((?G?5?GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG......8...."..........K.....................................................................................?..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\graphite\resources\whitesmall.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 446x92, components 3
      Category:dropped
      Size (bytes):554
      Entropy (8bit):2.356721207995078
      Encrypted:false
      SSDEEP:
      MD5:4429F170056663EFD1486395E8EB0AF6
      SHA1:AE9B01A44C8EE5AE7146F0523E512EE32DC284AD
      SHA-256:FFE2980D90152EF603555A735B7CBA1917C99BB67061B44D6AC6F12E6384BDD9
      SHA-512:719F4E55944502F7D472F362DD0D1D09649FBAEC0515701C9C84BBB3F32B06CC29E4A4C55022BC034CBC68C9C151A90018A926D1A08B4D5048F117950E9135E9
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky..............Adobe.d.............).)A&&AB///BG?>>?GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG..))4&4?((?G?5?GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG......\...."..........K.....................................................................................?................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\modern\fragments\InstallTypeDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4317
      Entropy (8bit):5.30231425031541
      Encrypted:false
      SSDEEP:
      MD5:6CCAA5167F066A39D151123246460944
      SHA1:FF9E5A90FFC7E4F52063623D58EF97884076D341
      SHA-256:B834FC55C8983577741EF43DB2D9AE7D914E420BBA61A00FCB222AD067350883
      SHA-512:9B716C31B6C355FBA707ADB334D3EE621861149E18400AC5E25E68C30FC855F69169A5FE741692066B214E88C331323184C433A85FE2F54E0B8DD88AD2252B95
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_InstallPerUser" Value="1" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="InstallTypeDlg" Control="TemplateDlgDialogInitializer" Type="DialogInitializer" X="0" Y="0" Width="0" Height="0" Attributes="0" Order="-1"/>.. <ROW Dialog_="InstallTypeDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="InstallTypeDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="InstallTypeDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" Te

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\modern\fragments\LicenseAgreementDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4279
      Entropy (8bit):5.271804264358685
      Encrypted:false
      SSDEEP:
      MD5:7BFEEEDE9849218721594DE9F94ECF5E
      SHA1:36B7F3E5407E478BB285FC0C8818DC4F0C13ACEA
      SHA-256:BE10EF7E5A27B075726033D22E5FABB7348F0A3B9914356691111F9DA248A838
      SHA-512:E22CC379176794A06B496126F939D36A26A40828A8D3E112908BCE53D7CC15BB534AF28D48806BD239C801545396BFEEFB575FDA91C685776B7DB54AEF142B5D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="IAgree" Value="No" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LicenseAgreementDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="AgreementText" Type="ScrollableText" X="275" Y="122" Width="281" Height="117" At

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\modern\fragments\LogonInformationDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4363
      Entropy (8bit):5.261359743309827
      Encrypted:false
      SSDEEP:
      MD5:9E3DEEDBA277C4443CDF13F51D454CE5
      SHA1:C512B165B59C38D3FCEE60611802A803E12799F9
      SHA-256:3311BAE767F50372E9BEC9A5877E34F028B24CE33BD01680A55C2AD4AE7B156B
      SHA-512:53C2BD9DE6D05AA6B0E77703224707D98CFB11496830F28FEAFEA32A7985C479BBC7327A67DEA2E9F2091BDEF3239DD60D1189EC6A15805962AFBAE6C21894D6
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LogonInformationDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="LogonInformationDlg" Control="CompanyLogo" Type="Bitmap" X="285" Y="104" Width="265" Height="229" Attributes="1048577" Text="[CompanyLogo]" Order="200"/>.. <ROW Dialog_="LogonInformationDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="LogonInformationDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="LogonInformationDlg" Control="Back" Type="PushButton" X="379" Y="3

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\modern\fragments\SetupTypeDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (335), with CRLF line terminators
      Category:dropped
      Size (bytes):6543
      Entropy (8bit):5.304383513750207
      Encrypted:false
      SSDEEP:
      MD5:08E0C8A4027D73892995F5D2191DFB56
      SHA1:6D420E6C20B4BA3386413EE46D73877AC8C3FF1D
      SHA-256:2E19B21664DF78070FA4EEEE152792BEB5D2FF25CC05A7E337CDF28B15A030AC
      SHA-512:0E000D71BF3B3BBE2590A2A99EE62EBC88BCF4EA227963336067DAEDDBE953542085987802D086459BD963C476EE7C74091340CE5AEA5AB6A863FD5424DF01A9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SetupTypeDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="SetupTypeDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="1" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="SetupTypeDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="SetupTypeDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="SetupTypeDlg" Control="TypiusernstallButton" Type="CommandLinkButton" X="8"

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\modern\fragments\TemplateSeqDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2769
      Entropy (8bit):5.2980104184514225
      Encrypted:false
      SSDEEP:
      MD5:EABCBDAA4B14EEA4584F4571E563AF8E
      SHA1:73CAB0FE3BC0A890867ACE2E1EF4725FF4504C2C
      SHA-256:2FAF515F7DEBBE71D4ECBD617A194CE46304A9C95193E0111430B335BCE0D641
      SHA-512:D18CBB29FE53E04DC74A1808CF58CF1F13266E00CFC154299181F371205F92CA9656E8D949B0370603CAC7A93B886F119B91256568523FBEE541CCDF5F161EB2
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateSeqDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Description" Type="Text" X="8" Y="90" Widt

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\modern\fragments\TemplateSpawnDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1456
      Entropy (8bit):5.303182197258727
      Encrypted:false
      SSDEEP:
      MD5:7504E72F5C2AF04C11EFF408B4733F86
      SHA1:2E6393D3A94F96330BA391D3BA3A8A3325BC1E66
      SHA-256:2303CFF922E327AB237AD5F039F38823A7BDD093E69D6260D9F9B08F1D2EEDF2
      SHA-512:2CC54E6780C51B0076912422C0A21BDC0FAD15F17967BCB63536B66C9DB4854DF3BDE0D06888260E4AA2F3E97F296E1C2D6FA6282C19FF74DE198655CD2E3E07
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateSpawnDlg" Control="Yes" Type="PushButton" X="72" Y="57" Width="56" Height="17" Attributes="3" Text="[ButtonText_Yes]" Order="100" TextLocId="-"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="Icon" Type="Icon" X="15" Y="15" Width="44" Height="43" Attributes="7340033" Text="[InfoIconEx]" Order="200"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="Text" Type="Text" X="60" Y="15" Width="194" Height="30" Attributes="3" Order="300" TextLocId="Control.Text.TemplateSpawnDlg#Text"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="No" Type="PushButton" X="132" Y="57" Width="56" Height="17" Attributes="3" Text="[ButtonText_No]" Order="400" TextLocId="-"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlEventComponent">.. <ROW Dialog_="TemplateSpawnDlg" Control_="No" Event="EndDialog" Arg

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\modern\fragments\UI.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (320), with CRLF line terminators
      Category:dropped
      Size (bytes):65441
      Entropy (8bit):5.292961567556311
      Encrypted:false
      SSDEEP:
      MD5:41E1DB9F38E83ADDFE000256D88A6B34
      SHA1:664A7BA9EEE8E30531632BCE6762AC3711042B8F
      SHA-256:3FD594B4BA1F395C90D33797F04EBD6DB8F5843678DCE022042B09FFE9D5F77C
      SHA-512:EA37C8A28E1D9F149E301E8C332098EDC59071D583F9F4BF56B3E27A42737A1D6EE7583877F4CA733B6D4932F0655A6A3F8A173E8E42F0EB7B23C0567D4D2E0F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ButtonText_Back" ValueLocId="Property.ButtonText_Back" Options="65536"/>.. <ROW Property="ButtonText_Next" ValueLocId="Property.ButtonText_Next" Options="65536"/>.. <ROW Property="DefaultUIFont" Value="DlgFont8" Type="2"/>.. <ROW Property="DlgTitleFont" Value="{\DlgFontBold8}" Type="2"/>.. <ROW Property="InfoIcon" Value="info" Type="1"/>.. <ROW Property="UpDirIcon" Value="Up" Type="1"/>.. <ROW Property="NewDirIcon" Value="New" Type="1"/>.. <ROW Property="CustomIconEx" Value="custom.ico" Type="1"/>.. <ROW Property="InfoIconEx" Value="info.ico" Type="1"/>.. <ROW Property="RemoveIconEx" Value="remove.ico" Type="1"/>.. <ROW Property="RepairIconEx" Value="repair.ico" Type="1"/>.. <ROW Property="WhiteBackground" Value="white.jpg" Type="1"/>.. <ROW Property="WhiteBac

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\fragments\FileAssociationsDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3597
      Entropy (8bit):5.426152620106673
      Encrypted:false
      SSDEEP:
      MD5:2FDF12CC4B29C5CFC6AFABD4D4CBC818
      SHA1:5AB0C4B4C9BFEFF4587AD7419AEBB84ACDEFAC9B
      SHA-256:BA4A99B248CD9EEA7F18276A924D64AC47739CDF5BA53D647AC00CA46E299ECF
      SHA-512:E4A81385F536A671BA9A22A550CB36D87F8C97D9A80A54DC9ED8A61C577DA628CC9346D6CE7B7A9020A42F33AE8427BE568036B5F7B25CEE34CF341FC34DE913
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="fileassoclogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\FileAssocLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="FileAssocLogoIcon" Value="fileassoclogoicon" Type="1"/>.. <ROW Property="FileAssocDlgTitle" Value="" ValueLocId="Control.Text.FileAssociationsDlg#Title"/>.. <ROW Property="FileAssocDlgSubTitle" Value="" ValueLocId="Control.Text.FileAssociationsDlg#Text"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FileAssociationsDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;fileassoc.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Bitmap

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\fragments\FolderDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5190
      Entropy (8bit):5.428221813332405
      Encrypted:false
      SSDEEP:
      MD5:07DCC4A75F98AFDE9464E4B4F7402977
      SHA1:EE44D1C531C7ED6791C851E8F20B9A7FEE051AA9
      SHA-256:5081233CA91FF7A2FDC28D3FFB6E13D24D48018C4C93E432EC222FC75BCE6AC6
      SHA-512:0011D6CF24C7170B3BC8FB57158003C194196DF36B14E045B8B0CCAAD464A16EA49C1FCD570D3D30BE4E94DC84A87EE0D4D57CBB6641465BD66D12580EDF0E3F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="folderlogoicon" SourcePath="&lt;AI_RES_COLOR&gt;FolderLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="FolderLogoIcon" Value="folderlogoicon" Type="1"/>.. <ROW Property="FolderDlgTitle" Value="Choose a file location" ValueLocId="Azure.Control.Text.FolderDlg#Title"/>.. <ROW Property="FolderDlgSubTitle" Value="To install in this folder, click &quot;Next&quot;. To install to a different folder, enter it below or click &quot;Browse&quot;." ValueLocId="Control.Text.FolderDlg#Text"/>.. <ROW Property="FolderDlgSpaceReq" Value="Total space required on drive: [PrimaryVolumeSpaceRequired]" ValueLocId="Spring.Control.Text.CustomizeDlg#SpaceReq"/>.. <ROW Property="FolderDlgSpaceAvail" Value="Space available on drive: [PrimaryVolumeSpaceAvailable]" Va

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\fragments\LicenseAgreementDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5672
      Entropy (8bit):5.3925706487609935
      Encrypted:false
      SSDEEP:
      MD5:33CD5F8B556381CEE5CA212465E5D755
      SHA1:C7D4A5381B07EC26D1BF0EB6A4619310F94D7196
      SHA-256:C8DE9610585AE02EDBB3B6C746C821C67522704B22104D748DEB8F621627E1FC
      SHA-512:79F76E6BEE655F7C8AB61FB79282B0E6FCF1355F20EE5524FF8A1B153A3B7C9FFECAA537693F2D9AC0DC475822C1D90F59ED6BBC0BFBDB64B1FCEC6EC2B7311F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="licagreelogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\LicAgreeLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="LicenseAgreeLogoIcon" Value="licagreelogoicon" Type="1"/>.. <ROW Property="LicDlgTitle" Value="Read the [Manufacturer] Licence Terms" ValueLocId="Azure.Control.Text.LicenseAgreementDlg#Title"/>.. <ROW Property="LicDlgSubTitle" Value="To continue you must read and accept the terms of this agreement. If you do not want to accept the [Manufacturer] Licence Terms, close this window to cancel the installation." ValueLocId="Azure.Control.Text.LicenseAgreementDlg#Description"/>.. <ROW Property="LicDlgCheckBoxText" Value="I &quot;accept the terms of this agreement." ValueLocId="Azure.Control.Text.LicenseAgreementDlg#EulaAgreeChec

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\fragments\LogonInformationDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):6033
      Entropy (8bit):5.413635094198328
      Encrypted:false
      SSDEEP:
      MD5:243A314544A5016B5E95B695775A2A1D
      SHA1:61D052E536456E8271D4417A111A121B45997C52
      SHA-256:17FFB6819934CF50F244F93528C6EBF4D5FF01B19F894F294EADE54CE6E6DB70
      SHA-512:4864D963FC782B3E7498001602440B307ACA33EE1C14E6F1DAAFEB3936943AF0095DB05EC40E16B08FF7F5379538689B0E59ECFB2383CA222B33970B0781E5BF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="logoninfologoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\LogonInfoLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="LogonInfoLogoIcon" Value="logoninfologoicon" Type="1"/>.. <ROW Property="LogonDlgTitle" Value="Logon Information" ValueLocId="Control.Text.LogonInformationDlg#Title"/>.. <ROW Property="LogonDlgDomainLabel" Value="" ValueLocId="Control.Text.LogonInformationDlg#DomainLabel"/>.. <ROW Property="LogonDlgPasswordLabel" Value="" ValueLocId="Control.Text.LogonInformationDlg#PasswordLabel"/>.. <ROW Property="LogonDlgNameLabel" Value="" ValueLocId="Control.Text.LogonInformationDlg#NameLabel"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LogonInformationDlg" C

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\fragments\PrerequisitesDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3832
      Entropy (8bit):5.4121405163864456
      Encrypted:false
      SSDEEP:
      MD5:282BA1AB956F4DC042D805FA6E53D471
      SHA1:0951D73738A0435016AE20BF369622E6F24B7B09
      SHA-256:D88084AA9C4F69D70E42F2FB7134556EB6B569A0CE3312DE5B86389A195E0BBA
      SHA-512:BC3DA4888D2FAAD868E847E3D4800220C08BD5EF7A7A9AF018B157EDFAB0B120C41C07A22F10E2871AC7150C521D1331EBA0218D694AC14A07EEE9612803792E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="prereqlogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\PrerequisitesLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="PrereqLogoIcon" Value="prereqlogoicon" Type="1"/>.. <ROW Property="PrereqDlgTitle" Value="Prerequisites" ValueLocId="Control.Text.PrerequisitesDlg#Title"/>.. <ROW Property="PrereqDlgSubTitle" Value="Select prerequisites to be installed" ValueLocId="Azure.Control.Text.PrerequisitesDlg#Title"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="PrerequisitesDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;prereq.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\fragments\ReadmeDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3533
      Entropy (8bit):5.44067745559186
      Encrypted:false
      SSDEEP:
      MD5:2270AAE1CD79B48EC0D06BDF9160BD3C
      SHA1:D28AFDBBA51FA165D9FC756ABF618398F769636C
      SHA-256:522A8EC3C29966E39A0FAFB827FEC9DBAC515D53AD4EE4A7BBE6CA95CC5080CB
      SHA-512:109CEE5C530412A8A30FAA22C89DF41A09F704674E600766CD2777456459202B70B3B58B06DF5005D431D378B0001F8D3CBF1E4EB93024B381965D066A13B76A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="readmelogoicon" SourcePath="&lt;AI_RES_COLOR&gt;ReadmeLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ReadmeLogoIcon" Value="readmelogoicon" Type="1"/>.. <ROW Property="ReadmeDlgTitle" Value="" ValueLocId="Control.Text.ReadmeDlg#Title"/>.. <ROW Property="ReadmeDlgSubTitle" Value="" ValueLocId="Azure.Control.Text.ReadmeDlg#Title"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ReadmeDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;readme.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="ReadmeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\fragments\SQLConnectionDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):8464
      Entropy (8bit):5.442016329388597
      Encrypted:false
      SSDEEP:
      MD5:1ABA5692FB135DA9A074D8239625F60C
      SHA1:B24F584CA1B4AFF291083C8A27A6D900CF71F126
      SHA-256:374EFCA6F7E853A22D60F90D962FF846C5A74D9AF583FA458A64EB5C7CD6E288
      SHA-512:65C888CB67BBA0E77A660A6E59C3BF18F0B564325CAA7DCED33CDA93278A62F1464C03BD48EA56EBE06284A7A674C462319BEC32F51710F97ADADE5CFAE75852
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="sqllogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\SqlLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="SqlLogoIcon" Value="sqllogoicon" Type="1"/>.. <ROW Property="SqlDlgTitle" Value="" ValueLocId="Control.Text.SQLConnectionDlg#Title"/>.. <ROW Property="SqlDlgSubTitle" Value="" ValueLocId="Control.Text.SQLConnectionDlg#Description"/>.. <ROW Property="SqlDlgOdbcLabel" Value="" ValueLocId="Control.Text.SQLConnectionDlg#OdbcResourceLabel"/>.. <ROW Property="SqlDlgServerLabel" Value="" ValueLocId="Control.Text.SQLConnectionDlg#ServerLabel"/>.. <ROW Property="SqlDlgPortLabel" Value="" ValueLocId="Control.Text.SQLConnectionDlg#PortLabel"/>.. <ROW Property="SqlDlgDatabaseLabel" Value="" ValueLocId="Control.Text.SQLCon

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\fragments\ShortcutsDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):6005
      Entropy (8bit):5.4464278380097
      Encrypted:false
      SSDEEP:
      MD5:056594716E1098CC430609FFA4E5F48B
      SHA1:9119567C286C6CBB8FFCD4A30395686D04BB8788
      SHA-256:F47E2800F249BCCAF4B79B1709893267736EDAE96A12EBEFE376E4F51DCF9E6F
      SHA-512:F5A8CB2711D47BDAF3B167A454251CA8CE9F5D8C9AD5402A540861D0AA3962FD1D52A74381FDB10E4378454F0CB1DF0FB5728A6AD7D3BA590AE2F52B0F45F635
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="shortcutlogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\ShortcutLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ShortcutLogoIcon" Value="shortcutlogoicon" Type="1"/>.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTMENU_SH" Value="1" Type="4"/>.. <ROW Property="AI_DESKTOP_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTUP_SH" Value="1" Type="4"/>.. <ROW Property="ShortcutsDlgTitle" Value="" ValueLocId="Azure.Control.Text.ShortcutsDlg#Title"/>.. <ROW Property="ShortcutsDlgSubTitle" Value="" ValueLocId="Control.Text.ShortcutsDlg#ShortcutsDlgText"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCheckBoxComponent">.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1"/

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\fragments\TemplateSeqDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1921
      Entropy (8bit):5.280827479709523
      Encrypted:false
      SSDEEP:
      MD5:05F25AA1B70CAF66612B429ABA2848F3
      SHA1:4BB1EEAC2CB1F15FE451452AFFEF47FDACD655ED
      SHA-256:7D8F2A3909FFFAB6F81DBE3E85D4A5D51CC658DC20CC1D7C27C56AD12B521EB2
      SHA-512:0E25DC973DFBC78172A557F339DAD99B479872B8FF6782F8555DC869EEA2AB3E654B0039C551243FAC8EF401C72B681752DBD46EA7526E355D309AD8369AECC9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateSeqDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[DialogBitmap]" Order="100"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Next" Type="ImageButton" X="350" Y="328" Width="54" Height="27" Attributes="3" Text="[ButtonImage]" TextStyle="[ButtonTextStyle]" Order="200" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Back" Type="ImageButton" X="45" Y="324" Width="54" Height="27" Attributes="3" Text="[ButtonImage]" TextStyle="[ButtonTextStyle]" Order="400" ExtType="ImageButton" ExtData="[ButtonText_Back]"

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\fragments\UI.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):77577
      Entropy (8bit):5.429289458300754
      Encrypted:false
      SSDEEP:
      MD5:FA289882F0B8264A6BC75466ABF96EA6
      SHA1:44FAF560DEDFA123D98E5D0B6F607FA823008F19
      SHA-256:5615EA6CD864FE1F68542C94C72271B5C9452EE7EB5DE025E7BA9E44B4F8C7F2
      SHA-512:4833135EADC794D13CB2C4E6D8B938782151391502DA20253F168439BC741348120AF3206A2AEE649AF950101D5CF3D3EC2542092D9743258866B97E471691CA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="applogoicon" SourcePath="&lt;AI_RES_COLOR&gt;AppLogo.png"/>.. <ROW Name="completi" SourcePath="&lt;AI_RES_COLOR&gt;complete.ico"/>.. <ROW Name="custicon" SourcePath="&lt;AI_RES_COLOR&gt;custicon.ico"/>.. <ROW Name="exclamic" SourcePath="&lt;AI_THEMES&gt;common-res\images\exclamation.ico"/>.. <ROW Name="info" SourcePath="&lt;AI_THEMES&gt;common-res\images\info.ico"/>.. <ROW Name="insticon" SourcePath="&lt;AI_RES_COLOR&gt;insticon.ico"/>.. <ROW Name="installlogoicon" SourcePath="&lt;AI_RES_COLOR&gt;InstallLogo.png"/>.. <ROW Name="optionslogoicon" SourcePath="&lt;AI_RES_COLOR&gt;OptionsLogo.png"/>.. <ROW Name="printico" SourcePath="&lt;AI_THEMES&gt;common-res\images\print.ico"/>.. <ROW Name="removico" SourcePath="&lt;AI_RES_COLOR&gt;remove.ico"/>.. <ROW Name="repairic" So

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\fragments\UserRegistrationDlg.aip

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):6560
      Entropy (8bit):5.4039572839494
      Encrypted:false
      SSDEEP:
      MD5:A21C4CBB2C059CDA2961A76E3E8DCF61
      SHA1:4F4618367F58BE5E6785588E0CEB8BB295D0A29F
      SHA-256:479D66BFEF9DD8DDDB48FE16519E3C76248ACDBAC95ADFA2E09AE740FF73DFDF
      SHA-512:DB6B10FBB9460DB6DFC59A2BA3C2718B125C5728298AD489963472ABD4A8AFEFA66E3C88B350800045F66CE6D2DF97F046F39B6C8447B0AF52FF93BFA19868CA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="userreglogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\UserRegLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="UserRegLogoIcon" Value="userreglogoicon" Type="1"/>.. <ROW Property="UserRegDlgTitle" Value="" ValueLocId="Control.Text.UserRegistrationDlg#Title"/>.. <ROW Property="UserRegDlgSubTitle" Value="" ValueLocId="Control.Text.UserRegistrationDlg#Description"/>.. <ROW Property="UserRegDlgNameLabel" Value="" ValueLocId="Control.Text.UserRegistrationDlg#NameLabel"/>.. <ROW Property="UserRegDlgCDKeyLabel" Value="" ValueLocId="Control.Text.UserRegistrationDlg#CDKeyLabel"/>.. <ROW Property="UserRegDlgOrganizationLabel" Value="" ValueLocId="Control.Text.UserRegistrationDlg#OrganizationLabel"/>.. </COMPONENT>.. <COMPONENT cid="ca

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\button-large-bg.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 400 x 114, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1398
      Entropy (8bit):7.542005883644681
      Encrypted:false
      SSDEEP:
      MD5:4179778BA0C4439F9BC8EA280F586809
      SHA1:B80DCE83522E31F2C2E5DBDE40D43996710DAC30
      SHA-256:EE2F2581827D969A2902FB94B4EA7615048D959FDFF2DC230CB5B9881BC0A043
      SHA-512:3744DEBD304E2A4B753ECA7F5E200A85460861A251D8A6360C8983D9E211FDE727C30D76E1F56CDA039274BA2B6CDBF4D673A07F1E66E566BC5A7AEC0147AD1B
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......r.....J.w.....tEXtSoftware.Adobe ImageReadyq.e<....PLTE..........................................................................................................................................................................................................................................................................ZtRNS............................................................................................o....IDATx...Ys.`..q..Z...@[..u..}..@.4..............n.....3.>..,..&P.Q.."HRh.bN..].d`..x]..9..A..q.b...-.d.W.B.`....X.K..d..8.....44.E...'..AF. ."....m(*0H(...*A\mCQ.Az...T.... ..$.....m(.0H"...*A<mC...L....j..m.Y. ca.A....&.2...Y. .........lj.....J.L.`.....+...?.....d..m..(.Z.:.}._IgVY..x.....i....D~9.k"..........i./.rmM....['....h:..i.-....dY.N..7..Gwz.].r.a2...E....[)....6.F./..h4P.sA..hb..v...,.j..+.Z....Ul.o-.h+s..8LR........y.9..L\....a...>!...9.8..q..=,.._..f.M...$.c..e........~.6.c./.8i'.\T.Q.Q....._.....Sm...

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\cancel.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):395
      Entropy (8bit):7.180036858404096
      Encrypted:false
      SSDEEP:
      MD5:2A13671DA9112B364F479CFA3358FD58
      SHA1:02A059158FD7C835ED86629958F00442AE3DE925
      SHA-256:83B5D764846A6E4406BF073DA4A3AD608487AF349D3543D03F6FDA30CE57362E
      SHA-512:46E60BC05BA33C893D0F843AF7EF054C4440FD4B44E1A489141E94CBFE958B3213B78A73B8BA65CB28AB4703FBE5A2664D993C3730AD0E973E3F02240656318B
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<...-IDATx..S;N.1......)P..T........ Qq.\e.4.......H(.!.^...j.yW.&...4.73O.......2.....!.b..5.....G. 7.($....(.+...r..e.Y.].j.i...q.(-,......D..9...3...O+..)K)!......cX.....t...9.D.....+......o.F..d.c....<o.@H....2\...u..}.q.....B.u.G.\.P..S{.2J.z.Y../.=.b~...K{...7.PosT(..i`..\.).u...mW....[...2..../.v....IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\check.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):333
      Entropy (8bit):7.017694845796872
      Encrypted:false
      SSDEEP:
      MD5:B5A3B1E75A0DB8A2082EA4ED39B994B4
      SHA1:CFE3509E8849009EC9589EE0561CC12E8A775872
      SHA-256:BCAE8F228A7915654E9A807BB35CB98444C581B333DF00ECA471C75CEFF9A4B3
      SHA-512:330392F5BED3C7A3A6C07CD0A4C5D882E39FF1577899E4CCF577882569C5852395F4F555CF77172C979BDCD87DECB382598A7C1420E4F653076AAE7A2E54DA18
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..S;..A....A..[+++.....g..V[YY..Z. ..Z.......I&f.....1...H^..c...MX......J<. [Z....(....P....n..(I.z.L...=~.'l....y..o0Jj..."..u )T.b\...n(.e...2...0u.d.%.Q.FP..b..(,.4ri1..U...M..m^.Y.1...^D..>..G..%...&Tp.....j..WW2..3....p...+......IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\common.js

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):3835
      Entropy (8bit):4.898191332475751
      Encrypted:false
      SSDEEP:
      MD5:2B322BE121F011ADA57BB71F1832715E
      SHA1:F3BBB58B04095C23D3A17D8BC9AB0D89B55E20C0
      SHA-256:EBA8845D5CB1A21DC576D2E4C2641270441AA7F5FEF9DF9BDFC9D239DAC4E343
      SHA-512:EA243B22F4E17E4BEF2DD96D384349655E0B175F5C21D5BACEBF194F977610C484A1A8383027C47E71272BAE04F1049E12BEE35E24DFAE486C681B3214FEF3FF
      Malicious:false
      Reputation:low
      Preview:function InitPage() {. document.getElementById('main').style.zoom = external.GetFontHeight() / 16;.}..function ResolveElValue(element) {. text = element.value;.. if (element.origHtml). text = element.origHtml;. else. element.origHtml = text;.. text = external.MsiResolveFormatted(text);.. /*if (element.attributes["formatted"].value == "twice"). text = external.MsiResolveFormatted(text);... if (element.attributes["formatted"].value == "noarrow") {. text = text.replace("<", "");. text = text.replace(">", "");. }.. text = text.replace("&", "");*/.. element.value = text;. element.style.visibility = "visible";.. //alert('NewText:' + text);.}..function ResolveElement(element) {. text = element.innerHTML;. if (element.origHtml). text = element.origHtml;. else. element.origHtml = text;.. text = external.MsiResolveFormatted(text);.. if (element.attributes["formatted"].value == "twice"). text = external.MsiResolveFormatted(text);... if (element.attributes

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\customize.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):4231
      Entropy (8bit):5.044518683274935
      Encrypted:false
      SSDEEP:
      MD5:5095427AB47DE52EE2E4E93AC0AE2586
      SHA1:785DB4689861C62728BB6B220BAE320FED0B7D28
      SHA-256:56C95A9040B0596A96362F5E74AB798B64799B7202B05A5EAE508C5E8A863B07
      SHA-512:E6862A85072DF467F4E9AB956A6D0B652D02B91AC16F37769DAF952333B7243969422C572D690A33B0D5D21388F297B77850309A0E7A042D205681019A9E9C23
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("OptionsLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. UpdateSizeText("PrimaryVolumeSpaceRequired");. UpdateSizeText("Prim

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\exit.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):4001
      Entropy (8bit):5.061550676357098
      Encrypted:false
      SSDEEP:
      MD5:47D53E0A515395626DE246BBA7111862
      SHA1:54B95232F66FFD5BAE2BD9D42D69D70CE4F26B42
      SHA-256:26FF465BBDBF427B53B52E5AAD60372CBB2C9C7778691103B7650DCB77F0C486
      SHA-512:8CCBBC8983C17A538B1041B5C01ECD33693F7917C07538BB5145DD6A33BF89691023EC1956C27B396841D752301668AA6344EF95CB0D77C0981D2F0E0CE1AD06
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("AppLogoIcon", 'logoBig');.. ResolveTag("p");. ResolveTag("span");.. var a = ['ViewReadme', 'RunApp', 'leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'c

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\fatalerror.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):4226
      Entropy (8bit):4.9474400475443225
      Encrypted:false
      SSDEEP:
      MD5:41FCCAB4DA4B3D19E48510E0BFCF568F
      SHA1:7F89FA932F2AB1EA312B2FD9E935698F9DA3A0B5
      SHA-256:63C13038C42028CB6E84CF187679B31B9006A9D8E8A637BD3F692FAF67077B13
      SHA-512:CA64BAE8416AB3EECA922B7FBCBB6C6F8733D28397649563C79070FB0194EB3D2041B9C773733F2B8CE9B5CEAD197550789C1D8E3BCA163DB045E0C80FF7C31D
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");. ResolveTag("label");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVec("BannerBitmap", a);.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\fileassoc.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3156
      Entropy (8bit):5.017476770332424
      Encrypted:false
      SSDEEP:
      MD5:0C756A381EE6DCF10DD71ADE2332CA29
      SHA1:A582005E9B2614C294FF184A1EB866B89C9966C0
      SHA-256:02BE3003621ABCBF798F2B64E78D79A3C78CB9317F739F5595C0CA83E591ADCB
      SHA-512:C4C52B102627BCEBFD227FF8CDBC1AD44E9FB6A7440E1CF03414F9C7A6E5020C2B0DD6305EE4BE218B4660E10CB403635B1FFE5E6F24A9A82C978249967463C0
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("FileAssocLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGround

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\folder.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):4489
      Entropy (8bit):4.993829088763718
      Encrypted:false
      SSDEEP:
      MD5:2B19D5CAC9DCD59AA7EFBD58FB8F8DD4
      SHA1:CD41D21B6AD5F5107D619DD1C33A0B61043C7FBF
      SHA-256:79125611238D50C30AA225514CD6F1ED137BA5FC98970B3F053143F89B8958C4
      SHA-512:9341BAF7D5C11EDE4DA35C2DF3089BB04F805A9F30C034E300DE7CEBDD80A855D559898D145DFC2CC544693220FA2EEFFA98833C784F4324CB7B656E56A92E8E
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("FolderLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. UpdateSizeText("PrimaryVolumeSpaceRequired");. UpdateSizeText("PrimaryVolumeSpaceAvailable");. UpdateSizeText("P

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\installtype.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3766
      Entropy (8bit):5.034624968848738
      Encrypted:false
      SSDEEP:
      MD5:898AFF68B71C3AD64EA1739423C0BA45
      SHA1:E57757BF7EB2C0BBD03CFDC1B2CD9E5CB690428E
      SHA-256:4FC9A4785F16B956CFBCE6E9A37ACD3824FCE434378E2D5B933D56CFA9149891
      SHA-512:53CC06CA77CA12A2BFE3410D47D3B8D64E73CA1E0F72AC7105BDAB471C867F73B1ECC2E599B6AE70CC26BBFD36EAEC8E4CA7D68519DD779F9821DB70A2B289B9
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("InstallTypeLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'ca

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\jquery-1.3.2.js

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):120620
      Entropy (8bit):5.109145394377532
      Encrypted:false
      SSDEEP:
      MD5:1CD76A83827E0D47B80EBCBBC8CD9262
      SHA1:AA1BABB2D7C3E9DFFC0FB2A1DB939CB948E784DB
      SHA-256:1191EB52C0B19D7A8738B128AB3EC531BDE862D94F07E6F7F6267F7D6E7C94D5
      SHA-512:0FC067649D28A13E3DA9B692DF30DCB9B903C9EBD9CB0184D54A0AAD35A2C56F1D74D84C29D9A441750D3955F1AAB04914E7B365BAAE4BD7AF2EE913131873E3
      Malicious:false
      Reputation:low
      Preview:/*!. * jQuery JavaScript Library v1.3.2. * http://jquery.com/. *. * Copyright (c) 2009 John Resig. * Dual licensed under the MIT and GPL licenses.. * http://docs.jquery.com/License. *. * Date: 2009-02-19 17:34:21 -0500 (Thu, 19 Feb 2009). * Revision: 6246. */.(function(){..var ..// Will speed up references to window, and allows munging its name...window = this,..// Will speed up references to undefined, and allows munging its name...undefined,..// Map over jQuery in case of overwrite.._jQuery = window.jQuery,..// Map over the $ in case of overwrite.._$ = window.$,...jQuery = window.jQuery = window.$ = function( selector, context ) {...// The jQuery object is actually just the init constructor 'enhanced'...return new jQuery.fn.init( selector, context );..},...// A simple way to check for HTML strings or ID strings..// (both of which we optimize for)..quickExpr = /^[^<]*(<(.|\s)+>)[^>]*$|^#([\w-]+)$/,..// Is it a simple selector..isSimple = /^.[^:#\[\.,]*$/;..jQuery.fn = jQuery.prototype

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\lic.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, Unicode text, UTF-8 (with BOM) text
      Category:dropped
      Size (bytes):5553
      Entropy (8bit):5.008482969944046
      Encrypted:false
      SSDEEP:
      MD5:E1786953B47DD1789C2868FB0A0F305E
      SHA1:3F69A6B3D2D729BB8F698B5AE58860790051BC5B
      SHA-256:B63AE6CCD39C55E2E8A555A6A6B1F15B7CBA0A30242583DE9A4E84D6C5AD40C2
      SHA-512:03CFEA879FC088FE726B20DE7CC40A184FB1EA5A4D31D013CFA131CD22F0A59807CE07264D2EF42F9878E78261CA86A2F306325A69CE44B9467318E7ED1CDDA3
      Malicious:false
      Reputation:low
      Preview:.<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("LicenseAgreeLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. ResolveTag("label");.. if (external.MsiGetProperty('IAgree'

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\logon.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):4991
      Entropy (8bit):5.118526311087197
      Encrypted:false
      SSDEEP:
      MD5:04F248E136054D7FBA6C5CE0A338A365
      SHA1:C6E7FD41319A67112B64D31A27D00694C74A3F19
      SHA-256:F0AD4DF8DD3A91F673A31896EAA2B3B9FD284F2FBB370BEEDC6D68A322BB7C6B
      SHA-512:D67AF4D89FDFEC8FD1E370ED3342CD45F8A2814C2A539AD38E7FA7E10AE076EDA06D425B5B34CC279F614462004653B13F076D75A82C9DA020F4889ED499745C
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. //ResolveInput(document.getElementById('edit1'));.. ResolveTagValue('input');.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("LogonInfoLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. ResolveTag("label");. Re

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\maintwelcome.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3344
      Entropy (8bit):4.950239153212109
      Encrypted:false
      SSDEEP:
      MD5:E65A0EAC845A5BC485ADA388ADE7DEFD
      SHA1:596057A5FAB577ACC25B2B35BBE790614B923FD7
      SHA-256:884B548258BB16F2D79BAD350B7A3A958C717E33343904BFC726DC58D5929FDF
      SHA-512:A28B6FAA7939F6AFAA3D9B797C6B10A2C12303B1B43DAE02292576DAA27B7207D1B8F346FEED45B0F0507D4D264A21779F83748D8536071211DAC2D78C5CD746
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("AppLogoIcon", 'logoBig');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelB

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\outofdisk.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3427
      Entropy (8bit):4.940771881873821
      Encrypted:false
      SSDEEP:
      MD5:E48E676373CDA50E13D55B1D65E677D6
      SHA1:B426397D9D2FA20FA5C16EDD5A697F9A36FD1839
      SHA-256:BE11F230AED0C1908C95DE726A205DB0E61E11417A9E482B68D4C6A456F2C420
      SHA-512:FD1E22F703F042F26BFC2546376E1E6CE4EB98919C470C34BE4AEAC07A687B9BEFFC4C2DA16911B1A3F70396031C8A35051DAAA7326F0312162CC1152804B949
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">..//hook the window load event ("event" argument will be automatically populated by standard browsers)..//background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVec("Banne

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\outofrbdisk.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3466
      Entropy (8bit):4.985134311104476
      Encrypted:false
      SSDEEP:
      MD5:92585F582C0BFA40F4F19E5F02725B35
      SHA1:4A93C9CFE34702958F2A171AF8B275F54E982F4D
      SHA-256:B87B25B91FFA5F948F90E15C1EF8D67D9D4C436EE7421D6639F66853CC5138FA
      SHA-512:7A705F8A67600AA2F70C304C3B55EA861C7A91A5CAB401727841CD43B6DDB4B1C124684DD38BACF956DA9BDA663E2FFE6DFED79716E055C47E4104D1E0948E44
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVec(

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\pngfix\DD_belatedPNG_0.0.8a.js

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:ISO-8859 text, with very long lines (303)
      Category:dropped
      Size (bytes):12038
      Entropy (8bit):5.252532436020081
      Encrypted:false
      SSDEEP:
      MD5:6784C7EF84EA9DD6B2DFEE371ED61E9C
      SHA1:312FF83E2BB2D1BC310A706FCB04DCE8AC29FB00
      SHA-256:128A4EA3579EE54FB9A66F07794205B1121D64574ECFF1F7883A87F2C95AE049
      SHA-512:351B32C13CA746761FEB9749F6FAD75D0CE419E82F201D8DBC02141FC3F1E3A32347F47FBB3B17DFA0AA91CFD8FFB4A8208978A41F3DFBD39E37FF7EA7A587EB
      Malicious:false
      Reputation:low
      Preview:/**.* DD_belatedPNG: Adds IE6 support: PNG images for CSS background-image and HTML <IMG/>..* Author: Drew Diller.* Email: drew.diller@gmail.com.* URL: http://www.dillerdesign.com/experiment/DD_belatedPNG/.* Version: 0.0.8a.* Licensed under the MIT License: http://dillerdesign.com/experiment/DD_belatedPNG/#license.*.* Example usage:.* DD_belatedPNG.fix('.png_bg'); // argument is a CSS selector.* DD_belatedPNG.fixPng( someNode ); // argument is an HTMLDomElement.**/../*.PLEASE READ:.Absolutely everything in this script is SILLY. I know this. IE's rendering of certain pixels doesn't make sense, so neither does this code!.*/..var DD_belatedPNG = {..ns: 'DD_belatedPNG',..imgSize: {},..delay: 10,..nodesFixed: 0,..createVmlNameSpace: function () { /* enable VML */...if (document.namespaces && !document.namespaces[this.ns]) {....document.namespaces.add(this.ns, 'urn:schemas-microsoft-com:vml');...}..},..createVmlStyleSheet: function () { /* style VML, enable behaviors */.../*....Just in cas

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\progress\progressbar.js

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):290
      Entropy (8bit):5.074349303430035
      Encrypted:false
      SSDEEP:
      MD5:90A92BA5F9E40BB04EAA1471CADBBF3F
      SHA1:959203C9521355CCF825D86967F4C89E5C14013D
      SHA-256:E59211E9B9E308ED6EEA793CCCD10D435314E3E74300F80854551099F3E07017
      SHA-512:40751537117B2A10BB6D63ECF8C62B1AB8789C1CA833A16E652B503BEE67818D1B196A036FB5E8A93D2F04182BE01038E0DC2F0BD4ABCCF62DA440CE2D04F584
      Malicious:false
      Reputation:low
      Preview:/* $(document).ready(function() {..$('.slideshow').cycle({...fx: 'fade' // choose your transition type, ex: fade, scrollUp, shuffle, etc.....});.});.*/...//Progress.function SetProgress(aCompleted).{. document.getElementById('progressbar-value').style.width = aCompleted+'%';..}.//Progress

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\readme.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3439
      Entropy (8bit):4.9977698778249495
      Encrypted:false
      SSDEEP:
      MD5:334823ECDC9A0F6E2936C8EE5ACE7B08
      SHA1:090B30B3D2047B933EEB79ADAD0C1C7756C67B76
      SHA-256:051128FA7456C9AE52957CC670779BA16445FF9F5E5476956210E5DE4F44A837
      SHA-512:2AD211254FFAC94AC0B29F405EA1CC4A24E7B89E4CC428370FAAD76B52366D79E9476F6AD67D903B823A17FF57259969D0A6CFD1DB7D18E613C81603B45BD8C6
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("ReadmeLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelB

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\retry.png

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):415
      Entropy (8bit):7.29235350712314
      Encrypted:false
      SSDEEP:
      MD5:65F17F28D6A6985B81D1D84009DEA12F
      SHA1:4D9BC44CFB62BD99B52FCC9AF57E25DE59D82C78
      SHA-256:8A11B1A7149A0BDEDDE102B914B5FCE45C1B2BC35BF3D6AC26E4B9A5EAB76354
      SHA-512:13C3DA76D5461CB9253023BA6408848DB0B6890BC339CCB3512308302CE6CBD4C7D11EBCDE80F535D5A1352C2E3F0BF1A5BAC53D1EC1EA1176AA3644F203782A
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<...AIDATx...+DQ....<.X..QRBSV.).V..[...a.?.......$%lE.........y~..{....&....z.{...1..b...X....o.c.W#......-t..........8G.Y.{.O1..f)#..K.Q]..Z...w...x.3W.S.V.bO...G..[<..%T...'.X.wp.Y.H.Nu..T..M..8i....#....$Y.:.I.dt.K.`../.J..n&.}}.<2..^....=...`...M?...2.p...1....}.m.....>,`..^_..>y.:rn...........v.#......./.~..g2.....IEND.B`.

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\rmfiles.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3419
      Entropy (8bit):4.94065011937662
      Encrypted:false
      SSDEEP:
      MD5:03CD59E7AA78F6CF1726D3CAA3AFE573
      SHA1:2C1F18F3AABF2026BCD52D1A7ACC96EC70BD805A
      SHA-256:553B2C7FE502DC538930D9529FCB0A87163FA9483F86C05E635ABC5929143B35
      SHA-512:ADAFF527A995C2B46A735231898321B8B2A62A4119D70F76867566EE4120ABCAAB99B1F59323F8CEEB2E6319C867EB5F75194463B088E50EDC8D554C70A6ED36
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">..//hook the window load event ("event" argument will be automatically populated by standard browsers)..//background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVec("Banne

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\setuptype.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):4218
      Entropy (8bit):5.0162342281420065
      Encrypted:false
      SSDEEP:
      MD5:89E37F50A2C42BFFF722D3BBE989532A
      SHA1:0293AECED64999BE0F9464445CEB36BC82B734EC
      SHA-256:B5C8943759F46DB3DE8D8A23CE0AE844B7D0D9E5CDC5DC1AC4D124BE0CFF5D5A
      SHA-512:6CB0F07CAC27C339D8C20A9763AEC540B5E6BC30EE365AAEF6D0DC3232E7365A3E9919D8BF7E7EAFFC98895759740CA7A1B9E1073B831CCE69EC7B7ACC70FB44
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Choose Installation Type</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. $(document).ready(function() {.. /* START XXX */.. ResolveTag("p");. ResolveTag("h1");. ResolveTag("span");.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVec("BannerBitmap", a);. ShowFooter();.. /* END XXX */.. $(".install-now a").hover(function() {. $(".install-now

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\style.css

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):5122
      Entropy (8bit):5.012995738328952
      Encrypted:false
      SSDEEP:
      MD5:A28068B5E5E40F2C51480735377DD6D7
      SHA1:D519FEF6B6563E273E0FF73072F4E0B78BE6E024
      SHA-256:7AA21BB23A76D1EAEBABEA376549AC0459BFAC6FCB61B1B4E317EA71023F85EC
      SHA-512:A312B2CFF3A19F18FD45D2DA00AC0BEF530068106AD8142589012AE5BA79F62FFD4E4E5CE0120F28A51D7338B304A5CD84DFB902C0D8520B92BFDB366B733689
      Malicious:false
      Reputation:low
      Preview:body.{. margin: 0;. padding: 0;. cursor: default;.}..a img.{. border: none;..}...clear.{. clear: both;. height: 0;. line-height: 0;. font-size: 0;.}...center-inline.{. text-align: center !important;.}./********/..#main.{. width: 600px;. height: 480px;. position: relative;. background-repeat: no-repeat;.}./********/..div#footer.{. height:70px;. position: absolute;. bottom: 0;. width: 600px;.}./********/.div#header.{. height: 65px;. width: 600px;. position: relative;.}..div#logo.{. height: 70px;. width: 60px;. float: left;. background-position: center center;. background-repeat: no-repeat;.}..h1.{. font: normal 17px/65px 'Segoe UI', 'Trebuchet MS', Arial;. float: left;. margin: 0;. color: #323232;.}../********/..div#content.{. height: 345px;. width: 480px;. margin: 0 auto;. position: relative;.}..div.central {.position: absolute;.left: 0%;.width: 100%;.}..div.aditional-info.{. position: absolute;. bottom: 10px;.}..div.aditional-info p.{. font-size: 12p

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\upgrade.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):4465
      Entropy (8bit):5.073693248790819
      Encrypted:false
      SSDEEP:
      MD5:10BCE7A93DDB3B253BA2647908E0EEC3
      SHA1:5275971BBF87CC7D136200CABD5C4167C190B458
      SHA-256:8769A68482F7A2EFC8AAA316B5993EDF477EBA6F6E8F3B17B85F6CAA1FD58EE6
      SHA-512:BF1BC9E71E22FAE8761DF19FA40AC557119C32F4F74E01BFE5D2EE692BDC93FD7B3C3565CB512CAC032F6ABF4E4588DAD2DF1A8C04D66CF1E53A5761E907D306
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">..//hook the window load event ("event" argument will be automatically populated by standard browsers)..//background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("UpgradeLogoIcon", 'logo');.. if (external.MsiEvaluateCondition("NOT AI_REPLACE_PRODUCTS") == false) {. element = document.getElementById("desc");. element.innerH

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\userexit.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3305
      Entropy (8bit):4.916708850641601
      Encrypted:false
      SSDEEP:
      MD5:277F66D37E4F656DE49AFE928FA3BA6C
      SHA1:F88BC6B4E96CBA3F9D65CE8134E7B1AE42EDA605
      SHA-256:840394404D8E524D798A5F07B5C68D343BA56D4AA8009942FFB186481607BD1E
      SHA-512:61483EF46A2B242238A345A74B1BC37A0A29FDE4EABE08BE5B8767C48355A2F65D1CC7DBA51072853923C99BB8C07DEE98418026E3712897F174219E81F929EB
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">..//hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVec("BannerBitmap", a);. ShowFooter();.. /* EN

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\userreg.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):5309
      Entropy (8bit):5.081267577969483
      Encrypted:false
      SSDEEP:
      MD5:B9F39DFB659B05CCBF76568CFF6549BC
      SHA1:EA0D83CEFC116D66B52F4C472F63E20E89A86379
      SHA-256:0193A5DBDF7C14CB8F97611C334A7DFC86588B5E921CE359419434B6CA15FC24
      SHA-512:E7F0D054346744E97CD6D86EBCC2FCFBB2784D18E33F34871B9760787156C8A4DA0CB89A6197FE720179AB6D663A4A8B674B3868F0C86A5598FB1014787B1CB9
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. //ResolveInput(document.getElementById('edit1'));.. ResolveTagValue('input');.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("UserRegLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. ResolveTag("label");. Reso

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\html\verifyrepair.html

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3326
      Entropy (8bit):5.11474399186219
      Encrypted:false
      SSDEEP:
      MD5:72C5DCEABDA9896D87C2D2D9B0345D43
      SHA1:95DCDD75F1A456F8E4862ACEBA51B930027F8DBC
      SHA-256:034EA8C557CECE01C380292ADA3A9BC531DEC6EF784D987ED16E8FFD12EDA520
      SHA-512:7ED752A3106DD77B6A343F607342EAE4D5921EA89428EF1A8D3F66D9D3A57047C855F848FA4546292498351E26896F97569C91A8B71E0AC09498B65606E0460E
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("InstallLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIn

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\variations\lavender\nohead\background.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):13831
      Entropy (8bit):6.9535432766085306
      Encrypted:false
      SSDEEP:
      MD5:E6926CE713F5EA8938EEEE1B140E8458
      SHA1:25CFB5E57F82A223345B4B6F4E2F8F956244FEAC
      SHA-256:551DEDD3D4C0C6666BBE3C8A7926CBF55DE7F5BA4EC981E0FBB8E3B56FD30267
      SHA-512:FA92E1385587FBF63CA934EDEA058626E78230AFC112A7B52CA68E2212F448EC7ED373105E109E8AAD9E0CA729A42E5599431332D1329BDE4DC5BB38E5549072
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X.....................................................................................!..1Aa...Qq.."2R....BbS..r#C..3...c$T....D......................1.!..AQa2.q......BR.............?...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\variations\orange\banner.gif

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:GIF image data, version 89a, 500 x 304
      Category:dropped
      Size (bytes):9596
      Entropy (8bit):7.918951404674889
      Encrypted:false
      SSDEEP:
      MD5:4C0E582BBC7045C78FE27D4AB992D2A9
      SHA1:573CCFA0D2495E82CEFF6675D5476E45DF3D8643
      SHA-256:4CAA70E3B58853FF97619CFA3D5DB35BB6442E2099769A56156F1678FC46873B
      SHA-512:5360CBF6CEE11ECE36055E2D05880526D83D94C8F8E28FFD10EA8E53C49E51078F6F2215C3249EE73E01EB36EB441838BDC1EBE0F15DBD2BD799D70BE90B2C6E
      Malicious:false
      Reputation:low
      Preview:GIF89a..0........[..K......J.c..C.......D.....;........f..;..J..T..Q....j.....e..n..]...R....R..`..4..^..U..2..b..x..i..E.....................I..U..B.....Z..O..O..Q..i..T.....m.....O.L..6.e.....r...,.u9.V..O.................[..r....z..b..Y........j..^........w..3..l..}..g..o.......X..d..u..`...... .V..U.............................B.v..#...o...........g...O. ..3..D...........?.....d.....(.r...%.l..........................e..|......1........G.y...9..<..+..6.j..a...B....c.>.....c...{.......S...z...._.......J..H).B.;....m..b..7..F..P..?..X..M....Q...c..z..|..L..:.....q.@..W..^...=....?.9...Y+.M.X..Z.....s..t..o..L..u..3..6..m..r..D'.G(.~..Y... ....@..A..H..e..T..B...C..J..U..w..V.a....P.A..K..?...6..N.`..M....@..L..O..Q..W..U..A..C..9...@....!.......,......0........A............#J.H....3j.... C..I....mL....0c.....8s.....@I.t..F..H.*]..h.P.J.J..U.6r.....`.z.J...h..hC..Mp..K...x....oH.....L.....*^...6(..L....-?......#..M....M.^...6

      C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\themes\spring\resources\variations\orange\stp-banner.jpg

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):4442
      Entropy (8bit):7.393321151207749
      Encrypted:false
      SSDEEP:
      MD5:01EE89A61672242FB0A71CEB6E9260BC
      SHA1:EDCA1B44306DFDA8F3F1E6A12113B077524EB74F
      SHA-256:38C6A2D607DEC23DE3F4F5D22584CC960A214BF2E955B7AB96AA19CAE83DDD67
      SHA-512:07342E9E9DC6FDBB8B31E9B4EB06B4B755475F67A98D82B50240914D38E138CB58F5E90D65D2EDE7549C72D46AD76E6F5876877145DEE3EBDD85EA4E79AEBFC2
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@..............................................................................................!.1A..Qq"2...a.BR#..3C..b..SD........................1!AQ....."aq..2R..#...Bb..r..$4.............?..................................................a|_.;.....................1..Q.g~/'.D>V......;..H.....R.x..'...Om....Q.o..Tn.....g.p$..Ml...-(E....X*'.4.......$.#r.d......(V...G.....a.....I.M..C{.p....2m...T.)WKV..\.9.0.sP...~.K.c..O..O.^.Q.S}{.&7,...\ok...wJ>......O0.?.7o.o.rY....~\K.n.v.<.U..E.+.~....v.f....Mc.N.5..EV.n...cf.T...."v.f..TcI\.....}.;q.<....(...V...*Z..>>"J.y..{_...'.^.u..[|?.MG|...r.m..1r..I=.M......Vve..=.<.*....{..y\..l.G.....[.......8.l}=..7.m}~%7......G.~.....].......}Z..O..}.........................................................88........

      C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\8d58b4a3de36045fdc5ccb71d897e0f9_9e146be9-c76a-4720-bcdb-53011b87bd06

      Download File
      Process:C:\Windows\SysWOW64\msiexec.exe
      File Type:data
      Category:dropped
      Size (bytes):63
      Entropy (8bit):2.439413668931803
      Encrypted:false
      SSDEEP:
      MD5:E8818E084A561062CDE477298C2B767F
      SHA1:B4F5DFC661050257D6543429E04115EFBD18EFEC
      SHA-256:E05215F5700ED2944EE8AFB4AAF6FA1B5CA38C5D4A39A14F436DCA537FD66CD7
      SHA-512:72D2B588E6A82693C47A1557CD6849D823A483F0987EBE9F8A146DF802EAB2E18ECC7478C5A4EA7DDAF6C1CA79F077C64F6C08CF8F1826B9F0796F6668417FA9
      Malicious:false
      Reputation:low
      Preview:........................................ACryptKeyContainerName.

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\.@>25@:0 >1=>2;5=89 Advanced Installer 15.9.lnk (copy)

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Sun Mar 31 10:51:32 2019, mtime=Fri Dec 22 13:41:57 2023, atime=Sun Mar 31 10:51:32 2019, length=900768, window=hide
      Category:dropped
      Size (bytes):1487
      Entropy (8bit):4.643642672480606
      Encrypted:false
      SSDEEP:
      MD5:32FE22B2946017E0577AD8C5CA67AA99
      SHA1:2BF578C9EEE81A0F390E0F54C3F8FB7F605F79A9
      SHA-256:14D853CB77C855CE974586697DD09E7A7DBC3C5EFF18CE8FE45CC8FCDDB02139
      SHA-512:4639EEDC1F3A10252B366910349672214F1B24E90506B18EC211922C0FF77AC0B4CB047537E2628BD0E8657873F6378C80665E266FE4D3B62304B416BEE04DAD
      Malicious:false
      Reputation:low
      Preview:L..................F.... .......K........4......K................................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.....................6M..x.8.6.....b.2......Np^ .updater.exe.H......Np^.W=u..............................u.p.d.a.t.e.r...e.x.e.......y...............-.......x...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\updater.exe..Y.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\.@>25@:0 >1=>2;5=89 Advanced Installer 15.9.lnk~RF64bee4.TMP (copy)

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Sun Mar 31 10:51:32 2019, mtime=Fri Dec 22 13:41:57 2023, atime=Sun Mar 31 10:51:32 2019, length=900768, window=hide
      Category:dropped
      Size (bytes):1442
      Entropy (8bit):4.615312400285577
      Encrypted:false
      SSDEEP:
      MD5:1ADF49E4638D25DAF3B5CA71EA93ABD9
      SHA1:76C873767B457578C7F564E4C4BC436C0E4B2C30
      SHA-256:8C95E01981C178D06C8711F6B3014AA0365D4A1A4C770360A6E717A4F9A40809
      SHA-512:CA8D378191B2353BFFAB3D8A2AFC67A8AB967F81BA06473FC144A687D187020FF6A5B8825745E8702FD99D0DB1B955E2E17A3F26914F1562EC7F8CA8416FA868
      Malicious:false
      Reputation:low
      Preview:L..................F.... .......K........4......K................................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.....................6M..x.8.6.....b.2......Np^ .updater.exe.H......Np^.W=u..............................u.p.d.a.t.e.r...e.x.e.......y...............-.......x...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\updater.exe..Y.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\?????? ??????????? ????????? 15.9.lnk

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Tue Apr 23 14:17:22 2019, mtime=Fri Dec 22 13:41:41 2023, atime=Tue Apr 23 14:17:22 2019, length=6135456, window=hide
      Category:dropped
      Size (bytes):1439
      Entropy (8bit):4.6454699736778435
      Encrypted:false
      SSDEEP:
      MD5:755C85FCBD7E857FF3DE678E90619A26
      SHA1:C4AB381E9C81FF5042F8CFDFC9A6C765E3319DCB
      SHA-256:4425827A1E502D8C533FACB0FE75B12957F68DAC037F53374CC5526933D105EE
      SHA-512:E3A814C333B52E02F822AA6584379DF653C4B14ED2670314AE28E47C8E65B1E02CE0CB5D7374F78C54DBE568409EB1563AAF805B4065C1B64B2951076A944DA4
      Malicious:false
      Reputation:low
      Preview:L..................F.... ............k1..4............]..........................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.........................x.8.6.....j.2...]..N+z .REPACK~1.EXE..N......N+z.W5u..............................R.e.p.a.c.k.a.g.e.r...e.x.e.......|...............-.......{...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\Repackager.exe..\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5..

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\??????? Advanced Installer 15.9.lnk

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sun Mar 31 10:53:56 2019, mtime=Fri Dec 22 13:41:39 2023, atime=Sun Mar 31 10:53:56 2019, length=14584419, window=hide
      Category:dropped
      Size (bytes):1138
      Entropy (8bit):4.735428642508639
      Encrypted:false
      SSDEEP:
      MD5:60E9DDB9BB64A50194E7391E5CEA5CC0
      SHA1:041E90CEA8480C6470E1B78E9E79EA8B748059EC
      SHA-256:5937F4EAE8FEB98A17B0BC51F38FAD78507538EDCC78119B98AAD53D6CF12FB6
      SHA-512:8CEB2D6AD3FA585CF2F808533A6623EF5249DB6BBA123EC3675C35013B4926BDDB324CE71B3F7908BE3DB013017C952D4F7B1B7B90FFDE3B2CAF8420AA159086
      Malicious:false
      Reputation:low
      Preview:L..................F.... ....b.cK........4...b.cK...c............................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....b.2.c....N.^ .advinst.chm.H......N.^.W4u....g.........................a.d.v.i.n.s.t...c.h.m.......q...............-.......p...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\advinst.chm..Q.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.a.d.v.i.n.s.t...c.h.m.........*................@Z|...K.J.........`.......X.......367706...........hT..CrF.f4... ..0.+d...,....%..hT..CrF.f4... ..0.+d...,....%.

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\???????? ?????????? 15.9.lnk

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Tue Apr 23 14:13:26 2019, mtime=Fri Dec 22 13:42:03 2023, atime=Tue Apr 23 14:13:26 2019, length=1751200, window=hide
      Category:dropped
      Size (bytes):1474
      Entropy (8bit):4.637199325706967
      Encrypted:false
      SSDEEP:
      MD5:74AEFEAC6534D6D1CF10256CF9E77542
      SHA1:0BD67FBF69A9339AD582BAC255004D69933AAE2B
      SHA-256:1012EFA2554B381684087666C7DCAA05FA4449E2741855D58B6C955919435BB5
      SHA-512:3E9F171D423D5992ED74AF6824541C8E499400C8AC0023CC20940AE18BD64FC352C09B295EE451A2635BF93973AB88C7E5EED91F7A13B3494F148CF0D5CAC13D
      Malicious:false
      Reputation:low
      Preview:L..................F.... ..../n......r0..4.../n..................................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.........................x.8.6.....x.2......N.y .CONFLI~1.EXE..\......N.y.WBu..............................C.o.n.f.l.i.c.t.s.D.e.t.e.c.t.o.r...e.x.e.......................-...................W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\ConflictsDetector.exe..c.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\???????? ?????????? Advanced Installer 15.9.lnk

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Sun Mar 31 10:51:32 2019, mtime=Fri Dec 22 13:41:57 2023, atime=Sun Mar 31 10:51:32 2019, length=900768, window=hide
      Category:dropped
      Size (bytes):1442
      Entropy (8bit):4.615312400285577
      Encrypted:false
      SSDEEP:
      MD5:1ADF49E4638D25DAF3B5CA71EA93ABD9
      SHA1:76C873767B457578C7F564E4C4BC436C0E4B2C30
      SHA-256:8C95E01981C178D06C8711F6B3014AA0365D4A1A4C770360A6E717A4F9A40809
      SHA-512:CA8D378191B2353BFFAB3D8A2AFC67A8AB967F81BA06473FC144A687D187020FF6A5B8825745E8702FD99D0DB1B955E2E17A3F26914F1562EC7F8CA8416FA868
      Malicious:false
      Reputation:low
      Preview:L..................F.... .......K........4......K................................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.....................6M..x.8.6.....b.2......Np^ .updater.exe.H......Np^.W=u..............................u.p.d.a.t.e.r...e.x.e.......y...............-.......x...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\updater.exe..Y.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\???????? ????????????? Intune 15.9.lnk

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Tue Apr 23 14:15:06 2019, mtime=Fri Dec 22 13:42:07 2023, atime=Tue Apr 23 14:15:06 2019, length=1019040, window=hide
      Category:dropped
      Size (bytes):1433
      Entropy (8bit):4.61383198492795
      Encrypted:false
      SSDEEP:
      MD5:2B06342DD75A14DF7F6DCC23C660B309
      SHA1:08EDD167103F2A5FE84FEC02702C302494E1F7E3
      SHA-256:97BD5ACB591BE6EAFBB59B73F49E80E6C75255C2749D5360A93FE0BB2AE43B0D
      SHA-512:5AD8645A27845CB7772D06AEA347977B57C72A35CC9185C48207FF97DC7833A956D0C9965642375A6CD07BACA6B507D3AC6098DA321A13F662F911FEF9B9E048
      Malicious:false
      Reputation:low
      Preview:L..................F.... ......U...."....4.....U.................................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.........................x.8.6.....`.2......N.y .intune.exe..F......N.y.WDu..............................i.n.t.u.n.e...e.x.e.......x...............-.......w...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\intune.exe..X.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.\.x

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\???????? ????????????? SCCM 15.9.lnk

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Tue Apr 23 14:19:34 2019, mtime=Fri Dec 22 13:41:59 2023, atime=Tue Apr 23 14:19:34 2019, length=2239648, window=hide
      Category:dropped
      Size (bytes):1405
      Entropy (8bit):4.632279755976066
      Encrypted:false
      SSDEEP:
      MD5:A8B99F760DB23B67A359816219B49A9D
      SHA1:616E60010EEC3DDB1A130AE377CCC2A67F971A29
      SHA-256:E366534F2F6B025D502395C1D7AE9D3DCF2876CD643D123D9BCF080944AA3764
      SHA-512:3F33C13C454C1299BDCCFC0D6F9929B370F1FE8C906F2230FE05E19A4F7F8BB2C169B000A33860FE8AFA021352B3275FF69C3EED0957E54C5DD043C89958C402
      Malicious:false
      Reputation:low
      Preview:L..................F.... ...............4...........,"..........................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.........................x.8.6.....Z.2..,"..Nqz .sccm.exe..B......Nqz.W@u..............................s.c.c.m...e.x.e.......v...............-.......u...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\sccm.exe..V.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.\.x.8.6.\.s

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\???????? Advanced Installer 15.9.lnk

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Apr 23 14:00:00 2019, mtime=Fri Dec 22 13:41:39 2023, atime=Tue Apr 23 14:00:00 2019, length=20920, window=hide
      Category:dropped
      Size (bytes):1138
      Entropy (8bit):4.698539299982111
      Encrypted:false
      SSDEEP:
      MD5:9588C1E4CA9D88537CA8F1D5E57B1123
      SHA1:DC10377EB941DE0C0E42B1E10F1879E42553F4EB
      SHA-256:FDA098ACF6EDE3A304E7E78FF8B93578C2D98E8C4F2CBCF2CBE436E4574FF84B
      SHA-512:F5B17F2C8AF3556576109E5FBD09AB20618C0BB7BF6432626C30A55D51CF33D082035596A8A7CFD65252DF4B4CB56707BBA6564B23BB2042256578851C1EB47E
      Malicious:false
      Reputation:low
      Preview:L..................F.... ....X.9....T~,..4...X.9.....Q...........................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....b.2..Q...N.x .license.rtf.H......N.x.W4u....j.........................l.i.c.e.n.s.e...r.t.f.......q...............-.......p...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\license.rtf..Q.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.l.i.c.e.n.s.e...r.t.f.........*................@Z|...K.J.........`.......X.......367706...........hT..CrF.f4... ..0.+d...,....%..hT..CrF.f4... ..0.+d...,....%.

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\Advanced Installer 15.9.lnk

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Thu May 2 07:49:38 2019, mtime=Fri Dec 22 13:41:38 2023, atime=Thu May 2 07:49:38 2019, length=40923296, window=hide
      Category:dropped
      Size (bytes):1422
      Entropy (8bit):4.612761891185044
      Encrypted:false
      SSDEEP:
      MD5:A488D220EE797F81E80FD62D0A4AEF07
      SHA1:5A9FCC24C878A55047741F07D4B465DEDF2BC01D
      SHA-256:04F941607E877E1F21EAE87A6DA4EF45D1CD31FF921A5BE79320D8C2BB4E29F2
      SHA-512:C7E7AF4235CFBF9658B0C181C3244A2E8F2B8D94D90A114AFCA4C50BBACF9931E048A12A482E22C93E498E7B787E344B2CA91B2612F351D0B5AF71B311BA60F8
      Malicious:false
      Reputation:low
      Preview:L..................F.... .....c......W...4....c......pp..........................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.........................x.8.6.....b.2..pp..N3F .advinst.exe.H......N3F.W4u....f.........................a.d.v.i.n.s.t...e.x.e.......y...............-.......x...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\advinst.exe..Y.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\Advanced Installer 15.9.lnk~RF64bf04.TMP (copy)

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Thu May 2 07:49:38 2019, mtime=Fri Dec 22 13:41:38 2023, atime=Thu May 2 07:49:38 2019, length=40923296, window=hide
      Category:dropped
      Size (bytes):1422
      Entropy (8bit):4.612761891185044
      Encrypted:false
      SSDEEP:
      MD5:A488D220EE797F81E80FD62D0A4AEF07
      SHA1:5A9FCC24C878A55047741F07D4B465DEDF2BC01D
      SHA-256:04F941607E877E1F21EAE87A6DA4EF45D1CD31FF921A5BE79320D8C2BB4E29F2
      SHA-512:C7E7AF4235CFBF9658B0C181C3244A2E8F2B8D94D90A114AFCA4C50BBACF9931E048A12A482E22C93E498E7B787E344B2CA91B2612F351D0B5AF71B311BA60F8
      Malicious:false
      Reputation:low
      Preview:L..................F.... .....c......W...4....c......pp..........................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.........................x.8.6.....b.2..pp..N3F .advinst.exe.H......N3F.W4u....f.........................a.d.v.i.n.s.t...e.x.e.......y...............-.......x...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\advinst.exe..Y.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\~??????? ?????????? Advanced Installer 15.9.tmp

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Sun Mar 31 10:51:32 2019, mtime=Fri Dec 22 13:41:57 2023, atime=Sun Mar 31 10:51:32 2019, length=900768, window=hide
      Category:dropped
      Size (bytes):1487
      Entropy (8bit):4.643642672480606
      Encrypted:false
      SSDEEP:
      MD5:32FE22B2946017E0577AD8C5CA67AA99
      SHA1:2BF578C9EEE81A0F390E0F54C3F8FB7F605F79A9
      SHA-256:14D853CB77C855CE974586697DD09E7A7DBC3C5EFF18CE8FE45CC8FCDDB02139
      SHA-512:4639EEDC1F3A10252B366910349672214F1B24E90506B18EC211922C0FF77AC0B4CB047537E2628BD0E8657873F6378C80665E266FE4D3B62304B416BEE04DAD
      Malicious:false
      Reputation:low
      Preview:L..................F.... .......K........4......K................................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.....................6M..x.8.6.....b.2......Np^ .updater.exe.H......Np^.W=u..............................u.p.d.a.t.e.r...e.x.e.......y...............-.......x...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\updater.exe..Y.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Installer 15.9\~dvanced Installer 15.9.tmp

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Thu May 2 07:49:38 2019, mtime=Fri Dec 22 13:41:38 2023, atime=Thu May 2 07:49:38 2019, length=40923296, window=hide
      Category:dropped
      Size (bytes):1531
      Entropy (8bit):4.60936070507002
      Encrypted:false
      SSDEEP:
      MD5:127C2CAF4802CE0BEE2E45689A0A8B71
      SHA1:BD368E524D187B5C2B0BD991FFBB438BB51F85F4
      SHA-256:2E6088533178E65842322243B89FF00BFE95BD072CCACEFD3AA50121BB6AF819
      SHA-512:5F2236465844EA42AE4B63BAA58C25295A74158C3B4395B8E9A7EA290386F4DA7065B9A53A0D7DF2414656016E52FA28693576549215B2191675BF23CDDF4DF9
      Malicious:false
      Reputation:low
      Preview:L..................F.... .....c......W...4....c......pp..........................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.........................x.8.6.....b.2..pp..N3F .advinst.exe.H......N3F.W4u....f.........................a.d.v.i.n.s.t...e.x.e.......y...............-.......x...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\advinst.exe..Y.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.

      C:\ProgramData\regid.2003-04.com.caphyon\regid.2003-04.com.caphyon_Advanced Installer 15.9.swidtag

      Download File
      Process:C:\Windows\SysWOW64\msiexec.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (308), with CRLF line terminators
      Category:dropped
      Size (bytes):1660
      Entropy (8bit):4.991659161185706
      Encrypted:false
      SSDEEP:
      MD5:2E254527B0AD92D3DC877BA0F4B55552
      SHA1:CD014FE9E3D3359A5CD94F7CCF9D2C57BAEB46FF
      SHA-256:98EC227546B51D962DA55F3FE9DFB402B70F1C8F1F1029A2450FBF29BAFA2788
      SHA-512:880DE21143E117555E35B89DB1A3028378B03DA111FE161554F60A2546AB9AFF76D0B7A9538736CA114EFBA6E3E0A937F8C3D0AC3D05B4D602F4E591E87544E0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<swid:software_identification_tag xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:swid="http://standards.iso.org/iso/19770/-2/2008/schema.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://standards.iso.org/iso/19770/-2/2008/schema.xsd software_identification_tag.xsd">.. <swid:entitlement_required_indicator>false</swid:entitlement_required_indicator>.. <swid:product_title>Advanced Installer 15.9</swid:product_title>.. <swid:product_version>.. <swid:name>15.9</swid:name>.. <swid:numeric>.. <swid:major>15</swid:major>.. <swid:minor>9</swid:minor>.. <swid:build>0</swid:build>.. <swid:review>0</swid:review>.. </swid:numeric>.. </swid:product_version>.. <swid:software_creator>.. <swid:name>Caphyon</swid:name>.. <swid:regid>regid.2003-04.com.caphyon</swid:regid>.. </swid:software_creator>.. <swid:software_licensor>.. <swid:name>Caphyon</swid:name>..

      C:\Users\Public\Desktop\Advanced Installer 15.9.lnk

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu May 2 07:49:38 2019, mtime=Fri Dec 22 13:42:09 2023, atime=Thu May 2 07:49:38 2019, length=40923296, window=hide
      Category:dropped
      Size (bytes):1292
      Entropy (8bit):4.679017401394796
      Encrypted:false
      SSDEEP:
      MD5:CA763FE1A6C89BD17AF8B2C58C24E68F
      SHA1:57D5415CA32FFC065654AE4BB88FE5E3560EFF86
      SHA-256:16106EAD056154FDBB8B8477BD783859B83A6403BB1EC07F6FCA44AED8C6331F
      SHA-512:66279A91DBBEA8584080466BB4B7BC499EDB4F02A9B499C7BA89AF1BF78434DCBD2589515518C28C0824EC25CE7072F04E92F5452F69313C66DDCA8CE3871E04
      Malicious:false
      Reputation:low
      Preview:L..................F.... .....c..........4....c......pp..........................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.........................x.8.6.....b.2..pp..N3F .advinst.exe.H......N3F.W4u....f.........................a.d.v.i.n.s.t...e.x.e.......y...............-.......x...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\advinst.exe..P.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.\.x.8.6.\.a.d.v.i.

      C:\Users\Public\Desktop\Advanced Installer 15.9.lnk~RF64bf23.TMP (copy)

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu May 2 07:49:38 2019, mtime=Fri Dec 22 13:42:09 2023, atime=Thu May 2 07:49:38 2019, length=40923296, window=hide
      Category:dropped
      Size (bytes):1292
      Entropy (8bit):4.679017401394796
      Encrypted:false
      SSDEEP:
      MD5:CA763FE1A6C89BD17AF8B2C58C24E68F
      SHA1:57D5415CA32FFC065654AE4BB88FE5E3560EFF86
      SHA-256:16106EAD056154FDBB8B8477BD783859B83A6403BB1EC07F6FCA44AED8C6331F
      SHA-512:66279A91DBBEA8584080466BB4B7BC499EDB4F02A9B499C7BA89AF1BF78434DCBD2589515518C28C0824EC25CE7072F04E92F5452F69313C66DDCA8CE3871E04
      Malicious:false
      Reputation:low
      Preview:L..................F.... .....c..........4....c......pp..........................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.........................x.8.6.....b.2..pp..N3F .advinst.exe.H......N3F.W4u....f.........................a.d.v.i.n.s.t...e.x.e.......y...............-.......x...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\advinst.exe..P.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.\.x.8.6.\.a.d.v.i.

      C:\Users\Public\Desktop\~dvanced Installer 15.9.tmp

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu May 2 07:49:38 2019, mtime=Fri Dec 22 13:42:09 2023, atime=Thu May 2 07:49:38 2019, length=40923296, window=hide
      Category:dropped
      Size (bytes):1401
      Entropy (8bit):4.671985742941945
      Encrypted:false
      SSDEEP:
      MD5:0A2E8734F27EA63909A2308457EA2455
      SHA1:C1A2E71B39D60099E4B80CF26BA6B3A616CEFE3D
      SHA-256:513BB16B2E63E4B0CE16B5AFD0B80A402DAA300AA41E520B97BD9CBCEA8C6148
      SHA-512:BF07BA1C0597F54CE75B5F5B9E5F13D2C4317C3EF26759C0FA0E1A6C7F0B505AA6E61B7DF47D8062A6D1675821536A3378AF11CE412C786C7E8A7B4994460E53
      Malicious:false
      Reputation:low
      Preview:L..................F.... .....c..........4....c......pp..........................P.O. .:i.....+00.../C:\.....................1......W4u..PROGRA~2.........O.I.W4u....................V........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....V.1......W4u..Caphyon.@......W4u.W4u....b........................C.a.p.h.y.o.n.....z.1......WBu..ADVANC~1.9..`......W4u.WBu....c.........................A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.....J.1......WBu..bin.8......W4u.WBu....d......................{..b.i.n.....J.1......WEu..x86.8......W4u.WEu....e.........................x.8.6.....b.2..pp..N3F .advinst.exe.H......N3F.W4u....f.........................a.d.v.i.n.s.t...e.x.e.......y...............-.......x...........W.......C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\advinst.exe..P.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.C.a.p.h.y.o.n.\.A.d.v.a.n.c.e.d. .I.n.s.t.a.l.l.e.r. .1.5...9.\.b.i.n.\.x.8.6.\.a.d.v.i.

      C:\Users\user\AppData\Local\AdvinstAnalytics\54c78abab454e84006e1109d\15.9\tracking.ini

      Download File
      Process:C:\Windows\SysWOW64\msiexec.exe
      File Type:ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):26
      Entropy (8bit):4.0081320258334
      Encrypted:false
      SSDEEP:
      MD5:6BC190DD42A169DFA14515484427FC8E
      SHA1:B53BD614A834416E4A20292AA291A6D2FC221A5E
      SHA-256:B3395B660EB1EDB00FF91ECE4596E3ABE99FA558B149200F50AABF2CB77F5087
      SHA-512:5B7011ED628B673217695809A38A800E9C8A42CEB0C54AB6F8BC39DBA0745297A4FBD66D6B09188FCC952C08217152844DFC3ADA7CF468C3AAFCEC379C0B16B6
      Malicious:false
      Reputation:low
      Preview:[General]..Active = true..

      C:\Users\user\AppData\Local\AdvinstAnalytics\54c78abab454e84006e1109d\15.9\{B6D74675-FA6B-43D4-90A8-0899FAE9B499}.session

      Download File
      Process:C:\Windows\SysWOW64\msiexec.exe
      File Type:ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):11216
      Entropy (8bit):5.356111467085477
      Encrypted:false
      SSDEEP:
      MD5:5D8322507993A625B6E1E11CA6098B56
      SHA1:D466306334EE763F003BE615B39435B91887C288
      SHA-256:A056B28384FCCEF3B7EFB876F3463E29B08784D274B967516364EF706750C283
      SHA-512:3DD50E7FF884FC2C4A06095C07507593581F9C64BA4306DD97BC2B707C2E6E823DF267FA35C559F46BAE08C10EBCEF7F07DC9B98A1311AE5B37AC8F22E2F133C
      Malicious:false
      Reputation:low
      Preview:[Hit {CE628302-DFAB-4549-B10E-EB43BA91C325}]..Queue Time = 0..Hit Type = lifecycle..Life control = start..Protocol Version = 3..Application ID = 54c78abab454e84006e1109d..Application Version = 15.9..Client ID = 01539B8255441ED02DE4FA0DB35B6D5C0E919E5D..Session ID = {B6D74675-FA6B-43D4-90A8-0899FAE9B499}....[Hit {D3809ED9-1193-4F46-A159-A7E4E752BCA3}]..Queue Time = 0..Hit Type = property..Label = VersionNT..Value = 1000..Protocol Version = 3..Application ID = 54c78abab454e84006e1109d..Application Version = 15.9..Client ID = 01539B8255441ED02DE4FA0DB35B6D5C0E919E5D..Session ID = {B6D74675-FA6B-43D4-90A8-0899FAE9B499}....[Hit {3356624B-B0D0-44DE-A7F5-CF28FEE973D5}]..Queue Time = 0..Hit Type = property..Label = VersionNT64..Value = 1000..Protocol Version = 3..Application ID = 54c78abab454e84006e1109d..Application Version = 15.9..Client ID = 01539B8255441ED02DE4FA0DB35B6D5C0E919E5D..Session ID = {B6D74675-FA6B-43D4-90A8-0899FAE9B499}....[Hit {AF1FFF52-E6AC-49F5-AE4C-077DE39196A9}]..Queue Ti

      C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder\MSBuild\Caphyon\Advanced Installer\AdvInstExtTasks.Targets

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:exported SGML document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):11333
      Entropy (8bit):5.105286337479963
      Encrypted:false
      SSDEEP:
      MD5:FED44D7BDA471BFBD235FE5D6A6A15BF
      SHA1:DD0C4C44C5A3376AD0AF4087C7E9E6A54E6A3EC0
      SHA-256:C5957E82EA2E696CB0B85CE4B8726312DDD922038B14828A3169E4EDB175434F
      SHA-512:576DA540EBB8506AC575A127391512C6D663DD25B3B8F127B4CDCADD3A48FEF0E67166EF2DB8FB41F5ED1D7A2B9C26C7D1D0A646608E34C2B9A61D330CE3384C
      Malicious:false
      Reputation:low
      Preview:<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">.. <UsingTask TaskName="Caphyon.AdvInstExtUtils.AdvInst" AssemblyFile="AdvInstExtTasks.dll"/>.. <UsingTask TaskName="Caphyon.AdvInstExtUtils.AdvInstRefsDetect" AssemblyFile="AdvInstExtTasks.dll"/>.. <UsingTask TaskName="Caphyon.AdvInstExtUtils.AdvInstSetRefProjectSource" AssemblyFile="AdvInstExtTasks.dll"/>.. <UsingTask TaskName="Caphyon.AdvInstExtUtils.SetOutputFilesProjectInfo" AssemblyFile="AdvInstExtTasks.dll"/>.. <UsingTask TaskName="Caphyon.AdvInstExtUtils.GetTargetPathComTlb" AssemblyFile="AdvInstExtTasks.dll"/>.. <UsingTask TaskName="Caphyon.AdvInstExtUtils.GetWebsiteProjectOutputs" AssemblyFile="AdvInstExtTasks.dll"/>.... <PropertyGroup Condition=" '$(OutDir)' != '' And '$(TeamFoundationServerUrl)' != '' ">.. <PackageOutput>$(OutDir)</PackageOutput>.. </PropertyGroup>.... <PropertyGroup Condition=" $(PackageOutput) == '' And '$(OutputPath)' != '' ">.. <PackageOutput>$(OutputPath)</PackageOutput

      C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder\MSBuild\Caphyon\Advanced Installer\AdvInstExtTasks.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
      Category:dropped
      Size (bytes):87552
      Entropy (8bit):5.1931469901416625
      Encrypted:false
      SSDEEP:
      MD5:6CA50F4757D32021647A8837E29B0730
      SHA1:96E57A6F6DEA79AEEBF154B4C3E898A69AAC0578
      SHA-256:50C4AF4196156D20B151595FB52FDBE63559FCCA3FE54B8C5983BCFB09764C20
      SHA-512:B7F2CD7E1463CED48CBE4B8C3E55C030D0234A95E8B3B94D2AFAEE4DEDCCA1A28D4889E8757E7B880AB27A330F0C279A57D60477DE887081AD03A269FC0AF1A7
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....\.........." ..0..N...........l... ........... ....................................@.................................Xl..O................................... k............................................... ............... ..H............text....L... ...N.................. ..`.rsrc................P..............@..@.reloc...............T..............@..B.................l......H........H..D...............(.............................................{....*"..}....*..{....*"..}....*..{....*"..}....*..{....*"..}....*..{....*"..}....*..{....*"..}....*..{....*"..}....*..0..#........(.....(....(......(....-.r...p.(....s....zr-..p..(....(.......(......(.....(....,..(....o....ru..p(....+..,.~....-.s.........s ......o!....o"......(......(.....(....,...(.....(....r...p(....-6r...p.~....%-.&~..........s#...%.....(...+(...+(&...+..(..........(...........('...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\ProgramFilesFolder\MSBuild\Caphyon\Advanced Installer\Advinst.Interop.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
      Category:dropped
      Size (bytes):17408
      Entropy (8bit):5.172228642756229
      Encrypted:false
      SSDEEP:
      MD5:4FD27708C862AAFE0F4FBA4199525B4E
      SHA1:394B21FE8CB5DEF25495E3FC1C8386B935BCBC39
      SHA-256:3C0E3F850621DC1040185E6FFEBF1F27185F82C8A665411586D814822B1F99BE
      SHA-512:F980661EE4755182539D8FF8601AB365AEAD6B301EED0730FCA3F933B3DA85793624FCEC7C790ECFBC6CC460BCCF7118002411CDFDC8AAFA43251C32E62250D8
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....\.........." ..0..<...........Z... ...`....... ....................................@.................................`Z..O....`..............................(Y............................................... ............... ..H............text....:... ...<.................. ..`.rsrc........`.......>..............@..@.reloc...............B..............@..B.................Z......H.......P ...8..........................................................BSJB............v4.0.30319......l....#..#~..P$......#Strings....</......#US.@/......#GUID...P/......#Blob...........W?.........3............!..............."...........U...........d...{.......................M...........l.............U...0.U.....U.....U...~.U.....U.....U.........F.......U...............m.......................T...........6.............9...........................\...Y.....................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\advinst.chm

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows HtmlHelp Data
      Category:dropped
      Size (bytes):14584419
      Entropy (8bit):7.998566641764158
      Encrypted:true
      SSDEEP:
      MD5:636ED7291440393DFBF2C685A46DD952
      SHA1:A1E61F022B41911E5803EB185AE2457E1ABEC3C3
      SHA-256:DC2001F1C25A3011E2643F6F13CE726FF0447A0321A19BBAC3D9B96B95DB3634
      SHA-512:2D19008AC0859AD091861467A3A93BF04394034F2CA724AD3BA37BE49C067373646793DD5DC4C7DDC8F24FCB7D48C1CF82491CC28C6573DB9CCB5F10DEF1B29C
      Malicious:false
      Reputation:low
      Preview:ITSF....`.........>].......|.{.......".....|.{......."..`.......(...............T.......................c.......................,...................j..].!......."..T.....................U.n.c.o.m.p.r.e.s.s.e.d.....M.S.C.o.m.p.r.e.s.s.e.d...{.7.F.C.2.8.9.4.0.-.9.D.3.1.-.1.1.D.0.:...........LZXC..........................CD.3..hV|..b.s7.......3..#..s..h...%.e.%...w......@.`/b..........!..3.m...................w...&R.H.3....:......" 2....4w*rjI.&..z.".v+...V..v.YB..V.2o.Zg..9.....H...@gB..$.......M....ku.@..P4.$..(...?............C.;;....;;....;;....;;....;........`..>.1r-./....}.......................................S....?....>.i..j(.W;....;;....;;....;;....;.EY(..:r../...{".Mx.d6[.A....?...HE......z.2.I.x../B..q.G....,..S.( =.<.C.(.r.Ie2. .7..<.o.d.BRT.....^.Jx..PDA..%.21.... .......^.yk<x.T.R1....X..B..,(H..%......$k.kQ..bPp\w..?....AH....C.}u)... a...f.$J).AE.F Q.3...EA|..Qs>].....Q....6.Lj.Z...`.........U.!.L.........;.W..y....%..K3(.#Z.n..Q......&.C..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\BestPractices.cub

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Advanced Installer Best Practices, Author: Caphyon, Keywords: Installer, MSI, Database, Comments: Advanced Installer best practices validation suit., Template: ;1033, Last Saved By: Ciprian Burca, Revision Number: {235FDF03-3DF7-4640-892B-B88396BFB937}, Last Printed: Fri Dec 11 11:47:46 2009, Create Time/Date: Fri Dec 11 11:47:46 2009, Last Saved Time/Date: Thu Aug 18 12:56:32 2011, Number of Pages: 200, Number of Words: 0, Name of Creating Application: Windows Installer, Security: 0
      Category:dropped
      Size (bytes):239104
      Entropy (8bit):6.318913650441562
      Encrypted:false
      SSDEEP:
      MD5:90D26A08B1E7DC68EE517AA5D4B6A5BA
      SHA1:E1D89783E5BCE48A4D9F7EF88E11D8A702E8F399
      SHA-256:4FEA4FD63B3C344217D24007BD8ACDA11036521231CF4FC2725DCFEDE14631EA
      SHA-512:224A128ADC09CA92962E2D4D7F7C81E1A03D3804F00D3FC78317D77DA0277DE49AFB686FCA5D24087EDFE54BEE57D080DD5B7E7ACE25F26D04E41DC6BA790F51
      Malicious:false
      Reputation:low
      Preview:......................>................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... ...!..."...#...$...%...&...'...(...)...*...+...,...-......./...0...1...2...3...4...5...6...7...8...9...:...;...<...=...>...?...@...A...B...C...D...E...F...G...H...I...J...K...L...M...N...O...P...Q...R...S...T...U...V...W...X...Y...Z...[...\...]...^..._...`...a...b...c...d...e...f...g...h...i...j...k...l...m...n...o...p...q...r...s...t...u...v...w...x...y...z...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\advinst.iso

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:ISO 9660 CD-ROM filesystem data 'ADVANCED_INSTALLER'
      Category:dropped
      Size (bytes):6893568
      Entropy (8bit):6.658212355377857
      Encrypted:false
      SSDEEP:
      MD5:A585E6C32D766D6BC667011B09268215
      SHA1:00A8CCB374C767777603138EC267266898C8DF19
      SHA-256:0620A8EF12E110CE60F31209D66590022E6580D4C9E6F355B45072A53D754705
      SHA-512:A1F7A40C8C7C1E6611E2BCDD9BE0C8EBD227CCD4706E71DD25D77AA8BEBB4E9C00FD5E808FCEA7CBF0A9CCB026D616EDD3B3A87EAF4A8A7803AE157FBA3A5C4C
      Malicious:false
      Reputation:low
      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\appv5comments.zip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
      Category:dropped
      Size (bytes):6706
      Entropy (8bit):7.236147081679439
      Encrypted:false
      SSDEEP:
      MD5:5E52209F78FF054E5B822685D6E170D8
      SHA1:4C2665B71F02B20FB0F40CBDE04D2F5876A0F1C1
      SHA-256:0D964331D1153BC493976834FDE3DCFE4D5C244334D42C73F50F982B8C111871
      SHA-512:93975849E4BB9CFF9ACF55EFE5DA2E6F56205E40BC4BF875F5B7992065233789AD4182D8F3E28FD7111861E78356470C6FE98848D68AD0EF37A22A322C9BFC19
      Malicious:false
      Reputation:low
      Preview:PK........{..NDBp......... .$.DeploymentConfig_FileComment.txt.. ...........}5......}5......}5....u..m.0....x...,......d..HG?-..K5...|!..[.....N....#..\$P..,.N.4.6*w1...6P..nd.U".p.EA..a.t..h...i.yL......7rx......oa|.:..xI...f."w.T...X..h.|..`.4I......HV}i...S..|.PK........{..N.J.)........*.$.DeploymentConfig_MachineScriptsComment.txt.. ...........}5......}5......}5......OK.@...B.C.F...m!.....Vp{...dp..f7E...k+m.F...m.{...t......%i..L....Z.z.d.l.@~..n.W.\9.."...-.Q......E....1.M..?..+..h'.%g@.H.R...Z_0........4......f..SLt.-._.C..........6./.m.wOoNj.{...p,.6.C5$....'...:P..3....... a...;%K.)r...+.../....H.2+._...M.GC.;.".....PK........{..N.MIJ...j...*.$.DeploymentConfig_RegistryDeleteComment.txt.. ...........}5......}5......}5......R......T;^..P.;.RA! .$.V)&...38$(2.719#3/5&8?..<.(5.-??.)..b..>..6.pS.PK........{..N...z.......+.$.DeploymentConfig_RegistryIncludeComment.txt.. ...........}5......}5......}5......R......T;^..P.;.R! .$.V)&...38$(2.719#3/5&8?..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\osprovision.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):6059344
      Entropy (8bit):6.793121589031713
      Encrypted:false
      SSDEEP:
      MD5:3020F78C2B6C2F260345425E3F4257A9
      SHA1:987E53DE0F07337EF1C7124E58E94E6AD256CD0A
      SHA-256:A2B3C91D310363E0DF8A4D94CE9EEE9519A9705301DBC4ED80CEDEFEC93FEB5D
      SHA-512:CD584B2627DDB9C4BCC2C38266D4CBA3DB81C3C2465C9D27B3DA34C0A9305DAC2EC565C3E2130D0E6EF6ADD20B23EA77D9EBF89EC20DDA3D921E90151213DC4D
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......mf..)...)...).....u.'.....w.......v.4...{o..1...{o......{o..x... ...-... ...*... ...+...)........n.......n{.(...)...(....n..(...Rich)...........PE..L....+.\.........."..........$....................@..........................p ......|\...@.................................`...(........S...........>\..6...........v..p...................`w.......;..@...................\...`....................text...?........................... ..`.rdata..^...........................@..@.data....q.......T..................@....rsrc....S.......T...>..............@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\BugReporter.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):515232
      Entropy (8bit):5.858930189158985
      Encrypted:false
      SSDEEP:
      MD5:B26EDDE5AF5D4D916FC5A496D9C9EF9D
      SHA1:06901201AB69DD3A5BEAED23259661756EA6313F
      SHA-256:F76B42EE1B292F9E805931EA72A29A22BB476FBB908C3CC7B27E2CFA7F676826
      SHA-512:6BD8B9007A3E0FED1872317379E0CDEC2DD96131B5C156DBEC1BC0A4457775D8B347602D8DE867993B8A0D49AA47F429ED5202F419FDD8CF57A68458009D76CE
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......uq.J1...1...1.....p.;.....r.......s.(...cx..8...cx......cx..}...8h..0...8h..$...1........y..(....y~.0...1...0....y..0...Rich1...........................PE..d....+.\.........."............................@..........................................`.................................................h........@.........`6..............<....$..p....................&..(....%...............................................text...4........................... ..`.rdata..............................@..@.data..../..........................@....pdata..`6.......8..................@..@.rsrc.......@......................@..@.reloc..<...........................@..B........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\ComExtractor.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (console) x86-64, for MS Windows
      Category:dropped
      Size (bytes):678560
      Entropy (8bit):6.189675077812417
      Encrypted:false
      SSDEEP:
      MD5:D99A87EB57166190A33BA4039E3BDFD7
      SHA1:1E4FE89FCD0E74EBCE477EE16A0C1FC8A7BCC80D
      SHA-256:44A6F34C770EDB2809B9EDD2EF53129A737BAC908544783EA323BB611345CAD3
      SHA-512:9360E3BFBAC80A66AF21A056649DF8BA7AA9D677E139628662AE19D5D19B2E1EC132085AFFCCCF215EBBFC6EDB5715D97C3921353427846EBDAB8D4DBA0AF00E
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......s4..7Ud@7Ud@7Ud@R3gA=Ud@R3aA.Ud@e=gA>Ud@e=`A.Ud@e=aAyUd@.<eA5Ud@>-.@5Ud@R3`A$Ud@R3eA.Ud@7Ue@uTd@.<mAmUd@.<.@6Ud@7U.@6Ud@.<fA6Ud@Rich7Ud@................PE..d...D-.\.........."............................@..........................................`.........................................................`..........tX...@.......p.......r..p....................s..(....r...............................................text............................... ..`.rdata..............................@..@.data...46..........................@....pdata..tX.......Z..................@..@.rsrc........`......."..............@..@.reloc.......p......................@..B........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\LZMA.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (console) x86-64, for MS Windows
      Category:dropped
      Size (bytes):714400
      Entropy (8bit):6.279804530947237
      Encrypted:false
      SSDEEP:
      MD5:A1F057A8203BF6402813D03BAA0BC544
      SHA1:5832D456B469ECE3BD05798C0F0636D478B4DAB9
      SHA-256:FE463DFF13D62BF7316521C48896BE4162BCDEC372F9BFC940F6C0DAB0F3A48B
      SHA-512:4C8E605672ACF81C83161D709D5CECE9EFF1AB7BCB7C3A27BB08BF1D4E7DCA12A9ED099CC161AC2F17CDD615038E2A21356CB63B538B1CF7CEF9461885D6170D
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........B..\#z.\#z.\#z.9Ey.V#z.9E...#z..Ky.U#z..K~.~#z..K...#z..J{.^#z.U[..^#z.9E~.H#z.9E{.O#z.\#{.#z..Js.h#z..J..]#z.\#..]#z..Jx.]#z.Rich\#z.........PE..d...0,.\.........."......f..........d..........@............................. .......j....`..................................................:.......... .......\X..............0.......p...................0!..(...0 ...............................................text...$d.......f.................. ..`.rdata..X............j..............@..@.data...,?...P.......:..............@....pdata..\X.......Z...X..............@..@.rsrc... ...........................@..@.reloc..0...........................@..B................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\Repackager.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):8193696
      Entropy (8bit):5.607574302145198
      Encrypted:false
      SSDEEP:
      MD5:2348A59E7BD8E78BAF75C8D11CF88751
      SHA1:03F6EDCB23206C8C8DC032A84618CF6DD73DBBF3
      SHA-256:BDEE747E92E63E53394D8813E99A12CDE88B34170136C3CE2F1EEE3F7DCA884B
      SHA-512:34222557DAAB2D3E4134A2C4DED4D91366E921DF644B70197C1B1D779CB05CA8AE4D6BDF211BD64BC3A5E248E55EC1BA335512109DC863CB4FEAB57A5E4908C1
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$.........B......................M...........................^............................................>.............2.......Z.............Rich....................PE..d....,.\..........".......7..8F.....||'........@..............................}......G}...`..................................................r...... x. ....`u.P.....|.......y......c.p...................`.c.(... <8...............7.....p.r......................text.....7.......7................. ..`.rdata...];...7..^;...7.............@..@.data....Z....s.......r.............@....pdata..P....`u......nt.............@..@.rsrc... .... x......,w.............@..@.reloc........y.......x.............@..B........................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\RepackagerCLI.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):5752992
      Entropy (8bit):5.351200258737233
      Encrypted:false
      SSDEEP:
      MD5:872B5CA9D6D99BB25F376583FED8E3A3
      SHA1:2D8CB5400577FF0B6763EF005E2CAFA555461638
      SHA-256:721878538B9B577E4F0EF2425877EA4DF38269421EAA3CD1962C8AB05D5F004D
      SHA-512:356BD549640DFB8AE98966CC3F0BF8B58C333308171F01557AE241BAAA394AD6761E33BBD94609F78B5550B9BCDDC739B6D25689D3739AD2C7533709D223DCFA
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........J.S.+...+...+..|.l..+..|.n.b+..|.o..+...C...+...C...+...C..G+...S...+...S...+...S...+...+..{)..^B..I*..^Bb..+...+...+..^B...+..Rich.+..................PE..d....,.\.........."..........r9.....,S.........@.............................PX......4X...`.................................................0.O.|.....R.......Q.@.....W......pT.....P.G.p.....................G.(....H........................O......................text............................... ..`.rdata..>.1.......1.................@..@.data....;....O.......O.............@....pdata..@.....Q......~P.............@..@.rsrc.........R.......R.............@..@.reloc.......pT.......S.............@..B........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\VmLauncher.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):5673632
      Entropy (8bit):5.370187442787324
      Encrypted:false
      SSDEEP:
      MD5:DB60AFCC39AB345D11BBF6440F695816
      SHA1:30EE5F6A0CF77DBFD27C42F39D4A740EEF53DEFE
      SHA-256:1E566DFEF6D3D1B03A05EAFA2C5BF0FE0C0D162F56FB64B99738C42DB540783F
      SHA-512:1A3D5D963DB794A661E47BFF897DC9E9981E737FD90F4C25963CF415EB4E0000BBE0BE94CB42B1DE497C66E71AE76387F1943BCA04D921F111DB3B331401297C
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........%m..D.Q.D.Q.D.Q...Q.D.Q...Q.D.Q...Q.D.Q.,.P.D.Q.,.P.D.Q.,.P2D.Q.<.Q.D.Q.<.Q.D.Q.<.Q.D.Q.<.Q.D.Q.D.Q.G.Q+-.P.E.Q+-.Q.D.Q.D.Q.D.Q+-.P.D.QRich.D.Q........PE..d....-.\.........."...........7................@..............................W.......V...`..................................................O.......R.......P.....xV...... S.......G.p.....................G.(...`................@........O. ....................text...|,.......................... ..`.rdata....0..@....0..2..............@..@.data.........O.......O.............@....pdata.......P......tP.............@..@.rsrc.........R.......R.............@..@.reloc....... S.......R.............@..B........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\dbghelp.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
      Category:dropped
      Size (bytes):1558912
      Entropy (8bit):6.001239639220649
      Encrypted:false
      SSDEEP:
      MD5:A5E4B3FF51CF5B7926D9651908FEB666
      SHA1:4EF5D229709E40F3F84E46C3A28341EADBD1A044
      SHA-256:13F0C74845318B52B76E6000564B1A99C37DE48422B44AC74D034FA222C65A23
      SHA-512:0615FF581B648715461349B1622FBC208042FC8C395CB2D271203B25B036F59EDB0FC3470065DC15061AF1BE0FFF48981F55BBEA7F00C88906E9B470764A86FA
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......D"2..C\..C\..C\.X...4C\.X....C\.D...C\.D....C\..C]..B\.D....C\.D...?C\.D...C\.D..-C\.'."..C\.D...C\.D....C\.Rich.C\.................PE..d...p6gK.........." .........Z......P........................................`......Gv....@.........................................`...%.......<........................%.......;..........................................................l...`....................text............................... ..`.data............^..................@....pdata..............................@..@.rsrc................@..............@..@.reloc..._.......`...D..............@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\encoder.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):353952
      Entropy (8bit):6.216015004308891
      Encrypted:false
      SSDEEP:
      MD5:CCBE8DFCF9C4E9B49498F1E2CFF4C832
      SHA1:68AE4D87638A852F2D74F46A9FD27E2A45E95F1A
      SHA-256:A65125B8E32A70A4CD41E9778B441FE1C088F3A6D09132DD3096E64C72328DE3
      SHA-512:B0ADA728514426679698876024BA6C2956812FA6E07290D13AF8F366F872C877D8671DFE43578C191B974BEEC987E777010E6785E976BB1FEA33F0747EA141B7
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............f.Y.f.Y.f.YW.(Y.f.YW.*Y.f.YW.+Y.f.Y...X.f.Y...X.f.Y...X.f.Y..ZY.f.Y..JY.f.Y.f.Yof.Yu..X.f.Yu..X.f.Yu.&Y.f.Y.fNY.f.Yu..X.f.YRich.f.Y................PE..d...*,.\.........." ................h.....................................................`.................................................t...P....... ........0...L..........T....h..p...........................@i.................. ............................text...|........................... ..`.rdata...J.......L..................@..@.data...@c..........................@....pdata...0.......2..................@..@.rsrc... ............<..............@..@.reloc..T............B..............@..B........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\expatai.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):214528
      Entropy (8bit):6.190250063146625
      Encrypted:false
      SSDEEP:
      MD5:305F5066DE3F7583FF4577751B83AE24
      SHA1:462471C2B858692446F1374EE1FF961BBC7AD650
      SHA-256:387866BD28D80A0F82518C7EC8982744B1421EB7C0BE3DFCBD2EC41D719E262D
      SHA-512:48B094A974F44F17117D7A54FAA73434BCCE10CD9597DEA9AF8FD474B038443AAD19138B95BE2868C7863B1C3545B960C04BD4A86737CD167322FB49015B0BAE
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........~. ...s...s...s.y.r...s.y.r...s.y.r...s.w.r...s.w.r...s.w.r...s.y.r...s...s...s.v.r...s.v.r...s.v2s...s.v.r...sRich...s................PE..d....-.\.........." .....:................................................................`.................................................h...(....p.......P..........................p............................................P...............................text....9.......:.................. ..`.rdata.......P.......>..............@..@.data........0......................@....pdata.......P......................@..@.rsrc........p.......:..............@..@.reloc...............<..............@..B........................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\registryTracer64.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):498176
      Entropy (8bit):6.203091276381521
      Encrypted:false
      SSDEEP:
      MD5:32A5BEC9AEFB343DE14218438C19091C
      SHA1:440849F01DD02F33D803B392E73B1610D4CBD61D
      SHA-256:AFE508A52D928F3A4FEA0BDBD005F62691FAB74AC9E1D560048801E35B66DFFB
      SHA-512:4ABF7DA27DE9C1BB6B0D06F687A697EEE44760515EFAC92DD84568D911642432354212B33F0C67D1C0926EC630E37D583118628C3802F218D6797F84A0040E64
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........M5..#f..#f..#f.. g..#f..&g0.#f.. g..#f..'g..#f..&g.#f..f..#f..'g..#f.."g..#f.."fw.#f..*g..#f..#g..#f...f..#f..!g..#fRich..#f........PE..d...?-.\.........." ................P........................................ ............`.....................................................x............`.. F...................M..p....................N..(....M...............................................text............................... ..`.rdata..,#.......$..................@..@.data....3... ......................@....pdata.. F...`...H..................@..@.detourc.!......."...`..............@..@.detourd............................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\uires.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):11719328
      Entropy (8bit):4.177125516510918
      Encrypted:false
      SSDEEP:
      MD5:72190D5C2A775B58CAA7F0DB7EBBCD9C
      SHA1:2F38F6E8CD274FE5A1194D2DC0498677B7474060
      SHA-256:87FFAC55AC4730CB2A11EC1E52F4484DC3DDF546FF7F06B076EC090A922EDC35
      SHA-512:DBADD90AC981F29AFE38FB222C8962A5652230213157F1215DCAE80E15D1B18B36B59277F5EA2850756AF14BC0949668A247CC4E198D2AD90ECAA1377570378E
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......=...y..y..y...=.x..y.U.}.....x..Richy..........PE..d....-.\.........." ....................................................................`.......................................................... .................................p............................................................................rdata..............................@..@.rsrc....... ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x64\zlibai.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):197632
      Entropy (8bit):6.353209398566031
      Encrypted:false
      SSDEEP:
      MD5:7DC4A83C36F481C71DE20831F6ED676F
      SHA1:01F782349F72020854FACE8B068923FFC3D7AA47
      SHA-256:84CE4817DC5443052D6F67EA402B1171B696B670A32976F6529035C46489CDC9
      SHA-512:AA75DF08F8FD9D5E7A4B57877CF11764EBEF3558E65F497A688666C998E24AA13D94025628D0A856EF170530C308FAF3A328EB6400DD27814BE73F1298BB08AB
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........T...5...5...5...S...5...S...5...S..f5...]...5...]...5...]...5...S...5...5...5..e\...5..e\...5..e\...5..e\j..5...5...5..e\...5..Rich.5..................PE..d....-.\.........." ................`........................................P............`.....................................................(....0..P....................@..H.......p...........................p...................8............................text...P........................... ..`.rdata..............................@..@.data...............................@....pdata..............................@..@.rsrc...P....0......................@..@.reloc..H....@......................@..B........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\AdvancedAnalytics.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):520352
      Entropy (8bit):6.579154257228585
      Encrypted:false
      SSDEEP:
      MD5:542A57A4C42D49A389A1E77053688C6A
      SHA1:9147507F07A497E6ED7B5C887A893CDF90BE732F
      SHA-256:EBA865846BF6C584DFA26112BE64D5AF0D586461A8F790C0DBFCA9F541DAD050
      SHA-512:976D672F8EAF70054A03B0B13848EE0D8658DAA4FC026019FE4EB561F215DEF081868FCF29579938FE12DE46AA224711BEE55FB851A907944E703160504F9097
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......@....|...|...|.......|.......|.......|..V....|..V..'|..V..~|....t..|....d..|...|...}......?|.......|.......|...|`..|.......|..Rich.|..........................PE..L...K/.\.........."!.........b......@........................................ ......^i....@..........................L.......M...................................S......p...............................@............................................text...b........................... ..`.rdata..............................@..@.data....7...`...$...H..............@....rsrc................l..............@..@.reloc...S.......T..................@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\AdvancedInstaller.com

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (console) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):173728
      Entropy (8bit):6.597059898779642
      Encrypted:false
      SSDEEP:
      MD5:5AC3491789D6E694F40D7B6B81C6F398
      SHA1:CE60C1D37A65C159AF27C03091E5281C5EB95ADF
      SHA-256:BC855002943B45F24E84FDBA570D9DBDEB8B9181F2484B2021CDA340E90E67FE
      SHA-512:ADEFC3A1264FE16F9F5B3F44EEEF3B0736D4620F229B532B63C2A56281FFA0860DA6EA68BB60ACA8BC9568713A37974D421306899AD6D0360A004EFF58418117
      Malicious:true
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........A.f. .5. .5. .5.F.4. .5.F.4? .5.F.4. .5.H.4. .5.H.4. .5.H.4. .5.F.4. .5. .5. .55I.4. .55I[5. .55I.4. .5Rich. .5........................PE..L....(.\.........."..................T............@.......................................@.................................,m..(.......@............................Y..p....................Z.......Z..@...............d............................text............................... ..`.rdata..............................@..@.data...@............^..............@....rsrc...@............j..............@..@.reloc...............r..............@..B................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Advinst-comproxystub.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):94720
      Entropy (8bit):6.21978690244203
      Encrypted:false
      SSDEEP:
      MD5:C89467103DEED2227B69F3E3E2F73F42
      SHA1:548748F6A1CBEDA9BDEADB5E55C925DBE9DEF19E
      SHA-256:62065ECDF3A6E73C1C2492C689287684E943C883720CE23E833452A46BD2B002
      SHA-512:9FE8726F2949A050FA8BF25A1AF7DB30CDB5F332D7ACEBAA00CC2A28AEBD86042DA1FA514708F058EAD0F4587F806E2EC89A70B34DD10A691BFD1B05297801C7
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........l._s.C_s.C_s.C:..BUs.C:..B.s.C...BCs.C...BPs.C...BNs.C:..BKs.C:..BVs.C_s.C6s.C...B[s.C...B^s.C...C^s.C_s.C^s.C...B^s.CRich_s.C................PE..L....).\.........."!................`.....................................................@.........................PT......$U..d.......`............................L..p............................L..@...............p............................text.............................. ..`.orpc............................... ..`.rdata..:}.......~..................@..@.data........`.......B..............@....rsrc...`............V..............@..@.reloc...............\..............@..B................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\BugReporter.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):452768
      Entropy (8bit):6.035938589112031
      Encrypted:false
      SSDEEP:
      MD5:C3260ECDEDD7D7049186291D091B8A70
      SHA1:0A580D0632AA25E24728DB93909BE82CFA49A344
      SHA-256:D6B7FCF517AA23E56A972E1AB0E0FA54D3E5DBB8873A40E2EAA91910CBEB2E2F
      SHA-512:E8B7E8B5F99F3F064E2F8450623ADF8327BEBB1845A21D5E08C86F2BFB5457ABCE30E2B10321612010592CB47AD478261974005109229E3E5045544C674A3995
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......U....~...~...~....]..~...._..~....^..~..C....~..C...3~..C...[~..../..~....?..~...~...~.......~....S..~...~;..~.......~..Rich.~..................PE..L...v+.\.........."..........L....................@.......................... .......X....@.......................................... .........................04......p...............................@...............t............................text............................... ..`.rdata...@.......B..................@..@.data.... ..........................@....rsrc....... ......................@..@.reloc..04.......6..................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\ComExtractor.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (console) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):574112
      Entropy (8bit):6.427236844935848
      Encrypted:false
      SSDEEP:
      MD5:DFC1DD587FE68B0A33189020B7BC5618
      SHA1:015B258FF32AFD86D0B599874BFD759DFF587BAC
      SHA-256:5A64A56A1233C7358E8BC10D4DC47AD79C42A2B86FAF5C0B9099436C46F5F331
      SHA-512:2DFA1A7BF4FED33B6F6A32F77B0F1DA4C841F92E2BBBBF0000F4353990A6F15C6579D62FCD275D1B628590E4DAEB56998DFDAE07116952E8FE67C532EB40A3CD
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......6..Jr...r...r.......|.......... ...d... ...Q... ...>.......p...{.y.p.......e.......S...r...L.......(.......s...r.}.s.......s...Richr...........................PE..L...3-.\.........."......V...b...............p....@.................................A.....@..................................7..................................8T......p...............................@............p..h............................text....T.......V.................. ..`.rdata.......p.......Z..............@..@.data....%...P.......4..............@....rsrc................F..............@..@.reloc..8T.......V...R..............@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\ConflictsDetector.VisualElementsManifest.xml

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):252
      Entropy (8bit):5.287350882109482
      Encrypted:false
      SSDEEP:
      MD5:BCF3B44F1BB63EE4D851E7E447D4122D
      SHA1:22C39F88BCA33353AC57C83F8CD144E5A99A4441
      SHA-256:1CF413E8A073162DFB9EA5E82230949BB52C66B19E591A5CE18DFA36B4676838
      SHA-512:AEE62B9C7A5FB494D19F163C27AEC1C849AE074E67E8607E8401D26DA9B127B55E0A1E05D244764601A065E1DAF59635376F876B91215DD545B1457584EB9C41
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<Application xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">.. <VisualElements BackgroundColor="System default" ForegroundText="light" ShowNameOnSquare150x150Logo="on"/>..</Application>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\ConflictsDetector.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):1751200
      Entropy (8bit):5.855695465201879
      Encrypted:false
      SSDEEP:
      MD5:EB3BB8D2A7D9C45552EEC86DDDFE3DAC
      SHA1:FAD2BCDB1BBCF139DA32734E440DEC362C15DF1C
      SHA-256:47362FA07955B50785F07CE004F9EF1BAD7360BF3736DF45EFD1413F97FD4209
      SHA-512:43FAF2ACEFFAA9C8FFC6B6D35054E84CF5B4FB010DAFB32838B2DABCE0C3C4180D2CCF47DF4B3AAD2F90CF8A73E6A3759FE2513BE2C85DB96AAFFA492C8E7EDD
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......nY..*8..*8..*8..O^..88..O^...8..xP..28..xP...8..xP...8...Q..(8..#@,.(8..O^..+8..O^..18..O^...8..*8...:...Q..T8...Q@.+8..*8(.+8...Q..+8..Rich*8..................PE..L....+.\.........."..............................@.................................v.....@..................................h..|................................... ...p...................0...........@............................................text............................... ..`.rdata..............................@..@.data...pf.......J...t..............@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\IIsInspector.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):943776
      Entropy (8bit):6.510594347752673
      Encrypted:false
      SSDEEP:
      MD5:1F2566590B23DF375F746FA3D37E999C
      SHA1:B78D6A25875B3F664C2AAEEDCE3190C489CA8258
      SHA-256:805E295E62C9492E8345B9B0B025098C7E573C9344D6A82F6E3FE53669A28D90
      SHA-512:BAC9E6EA9238E98DF4CDA22269B289681844B9414CC81B3B06A9AC8E34BB02E960F98B4B8BE6395E3CB05D1CEF707273BF9D62B981F75AF0C25E3BEC08D3AB46
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......[................%]......%_......%^.....M......M..<..........M..P.....(......./.......?.>..............D.....S.......;............Rich....................PE..L....+.\.........."..................p............@.................................PP....@.....................................@.... .. ............L..................p................... .......`...@...............p.......@....................text....~.......................... ..`.rdata..XE.......F..................@..@.data...D>.......(..................@....rsrc... .... ......................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\LZMA.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (console) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):412832
      Entropy (8bit):6.479716526232947
      Encrypted:false
      SSDEEP:
      MD5:B00A9AC5E76F378F11101C22904BB3DD
      SHA1:788F205AFBB61CAE88F3668AA73F7893F0154834
      SHA-256:89251E5B4559A1F5C0CFA73D59525213FFCCB1E63BFFD1DDD817EC4B01166315
      SHA-512:B13BD1E447C4176BA40AF1FFF43FACCA0F27854BDDAF58E6D88B6BF312CD151A830DC1B161030E7BF624D5CF3885BA53F1FCE25B02C60010E713FB81E1B71EB3
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........Hf..)...)...)...O...)...O..g)...A...)...A...)...A...)..\@...)...Q...)...O...)...O...)...)..&)..\@...)..\@...)...)...)..\@...)..Rich.)..................PE..L... ,.\.........."......n...........Z............@..........................p......w.....@.................................<........ .. ............2.......0...>...v..p....................x......`w..@............................................text....m.......n.................. ..`.rdata...h.......j...r..............@..@.data...p#..........................@....rsrc... .... ......................@..@.reloc...>...0...@..................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Repackager.VisualElementsManifest.xml

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):252
      Entropy (8bit):5.287350882109482
      Encrypted:false
      SSDEEP:
      MD5:E4776DE80D05DB010D0B581AB44C4C73
      SHA1:6A36F9EEC1939DE15D29678053A1A2E5E06CBD2F
      SHA-256:F50083989DDA899DE33C2575B90BB01025693AE9C30504D9051CA42E4BC1F7AE
      SHA-512:F81D6854046686ECA1AC828521038C14D0B51C18000FBF3DBF7391BCF42C86EC64B2F9C38D5DABD694462C242678507B9A75503E533883558E94F60C13D284C7
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<Application xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">.. <VisualElements ShowNameOnSquare150x150Logo="on" BackgroundColor="System default" ForegroundText="light"/>..</Application>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Repackager.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):6135456
      Entropy (8bit):6.120064302753316
      Encrypted:false
      SSDEEP:
      MD5:5C822B3ADC1311CF2E4943BA7296A3CF
      SHA1:090169DDF90C10F7D7C2080AF2B04893A5531A8F
      SHA-256:9FBE9ABFD83B43F3815054B62D9AD79FAF1B20768FEC66F842BF87229256C670
      SHA-512:1EC7E19E43C5B0D004956CEEE862F85A907933D252769DC6C3137E96D8EAD112AC20237422263AADFE7AB305EC7851B49ED94C4BD49C46E5D2835AC3F5382ACD
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$........\M.=#..=#..=#..[ ..=#..[&.I=#..U ..=#..U'..=#..T"..=#..E...=#..U&..=#..[%..=#..[$..=#..['..=#..["..=#..=".!>#..T*..?#..T..=#..=...=#..T!..=#.Rich.=#.........................PE..L....,.\.........."......:2...+.....gQ&......P2...@..........................0^......g^...@.................................,.S.......U...............]......PW.8....5K.p....................5K.......2.@............P2..... .S......................text...|82......:2................. ..`.rdata...}!..P2..~!..>2.............@..@.data... .....S..(....S.............@....rsrc.........U.......T.............@..@.reloc..8....PW.......V.............@..B........................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\RepackagerCLI.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):4179616
      Entropy (8bit):5.98770450198845
      Encrypted:false
      SSDEEP:
      MD5:F449AB5A3498C85ABD5A7EC6ABF2D7C3
      SHA1:F734E48243C2FF11FACFAAFE57198778237E4550
      SHA-256:DE87094D93FF97080BFE99A9323053F76A0FE9B272D0BD914C0D04164C8F804A
      SHA-512:10E0DF5F562E3414190CE2A9640A81A489904A3BA8F120935B364861AABE668FEBD74670C90E57EBC16F694D570A046F387040F3F78F0534F707F5C603CACE4A
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......k..B/.h./.h./.h..Q..=.h..Q....h..Q..1.h.}.k.6.h.}.l...h.}.m...h.&...$.h.&.....h./.i...h...a...h.......h./.....h...j...h.Rich/.h.........................PE..L...`,.\.........."..........($...................@...........................@.....e.@...@...................................7.|.....8...............?.......:..L..p.3.p.....................3.........@...............H...0.7......................text...<........................... ..`.rdata...I.......J..................@..@.data........ 8.......8.............@....rsrc.........8.......8.............@..@.reloc...L....:..N...^:.............@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\SciLexer.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):586240
      Entropy (8bit):6.637653396233086
      Encrypted:false
      SSDEEP:
      MD5:F6BA6B42BCE54D7E12D72A8A185032CB
      SHA1:8F2147C5AC88AD7113B9DFCC3EE54690E6CFDB5C
      SHA-256:67626E904AAC8BCD674959669FB1FB926DCA40FC237B39CD27DDBFBE2B5F051F
      SHA-512:C4369F630BACF3F83E1EB6C6F9F27732D93AECC497C0E2115DA13DA4EBB060008B3B2DEDC1AA49758A958C4BB36EEE879D30FD9AB78CE7F4F8D5E22131A61AC8
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......O.x$...w...w...wn..v...wn..v...wY..v(..wY..v...wY..v...wn..v...wn..v...w...w..w...vW..w...v...w...w...w...w...w...v...wRich...w................PE..L....(.\.........."!.........4......&........................................0............@.............................\.......x.......8........................D..Pp..p............................p..@...............4............................text............................... ..`.rdata..............................@..@.data.... ..........................@....rsrc...8...........................@..@.reloc...D.......F..................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\TweakAppV.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (console) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):1060000
      Entropy (8bit):6.199191766449188
      Encrypted:false
      SSDEEP:
      MD5:3E5BD47069914D05E86886EF5322C521
      SHA1:C400BC238F3CDEE3E90113C6A167E33D523DEB11
      SHA-256:3FF18E3C6753BF3A8F374EF0C3719A9B9E6EE3EC1537F4C76C395DE7D8E00DA0
      SHA-512:BE5E23E1913AE6AE09C509D7AB709C9D748D134DF425EE0F7A3BD7E2569386F7BC3AE201CD97A947298DA80C40EAADC468ECF22A8EFA70F5D6C99C23A990B21E
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$..........>.vfm.vfm.vfm..el.vfm..cluvfm..el.vfmt.m.vfm..bl.vfm..cl.vfmV.bl.vfmV.el.vfm...m.vfm..bl.vfm..gl.vfm.vgm.vfmV.ol.vfmV..m.vfm.v.m.vfmV.dl.vfmRich.vfm................PE..L...t-.\.........."..........X......s.............@..........................`......Rd....@..................................A...........C.......................t..0X..p...................@Y.......X..@...............<............................text...G........................... ..`.rdata..Fs.......t..................@..@.data....)...`.......@..............@....rsrc....C.......D...X..............@..@.reloc...t.......v..................@..B................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\Updater-comproxystub.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):88224
      Entropy (8bit):6.447225702240213
      Encrypted:false
      SSDEEP:
      MD5:966F1DA0088525AF780AEDB37556D8F2
      SHA1:E93351C891300E33795EABD7A68CEC951E1B9F3D
      SHA-256:26BCE389AF934662D05F9EDB5345AE64A88853C6B5EF725A42774349AE1989E4
      SHA-512:1EEC622EEADB2EC4AC3E34921A9E1C24B4785E99F86C21336A8B23AC2774B594446A30426BE14FA901B24693E1F6FB40813795CE03BF8F6583E303D108750488
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$............h..h..h..7...h..7....h..7...h......h......h......h...p.h...`.h..h...h......h......h......h..hd.h......h..Rich.h..........................PE..L...v-.\.........."!................................................................7N....@.........................P:......$;..d....p..`............>..........x....2..p........................... 3..@............................................text...K........................... ..`.orpc............................... ..`.rdata..ld.......f..................@..@.data... ....P......................@....rsrc...`....p.......(..............@..@.reloc..x...........................@..B................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\VmLauncher.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):4076704
      Entropy (8bit):5.999883921872706
      Encrypted:false
      SSDEEP:
      MD5:25BC9569CE05EB7F61C06A0F1F2F37D0
      SHA1:E59A28E5C74DE9BBF99FC4ED0BFCA88BE1954835
      SHA-256:D2DCC7143971E94F0FDBC15BD84E0CA1966B52E398672BFC1A5BFCDAC5C4E4FD
      SHA-512:A880B56A381C1757E2A8B22C011096EF6DEC9C5DC53C99EB6DBC2E9CEE79E0F6BCCAD41D757F1E9F5956B7595B5630F8C2D5C3B817E71C116DBF3774DC8D47C9
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......L.X...6...6...6......6....6......6.Z.5...6.Z.2...6.Z.3.6.......6.....!.6.......6...7...6..?.Y.6......6.......6..4...6.Rich..6.................PE..L....-.\.........."..........f".....y?............@..........................p>......E>...@.................................t.7......p8...............>.......9.h^.. b3.p....................b3......3..@...................Hy7. ....................text...v........................... ..`.rdata..............................@..@.data...<.....7.......7.............@....rsrc........p8......&8.............@..@.reloc..h^....9..`....8.............@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\advinst.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):40923296
      Entropy (8bit):6.449458664804806
      Encrypted:false
      SSDEEP:
      MD5:337275979C9CCFBEA70C036FB3E97815
      SHA1:30956C6BB193C3C47EECFD4221CFF52DF3415816
      SHA-256:AC079B9AE9DB0DF0A10078555D0E3FD4DD82E8A0ACF10B9409FD4112A88E1B9E
      SHA-512:9C7C0636DE7E93C6970C9A51DAE2C98FF2F7186DF39E2CD7E9FC2491171D2EB661D3DF41E3242CB7F64CE88E3FCDFF601D15CCD9F8FBEC19542679B9FB5FCFA3
      Malicious:false
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$............................f................I.......1.................................4.......4.%.....M....4......Rich....................PE..L...N+.\.........."......v..........K~...........@...........................x.......p...@...................................6.......O.`G...........Vp.......R...%..B..p...................PC.......m..@...............P...<.6.`....................text....u.......v.................. ..`.rdata..&`h......bh..z..............@..@.data...Dp....7..b....6.............@....rsrc...`G....O..H...>G.............@..@.reloc....%...R...%...J.............@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\advinstlicenseserver.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):1798304
      Entropy (8bit):6.474822404419298
      Encrypted:false
      SSDEEP:
      MD5:90D51E13A1EF693D4AD6C162C46E1B04
      SHA1:32CB8822DFE6FD65446BCAC3E56CACC9C2FE26E6
      SHA-256:2448A39572C11CE22A1751A2E72F798A7D1E1D525CDA6F2A659F10FDA0FB8C39
      SHA-512:72913B4E10516B9015A8B371325B3705E827CF163C376E0302EA0603B9543335AF103BED0E3A3271C548BC313A1427491FB9946D3111D972D46DA7D32038350D
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......'?..c^.Fc^.Fc^.F.8.Gq^.F.8.G.^.F16.Gz^.F16.GF^.F.7.Ga^.Fj&TFa^.F16.G.^.F.8.Gb^.F.8.Gy^.F.8.GF^.Fc^.F|\.F.7.G.^.F.78Fb^.Fc^PFa^.F.7.Gb^.FRichc^.F........PE..L....,.\.........."......$...H...............@....@.......................................@.................................xh.......................V..........4... ...p...........................8|..@............@.......e..@....................text....#.......$.................. ..`.rdata...M...@...N...(..............@..@.data....S.......:...v..............@....rsrc...............................@..@.reloc..4...........................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\advinstlicenseservercli.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (console) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):730272
      Entropy (8bit):6.299559302174855
      Encrypted:false
      SSDEEP:
      MD5:E4FE58F20D5B979F61D6D552F40EF02E
      SHA1:F6F9142216C06CE014C9B4A4A7853DFE03174EE8
      SHA-256:2759FBC18F6ECC9CF4A1A8E9194754AEF305D7A4CC103A8263D6C4489A83228E
      SHA-512:81E40C92B94D810D4D1CA22639B5B1A690CC528AABF38F8EF19602C739D8E716027CD20E7EB828AE0AC6EBF13A460079A9377250D93FB208D34B9A3A2BF5437F
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........>.._.._.._...9.._...9..._...7.._...7.._...7..._..'6._...9.._...9.._.._..@_..(6..._..(6Z._.._2._..(6.._..Rich._..................PE..L....,.\.........."......\..........[........p....@..........................P.......c....@..........................................@..........................`J...l..p....................m.......m..@............p..P............................text....[.......\.................. ..`.rdata..<....p.......`..............@..@.data....'..........................@....rsrc........@......................@..@.reloc..`J.......L..................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\dbghelp.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):1213200
      Entropy (8bit):6.38472698519676
      Encrypted:false
      SSDEEP:
      MD5:4003E34416EBD25E4C115D49DC15E1A7
      SHA1:FAF95EC65CDE5BD833CE610BB8523363310EC4AD
      SHA-256:C06430B8CB025BE506BE50A756488E1BCC3827C4F45158D93E4E3EEB98CE1E4F
      SHA-512:88F5D417377CD62BDE417640A79B6AC493E80F0C8B1F63A99378A2A67695EF8E4A541CEDB91ACFA296ED608E821FEE466983806F0D082ED2E74B0CD93EB4FB84
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........v...%...%...%m.Q%...%m.P%...%..d%...%...%5..%..f%...%..a%...%..Q%...%..P%...%...%...%..`%...%..g%...%Rich...%........PE..L....4gK...........!.....(...................@............................................@.........................P!..c.......<....................h....... ..........................................@.......................`....................text....'.......(.................. ..`.data........@...H...,..............@....rsrc................t..............@..@.reloc..n.... .......x..............@..B........................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\digisign.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (console) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):296608
      Entropy (8bit):6.543389116775287
      Encrypted:false
      SSDEEP:
      MD5:42624985183F8E7EF9F6CBD21EE1D45F
      SHA1:4E7D0CB7F3B28FA77AD6433A4A51EC6DA98B04C2
      SHA-256:D4BA40D54C01061EFF2C65F4D5981616F83AF3F116F15EF767CE143AC18B112D
      SHA-512:FDFC42A6002D2DDD7E3F92A074B4A62D78C5A121C677A683AC0915B4F9CB30623693BC6711811685719E73827140D92996BC7C68FE3ABCD0C14402ED5474C737
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......C.N............b.......b.......b.......U.......U...B...U...$...b.................................j.............Rich....................PE..L....+.\.........."..........~......J.............@.......................................@.....................................P....`...............l...........)......p...........................`...@............................................text...{........................... ..`.rdata..f...........................@..@.data...` ...0......................@....rsrc........`.......,..............@..@.reloc...).......*...B..............@..B................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\embeddeduiproxy.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):15008
      Entropy (8bit):6.473794173964701
      Encrypted:false
      SSDEEP:
      MD5:75EB5538BC26DD96F48EC7301E773E35
      SHA1:874EA9B152E1DDE2C3C717C13C6CBA2F71C8C357
      SHA-256:9FA08A7C7A3E63314C868FB6539243A6BC3A10968BC3361D514C136772D3F093
      SHA-512:9EA49AAC4493BBCD39F32EB1684B3FAA3289139CA71B695CF6F2D2105D49AEBCEC3977ABD88E35E176A40713D69CC2FB903E463A228D9B3B1D0DE32C0D4A741B
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m:..)[.})[.})[.} #.}"[.})[.}.[.}.2.|/[.}.2.|([.}.2c}([.})[.}([.}.2.|([.}Rich)[.}................PE..L......\.........."!......................... ...............................`.......^....@..........................!.......#..P....@..@............ .......P......@!..p............................................ ..p............................text............................... ..`.rdata..4.... ......................@..@.data........0......................@....rsrc...@....@......................@..@.reloc.......P......................@..B........................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\encoder.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):282784
      Entropy (8bit):6.521607485165548
      Encrypted:false
      SSDEEP:
      MD5:3C291A9D029B144DC84C9B19E06EDB54
      SHA1:D15C06803D06A630EECE8D693854B003403245B5
      SHA-256:9767797E82FE5B70D6670008DFD32323ABA001EDA823F176AA152D551654E130
      SHA-512:97F532949A53FE2DC8D81B0C975F8D94D80989D4484D7E1DB0AB7908192ECE4AFE7BCF3A5CDD4237E907B2AFE212859B8D1C132C0CC992CE6A6274B599B19A51
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$...........S..S..S...Ko.Y...Km.....Kl.K......\......@......r..Z...R..Z...T..S..............R...a.R..S...R.....R..RichS..........................PE..L....,.\.........."!.....H...6.......k.......`............................................@.....................................P....p.. ............6...........+......p........................... ...@............`...............................text....G.......H.................. ..`.rdata..h....`.......L..............@..@.data....W..........................@....rsrc... ....p......................@..@.reloc...+.......,..................@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\expatai.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):182272
      Entropy (8bit):6.484086143059179
      Encrypted:false
      SSDEEP:
      MD5:59AC35D48749E6C61ED7D8FFF7FF5D22
      SHA1:2F08A1EDC8B5D9449A90E6D476D3AB19147739F8
      SHA-256:DF240D12C5D6B68A696485980A7C4ECB742B666EFB60380E78812BE2B5D0BBD9
      SHA-512:63663B8938785A313EAC16EBA79C244D50B4A5237B3FFD2774815725502A4427976A430587A041BA6441FFAC61CAEDF8EA4B6458CE050AB0CCFFE9AE8F36189C
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........tB..'B..'B..''..&H..''..&..''..&P..'...&_..'...&M..'...&Q..''..&A..'B..'...'...&A..'...&C..'..#'C..'...&C..'RichB..'........PE..L...~-.\.........."!................@o....... ............................................@.....................................(...............................|!..P...p...............................@............ ...............................text............................... ..`.rdata..r.... ......................@..@.data...............................@....rsrc...............................@..@.reloc..|!......."..................@..B........................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\gameratings.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):263328
      Entropy (8bit):7.756689279722645
      Encrypted:false
      SSDEEP:
      MD5:1F970EE413F5B7C8A641D35B0A58E2A9
      SHA1:8348C58BCFC4909288338CA75C65B3271E34C937
      SHA-256:9E655D57D0CF130267B07C8FDAB9BBC79C12749E2533A5C5B6B2A57F2750C400
      SHA-512:AD243245A5AC1876D74610036DB4D7DF1E632A213C96FE5A9F66C426E823EDD505C1404851F5503E52A39AEFF7196BF7BA43FE2F98CDFB990361E73AC39CDF25
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......=...y..y..y.....x..y...x....x..Richy..........PE..L....(.\.........."!................................................................09....@.......................................... ..4...............................p............................................................................rdata..............................@..@.rsrc........ ......................@..@.....(.\........J...p...p........(.\.........................(.\........T................(.\....................RSDS0\.....N...n.C.....C:\JobRelease\win\Release\bin\x86\gameratings.pdb.......................GCTL....p....rdata..p........rdata$zzzdbg.... .......rsrc$01.....1..(....rsrc$02........................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\intune.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):1019040
      Entropy (8bit):6.509357848794324
      Encrypted:false
      SSDEEP:
      MD5:3E9B39C69E0053896C19AF1F1324BE17
      SHA1:4C701778B833B79F043BFEC45DE7365869BB46BE
      SHA-256:1A24EF8DF44EF2D002CC7AFD86DAC33A5ABF4F5E84A43025D81DE40E803E6E78
      SHA-512:97FB4857C1A088F7C6756965D1EFA15FB411DDCD44960A25D6C5C4337C3B3DC2E7FD822905710C1FB9881607828171E53469AC73E62FB29A5DA3547A7A069AFB
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......[.5i..[:..[:..[:z.X;..[:z.^;..[:M.X;..[:M._;:.[:...:..[:M.^;..[:z.\;..[:z._;..[:z.Z;..[:..Z:..[:..R;..[:...:..[:...:..[:..Y;..[:Rich..[:........................PE..L....+.\..........".................I.............@.................................._....@..................................e..,....................r..............+..p...................`,......p...@....................a..`....................text...p........................... ..`.rdata..f...........................@..@.data...@Y.......>...v..............@....rsrc...............................@..@.reloc.............................@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\registryTracer32.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):413184
      Entropy (8bit):6.546424136153638
      Encrypted:false
      SSDEEP:
      MD5:44087598E41408234EA3E6972D72D693
      SHA1:84BE511E0775D5A3BAAD1A0727CF7B107CC151CA
      SHA-256:1F1E483766776786E968079B4A63E73B0A0ADC480C3BBA980179C5DAC43C383C
      SHA-512:4672DC938C6609ED540D52D3706BF454DE93CAC66F2D2A8D02769CBB865C3C1BD250E7B56327EAB57D505A504ED7C5EFB5B3A4D7E61048E9A7FC8A8C342A2D58
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 4%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......J.....l...l...l.k.o...l.k.i...l.\.o...l.\.h...l.\.i.L.l.......l.k.h...l.k.m...l...m..l...e.8.l...l...l.......l...n...l.Rich..l.................PE..L...--.\.........."!.................Z....................................................@.........................0...........x....`.......................p...?..p...p...............................@............................................text.............................. ..`.rdata...U.......V..................@..@.data....!..........................@....detourc.....0......................@..@.detourd.....P......................@....rsrc........`......................@..@.reloc...?...p...@..................@..B........................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\sccm.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):2239648
      Entropy (8bit):5.826112203254421
      Encrypted:false
      SSDEEP:
      MD5:E80341BF03BA95C5690C72B1DC51E4CC
      SHA1:1BEE8EF0D53D3ED21F9FC4D01B95F63331E3B648
      SHA-256:1D3D8EC661CAF9A2CD33483F0B88A8E51CDA7E26D9043941A396FF72116480F7
      SHA-512:FACBA64709ED284104EBF8A216B537DBD9DF718539BEF67591EE3315ED64DED84D3AB05FF3593871EB3527AC4E9A0FB513D2C9D7AAE0315F54C8A1B39C357349
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$.........z.......................\........................q................k...............................q...O...q...............q.......Rich....................PE..L....-.\.........."......x..........97............@..........................`".......#...@.................................(Z..h.......@............."...... !..<..0...p...............................@....................T.......................text....v.......x.................. ..`.rdata..R............|..............@..@.data............b...l..............@....rsrc...@...........................@..@.reloc...<... !..>.... .............@..B................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\uires.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):11831456
      Entropy (8bit):4.362441903954527
      Encrypted:false
      SSDEEP:
      MD5:737607EC2C66ED82E444E667220D08B3
      SHA1:74318B2136340A09FDB653CAEDD5112434694910
      SHA-256:5EEC21186657DD661F888E0704489BBA8F2B79243DF1F5E16B1A6737D9EEF64A
      SHA-512:86083DE63AE9CEBDDB899D7C926F44D4988900D31B43033740A7EAD342933DEEE58001FEEEDED515ACA672787ABF2D8C516CEAC06F2561FCD1E44AEF8F4E354B
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......=...y..y..y...=.x..y.U.}.....x..Richy..........PE..L....-.\.........."!.........l.......................................................!....@.......................................... ...h..............................p............................................................................rdata..............................@..@.rsrc....j... ...j..................@..@.....-.\........D...p...p........-.\.........................-.\........T................-.\....................RSDS/hD....L.].....(....C:\JobRelease\win\Release\bin\x86\uires.pdb.....................GCTL....p....rdata..p........rdata$zzzdbg.... ..@b...rsrc$01....@....O...rsrc$02................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\updater.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):900768
      Entropy (8bit):6.428355493987848
      Encrypted:false
      SSDEEP:
      MD5:E5519B0CF8A30313F46A6B95CE60631C
      SHA1:C18DEF581DA405995490245B140D5C5353EDAB21
      SHA-256:B1247E7B85CB4283F9C4C008EC3BC94DC7EB7F40D2AFBF9AF88A692D3734216B
      SHA-512:E95BB8708FD6F1698BFDBA10ED5657A0DF7ABC38EAE1C8170DA3B7EA453833D815A5AD78E0C9A1A4E4DC3384D2DCA493EEC987114C27FC9105406BE540309FA4
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........DA..*...*...*.4.....*.4.....*.4.....*...)...*.......*.../..*.......*.......*...+.'.*...#..*.......*...(...*.Rich..*.........................PE..L...|-.\..........".................>.............@.......................................@..........................................p.......................P..........p................... ...........@............................................text............................... ..`.rdata..............................@..@.data....(...@.......(..............@....rsrc........p.......:..............@..@.reloc.......P......................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\vectorimageprocessor.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):474624
      Entropy (8bit):6.559128584723448
      Encrypted:false
      SSDEEP:
      MD5:636AA6BE04CB8C5A6B10371B8465D8BE
      SHA1:D7A9D8F8A07393C50DAFF1CADA985DED25223C0B
      SHA-256:AA4DA3B14795DBD5366D91B9A06B3789DB6477CB877FD1FB8400D330A246526D
      SHA-512:F4DD9127D2A894F3C8508654382D593676B3D6D0FB5008214F4284EE03FE68F7A5DA67B1B89500566BE69D0B3D5C02187E28793A0639B8F51E3138C66100107B
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........*.k.y.k.y.k.y...x.k.y...x7k.y...x.k.y...x.k.y...x.k.y...x.k.y...x.k.y...y.k.y.k.y.j.y...x.k.y...x.k.y..my.k.y...x.k.yRich.k.y........................PE..L....).\.........."!.........f............................................................@..........................................0.......................@...R...A..p....................B.......A..@...............p............................text...b........................... ..`.rdata..p...........................@..@.data....A.......$..................@....rsrc........0......................@..@.reloc...R...@...T..................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\bin\x86\zlibai.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):169472
      Entropy (8bit):6.640961096435022
      Encrypted:false
      SSDEEP:
      MD5:B244ACEE6D18207F815B491EEA0CF604
      SHA1:0456F664E2405C853A2434C80F09EF9195A0F0E7
      SHA-256:488E5D7905C1DD7CDB5EBF999178CF592B536576AA9EEE44CAAF1D85E5F8780E
      SHA-512:05BC23466073060BDF09468F577563B5399923ACA3D16D7EF1A78CCCC8C5E3934BE5D3BDE2F64087C2E0F4FB7F4628CD76170BE92CE3F137B9679DEAD7847F7B
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.............m...m...m...n...m...h.U.m...i...m...h...m...i...m...n...m...l...m...l...m.[.n...m.[.e...m.[.m...m.[.....m.......m.[.o...m.Rich..m.........PE..L....-.\.........."!......................................................................@.........................pv......t|..(.......P...........................@m..p............................m..@............................................text............................... ..`.rdata..............................@..@.data................t..............@....rsrc...P............~..............@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\AppvPackagePublisher.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):229536
      Entropy (8bit):6.190380348161703
      Encrypted:false
      SSDEEP:
      MD5:B2CCBCA09A2A49F8FFEA590F647A440E
      SHA1:407FF3A9C2E4F6220CDF2C1577A42F40AA0CD545
      SHA-256:A4ED3D39963234E8F9A33458635F13D3EB62CE6F7A0D6557F5486053BE4BC4AB
      SHA-512:6A038D13FCF425189B72F164A7CCCA08C2514439B02BD2882B10BFF287CB002B7493EDCF1705430917E94D7EC6D0D45104B0F121E7249901242C2CE5AECD0F19
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................M...........................M..F.....F....F.;....S...F....Rich..................PE..d....-.\.........." .....................................................................`.........................................@7.......8.......................f..............p...p.......................(.......................p............................text...4........................... ..`.rdata..4S.......T..................@..@.data....%...P.......*..............@....pdata...............8..............@..@.rsrc................T..............@..@.reloc...............Z..............@..B................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\CPLApplet.cpl

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):350720
      Entropy (8bit):6.1281537106766395
      Encrypted:false
      SSDEEP:
      MD5:6BB2335AEBE11F6B966D8D9C6B38F45E
      SHA1:5B46725611FF192C6E67A4304176138BBD48D9CA
      SHA-256:5D1E42291D17AB5A0D37133B6607F0B3A04911A1BC9B5B94461E88928A0E0E1D
      SHA-512:5D14FDADE3EE78657E80219BDDD3190EF304207FA73C5CBC84C37305905FD199E199C4EBD86D58991AFEAB5F69D1363FA80C8347DFC9F29D0423C533C391CD6B
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......;T.^.5...5...5.....u5......5.....f5..-]..v5..-].._5..-]..F5..vMc.p5...5...5...\..^5...\..~5...\..~5...\..~5..Rich.5..........PE..d....-.\.........." .....0...J............................................................`......................................... ...........x.......@....P...)..............L....s..p...........................@t...............@...............................text..../.......0.................. ..`.rdata..&....@.......4..............@..@.data....1..........................@....pdata...)...P...*..................@..@.rsrc...@............<..............@..@.reloc..L............N..............@..B................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SQL.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):1099936
      Entropy (8bit):6.166510892467844
      Encrypted:false
      SSDEEP:
      MD5:6B649F807939BD96328C57B0B3F82BD1
      SHA1:4F6FA57F39438B6D4C97D8BC3A0B6974DBEE5A0C
      SHA-256:B79DDDB40F25844AD4693B7D4D1ABBCBFF9CAAAD7DA0C16C1186C6CE55DFBB7F
      SHA-512:BFF66BEF0C2DB6FC42FA30ECFA8621AD6F536D6D492F2142494992D6DFE469678E75A4D135485DC6E54C303B493A8433B5F4C7752E2B2738F255C1C16188DC92
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......]..Z.............g$......g&......g'.....K.......K...:...K...d.....V.......F.........^.......^.............*.......B.............Rich....................PE..d......\.........." .....<..........t...............................................D.....`..................................................................P..x...............p...PJ..p............................J...............P..(............................text....:.......<.................. ..`.rdata..p....P.......@..............@..@.data....W.......6..................@....pdata..x....P......................@..@.rsrc...............................@..@.reloc..p...........................@..B........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SecureProp.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):182944
      Entropy (8bit):6.057461092554826
      Encrypted:false
      SSDEEP:
      MD5:9F7DBEE8B1FF14A4C1A986DA00C83869
      SHA1:0CDB8C44DE10E64BD915B5E6F942DBF333582791
      SHA-256:FB45F3EE86FD0C5208D4BE95478FE8C2AD529E04E3B11B1ABF94797FED19DEE6
      SHA-512:95E5E82849AA72E61D89D7CDB3DF2C23805B7D3F897CFA02ED2F0B89DA922F1D2D101B31C84EB2415F2EA9EDF8EDA646467AA08CD11341FDF20C87F1781ECAD5
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........knU............+.......+.......+........b.......b.......b.......r...............c.......c.......c...............c......Rich............PE..d......\.........." .....H...~......Lk....................................................`.....................................................P.......p.......$....................Y..p...........................pY...............`...............................text....G.......H.................. ..`.rdata..L....`...0...L..............@..@.data...L$...........|..............@....pdata..$...........................@..@.rsrc...p...........................@..@.reloc..............................@..B........................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\SharePoint.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):313504
      Entropy (8bit):6.191323068521658
      Encrypted:false
      SSDEEP:
      MD5:78B248704E8015D76EE6383C97DAD7B0
      SHA1:5CA93E6CBD60A72BE4DE1E21E62CCF42C06BD30A
      SHA-256:D8AD3E4373AB02688572009FD963523763AA585F42617FE67868D4FD0B2EBE7B
      SHA-512:0BE724F26180F2FFFC8DD5785F42397E91B4B467CA4D3136DD25D6C7A77D0144F42A1991C12BA1C02311D695FBDD67311E3DC4000EDDDD40D464CF1A2F827BD9
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........nDI..*...*...*.......*.....5.*.......*..g)...*..g....*..g/...*..w....*...+...*.4f#...*.4f*...*.4f....*.......*.4f(...*.Rich..*.........PE..d...y..\.........." .................F...............................................y....`..........................................q.......r..x.......p.......\...............\.......p....................................................p..@....................text...D........................... ..`.rdata..............................@..@.data....*...........j..............@....pdata..\........ ...|..............@..@.rsrc...p...........................@..@.reloc..\...........................@..B........................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\defaultPrograms.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):244896
      Entropy (8bit):6.186958504348935
      Encrypted:false
      SSDEEP:
      MD5:2D4E08828ED0E63AA1FED393B2CBEAF1
      SHA1:FE68CAD60B6549BB7BBE9DE710574AD9EC5EEE7B
      SHA-256:07F7640B92C2DCA524B09F6295B518DF02521BF87FD7171E457E2526D4511754
      SHA-512:8F1C11F00BBF640247F4BBAE426FD72EC6B9CDDD5AEF72F25C62765EF3C7E9EA176CE989D3799EBA669C118CF9480CC1EEAD69E101F490BED41BDD0ED442D745
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......D..n...=...=...=e.<...=e.<...=R.<...=R.<>..=R.<...=e.<...=e.<...=...=...=..<...=..<...=..o=...=...=...=..<...=Rich...=................PE..d....-.\.........." ................8.....................................................`..........................................d.......e..................<...............4... #..p....................$..(....#...............................................text...D........................... ..`.rdata...a.......b..................@..@.data...|'...........f..............@....pdata..<............t..............@..@.rsrc...............................@..@.reloc..4...........................@..B................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\dotNetCustAct.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):167584
      Entropy (8bit):6.215919290671071
      Encrypted:false
      SSDEEP:
      MD5:A579E581580FFB96BCB7258EECACAD06
      SHA1:F46E67664562DF0F231D834767ACBABE4827EE95
      SHA-256:317E259D3474A796A48AA321D9D0B9313B522F5F453181C664C3AD82AA33A43B
      SHA-512:AAB440111C08E9B402813E74BEF5FF2F48D498E17C1327D90262A8BFACF11786D629A9F82F679FB33FC73C68465BB515A3DD5540A032D04834C32F627C32F911
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......#..)g..zg..zg..z..&zb..z..$z...z..%zj..z5..{w..z5..{o..z5..{M..zn.Dzj..zg..z...z...{b..z...{f..z..(zf..zg.@zf..z...{f..zRichg..z........................PE..d......\.........." .....v..........@h..............................................A0....`..........................................L..`...PM..d...............,....t...............!..p............................"...............................................text...`u.......v.................. ..`.rdata...............z..............@..@.data........`.......B..............@....pdata..,............N..............@..@.rsrc................f..............@..@.reloc...............l..............@..B........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\stdDllWrapper.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):22688
      Entropy (8bit):6.395811847242812
      Encrypted:false
      SSDEEP:
      MD5:BCA77CD96E6006E1120D5C462298F3CC
      SHA1:83AD648BE9D71CB5C6265E94CAEB51380146F364
      SHA-256:7C0F689BE6C7963B5A75F91A0F5A637A11CB8C0C9615793B9A11F4BAE99CBF98
      SHA-512:F9BA9747367FFE1FBF2024FC5EBA5407354EAC55DDBA41A4D1482C65D76005E3974E5E6AB481B535756054D151F883488F5FCFCB20FDCDDBA47F6194732F86EB
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........<C..]-A.]-A.]-A.%.A.]-A.],A.]-AD4.@.]-AD4$@.]-AD4-@.]-AD4.A.]-A.].A.]-AD4/@.]-ARich.]-A................PE..d......\.........." .....$...........................................................@....`..........................................G..l...<H..<....p.......`..<....>.......... ...0A..p............................................@...............................text....".......$.................. ..`.rdata.......@.......(..............@..@.data........P......................@....pdata..<....`.......2..............@..@.rsrc........p.......6..............@..@.reloc.. ............<..............@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x64\viewer.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32+ executable (GUI) x86-64, for MS Windows
      Category:dropped
      Size (bytes):523424
      Entropy (8bit):6.285237470194189
      Encrypted:false
      SSDEEP:
      MD5:2899558A50C97CC8635C8F74C22789F5
      SHA1:7D80755A20941052DB8BB4F6025CE0F76A986B22
      SHA-256:9A347C6741FD69035FF70687E98B204F0257F8607F147EE1E504286F63B4CA4C
      SHA-512:4AC5FF1C6D5D11C23517B7A3A020F615BE3B30FE4104E5A346384E430E8C863B7FEEF20F106F3AF1C4E0EFE27E88B43FC98AF68511209C7CA81FE7DD5FEF12B7
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........~....r..r..r.7....r.7.....r.7....r..wq..r..wv..r..ww..r.g...r.g...r.g...r..s.7.r..v{..r..v...r.....r..vp..r.Rich..r.................PE..d......\.........."......2.....................@.............................P............`.................................................Hy....... ...........:...........0..t.......p............................................P...............................text....0.......2.................. ..`.rdata...6...P...8...6..............@..@.data...dF...........n..............@....pdata...:.......<..................@..@.rsrc........ ......................@..@.reloc..t....0......................@..B........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\AppvPackagePublisher.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):191648
      Entropy (8bit):6.577236865156077
      Encrypted:false
      SSDEEP:
      MD5:E4876CE5B0373BEE19ADE28E56419768
      SHA1:6E6BA3A1D55F1AF7A5F919CD9E18D83EBB23D5CA
      SHA-256:B468CD543A505A4FF85848626631610E8103BBF27917FDE89E181D9994466A29
      SHA-512:EC7E22E0DE9BDCA6259B160D4CB2036015564D95057D0AC885794DC7A9ED91CC4212D931ABCE1C1FC8C6B9DF1F7F379EF9585ACA85F751BB477817FB4D1C000E
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........`.~...-...-...-.g.,...-.g.,...-.g.,...-.i.,...-.i.,...-.i.,...-.g.,...-...-z..-th.,...-th.,...-th.-...-..h-...-th.,...-Rich...-........PE..L....-.\.........."!.........2...........................................................@.................................p...........................................p..........................0...@............................................text...-........................... ..`.rdata..p...........................@..@.data...............................@....rsrc...............................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\CEAppMgrLauncher.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):194208
      Entropy (8bit):6.49796780240432
      Encrypted:false
      SSDEEP:
      MD5:677F3A9A0AD951922DD229DC19F6B756
      SHA1:430D4ACAED05486A0F471C604D81FF1AA8023BD7
      SHA-256:CD88CED9270BB73D708899EC9EA2D0A36FAE3ED67583EC076C1D7E974A4C7388
      SHA-512:43464449B409185668F01C07C8E1AE3508A9763115F50AAB1C7DAA42AEBF27BAA92A9D34DF791AFE3E265911A54735AE59C61BFBE487AE9B791D981D5C10A08E
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......4.;p..hp..hp..h. >hz..h. <h...h. =hh..h"..ia..h"..ib..h"..iU..hy.\hy..hp..h..h...i{..h...iq..h..0hq..hp.Xhq..h...iq..hRichp..h........................PE..L....-.\.........."!......................................................................@.....................................<....................................x..p........................... y..@...............X............................text............................... ..`.rdata.............................@..@.data...............................@....rsrc...............................@..@.reloc........... ..................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\CPLApplet.cpl

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):284672
      Entropy (8bit):6.442485525729121
      Encrypted:false
      SSDEEP:
      MD5:9998F82985D8BAF6DE5292F6BF2DE0AE
      SHA1:57DD664691E164C2E768E63930A5A92CC6392081
      SHA-256:AA64CAAA97D81A460B6C4093140813260202AF5333DB210F6D10F26562F4A927
      SHA-512:7E581BF9E6628BCF7EC33AF6736E3FF240877547C046D418463ACB7B6351F0917B0956BFC72B4D81C5A1A76BB95B80D18599C1B7A79AE3965F5DB4A29278D7D0
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......[0...Qy..Qy..Qy.....Qy.....Qy.....Qy.M9z..Qy.M9}.>Qy.M9|.(Qy..)..Qy..Qx..Qy..8p.>Qy..8y..Qy..8...Qy..8{..Qy.Rich.Qy.................PE..L....-.\.........."!......................................................................@.........................P.......,...x....P..@....................p...,......p...............................@............................................text............................... ..`.rdata...).......*..................@..@.data....$... ......................@....rsrc...@....P......................@..@.reloc...,...p.......*..............@..B................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\DataUploader.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):369824
      Entropy (8bit):6.510194277944524
      Encrypted:false
      SSDEEP:
      MD5:04BB0DE419748F669A265CF2E32FE648
      SHA1:5A3559F143288D5D542C495FA3AECFD5C0822B21
      SHA-256:A8E912F19FBA11E86109DE15622A43FFF2F621A35816E926713971D0F7C98BAD
      SHA-512:DF5DB2D6515C7BC6E086B9962E7B6D82D33C61912FBBF1E657EE4B60748A8266E013DCE8B59A22F0A416B5AEE7AC66460EBAD60F98F44F7C3E6DBCB913516BFA
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...................H.$...H.&.d..H.'.....................V......F.........j....j.....j.*......B....j.....Rich...................PE..L....-.\.........."!................s............................................... .....@.........................@,..X....,.......`..........................x8..0...p...............................@............................................text............................... ..`.rdata...k.......l..................@..@.data........@.......*..............@....rsrc........`.......:..............@..@.reloc..x8.......:...P..............@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\DotNetNativeImage.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):205472
      Entropy (8bit):6.424379254573973
      Encrypted:false
      SSDEEP:
      MD5:51C53A9880DA97E40A00DA971A4F91EB
      SHA1:529F1535511B044C4E4190EF5507E3584C647778
      SHA-256:16663DD4ED91FDE946E1FC9C2494112E0E0EEC1C95A9927E83B18FCC776986A0
      SHA-512:26C9A00C7F7D35641AD5F266E5B7B8EAAFC08E449998FA4FA146EC3A7510FC86B0F61E90E9BDD31294DCB0B3AF780E859AEA41514BCDE70DCB16ECC09FCECD2E
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........']!.F3r.F3r.F3r...r.F3r...r/F3r...r.F3r..0s.F3r..6s.F3r..7s.F3r.>.r.F3r.F2r.F3r0/:s.F3r0/3s.F3r0/.r.F3r.F.r.F3r0/1s.F3rRich.F3r................PE..L......\.........."!.........V......f........................................P............@.........................0...|.......<............................ ..p ..p...p..............................@............................................text............................... ..`.rdata..............................@..@.data...,...........................@....rsrc...............................@..@.reloc..p ... ..."..................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ExternalUICleaner.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):178848
      Entropy (8bit):6.614534209648384
      Encrypted:false
      SSDEEP:
      MD5:8BC835B1D59C19252C4B6F6BBDB957FF
      SHA1:C102A6F0D6F28C5120DBACBF4E9DC0407ADC5E10
      SHA-256:2C1625215A344CC496C88832CB640ED5D04D43BD20EF4F5DEF9D245D4837BD47
      SHA-512:D160F1D68569F8A4BCECE52599B97E4404EFC2A8B2B425858C4DD527CD969F3247E3425B81238201C7A17B443822BA6DA0ACE240FDA1ED5511ACDFDBD991B0F4
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........gX.........n'.....n'..P...n'....................................k...L......L......L............L......Rich...........PE..L......\.........."!.........&......hp...............................................4....@.....................................P...................................@h..p............................h..@...............p............................text..._........................... ..`.rdata..............................@..@.data................r..............@....rsrc................|..............@..@.reloc..............................@..B................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\FileOperations.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):490656
      Entropy (8bit):6.569447922353432
      Encrypted:false
      SSDEEP:
      MD5:3CF3943BD05C133CD9ACA17DD46B785A
      SHA1:FEECB902BA6A120615CDE8B3147A9C1E1388B884
      SHA-256:0E2D8F6CC8318CBDA42DB080DFAAF5E077410EDA88354EC281BBD5047C17BF8C
      SHA-512:DD650A7C3CBA7462A7A580B9E9C85339E0F45ABB2AE3A828063B9B2706E5A754ABA1173B9601E8882957561A432E6F5B500062DE2686C97AA3A36E21BBB5C570
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........T.#O5.pO5.pO5.p..xpA5.p..zp.5.p..{pR5.p.].qX5.p.].qn5.p.].qp5.p.\.qG5.p.\.qN5.pFM.pV5.pO5.p^4.p.\.q`5.p.\.qN5.p.\vpN5.pO5.pN5.p.\.qN5.pRichO5.p........PE..L......\.........."!.....4...8...............P......................................o.....@.............................D............@...............b.......P...E.. ...p...............................@............P...............................text....3.......4.................. ..`.rdata..8....P.......8..............@..@.data........ ......................@....rsrc........@......................@..@.reloc...E...P...F..................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\GameUX.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):378528
      Entropy (8bit):6.4871861406312625
      Encrypted:false
      SSDEEP:
      MD5:8D473DB95CDF9F989628E230F24BED88
      SHA1:206901E269DF925E1DCA17C19C39279F0BBD84BC
      SHA-256:C3D45729434409AEAD02F9A3D7D4A13D55E0CF30A8CAE9FF7BD5E42F447CBECB
      SHA-512:54539604CF3F8D4A7B454544F81BA13A3D750708C1AAA75AAD6CCC1CDD9F0502A23ABD06EFD787E7319E0A35A49F97B6346BE3D32DAE2A0A45EB090D36AF8A63
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......S.t..............$.......$.....$......E.......E...7...E...(.............................6................................Rich............................PE..L......\.........."!................`...............................................K.....@..........................b.......b..........X.......................t7......p...............................@...............(............................text...Y........................... ..`.rdata..Z}.......~..................@..@.data........p.......b..............@....rsrc...X............n..............@..@.reloc..t7.......8...t..............@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\IIsProxy.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (console) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):384512
      Entropy (8bit):6.506283793342235
      Encrypted:false
      SSDEEP:
      MD5:44BF7A1272EC2037195BBF4BEA1EF170
      SHA1:6A4815E0C1999562C168F59716ADC820943A24B5
      SHA-256:0D4D404845A5633512989206E94FAC21DE4116FE12BB94333E2067049AA698FD
      SHA-512:BFE1361269818A46B77380EA1D350F0DECD4A2BAC24C0C131945D7F8AEC46548C08BAB4A1A7B15DC2D21D88CEC653B5F44850581A6F0A0763B291FB4D7B38F90
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........N...N...N....7..\....7......7..P.......V.......h..........G.k.O...G.l.L...G.|.]...N..........g.......O...N.x.O.......O...RichN...........PE..L....+.\.........."..................3....... ....@..........................0............@..................................u..........@.......................8F......p................... ...........@............ ..X............................text...)........................... ..`.rdata...b... ...d..................@..@.data...P8.......&...j..............@....rsrc...@...........................@..@.reloc..8F.......H..................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\IniLocator.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):285344
      Entropy (8bit):6.4873634622187755
      Encrypted:false
      SSDEEP:
      MD5:14BC1E0D111AEBA277FBC327C19CA1B6
      SHA1:E4271C5983EEF722735FEED0A235B1DB3B49C345
      SHA-256:7FAE82A7C4FACF967E53DCD2D344B7555CBA4E5E5FDF47742F6C9940CA7ECD7A
      SHA-512:BB0DB29FBB96F1756D92B1E00FC9A88464EA126B931A6439262F9C72034494F658DF5D2137EA0D0A568FAB5AEC104146FA277B5B611BDF57E96F6B049BE284D2
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................J.......H.*.....I.........................(.............5.....5.....5.D.......,.....5.....Rich............................PE..L...)..\.........."!...............................................................W9....@.............................P...P...d....@..p............@.......P..H)......p...............................@............................................text............................... ..`.rdata...7.......8..................@..@.data........ ......................@....rsrc...p....@......................@..@.reloc..H)...P...*..................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\InstallTrial.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):253088
      Entropy (8bit):6.580640203166173
      Encrypted:false
      SSDEEP:
      MD5:3EAFB2DAFB712DD8061BC53F14B61349
      SHA1:C5B02286AF9CB909EF10D91EBD3D9C52B91CBAB1
      SHA-256:719EE3963BA06125ECF81858DD6BC8477F2D7465BDA067F4D133A96A4EE132DD
      SHA-512:C64818541901E5BF99846B116DB45AD8B381CA1892C28E5A586A05C092C087A07F165C7C76F49B442C80B8A3F21F456EBF4C17C0DCA523871CC9FB47BB4686D6
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........xi.S...S...S......].............N....q..E....q..r....q..i...Za..R...Za..^...S........p..G....p..R....p..R....p..R...RichS...........PE..L...J-.\.........."!.........H.......5...................................................@.............................l...|...x................................$...q..p............................q..@............................................text............................... ..`.rdata..............................@..@.data...0...........................@....rsrc...............................@..@.reloc...$.......&..................@..B................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\InstallerAnalytics.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):724128
      Entropy (8bit):6.454666543773389
      Encrypted:false
      SSDEEP:
      MD5:E37DD1E7DAB05C6B8F2A7672594135A0
      SHA1:080BD9B9D94E7DAD78A4362C9D453AFD8BFC77C1
      SHA-256:2B0408B51BC5FC76B49316BAE8181F751F24EEFABB45BEBAB6F333AE70830468
      SHA-512:12AC80910176B07B26970BF99A484554A099A78624A91B5E36FECDD3B705F04C49C221DE90F490FF03839AF85768CCEEBDAC92A9956F36E493D0A8A7DEE658E7
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........v.............J7....J7.f...J7..............................................h.......h.......h..............h.......Rich....................PE..L...7..\.........."!.....F...................`...............................@............@.................................`........`.................................p...............................@............`...............................text...HD.......F.................. ..`.rdata..Lr...`...t...J..............@..@.data...ty.......f..................@....rsrc........`.......$..............@..@.reloc..............:..............@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\NetFirewall.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):434848
      Entropy (8bit):6.503146694431758
      Encrypted:false
      SSDEEP:
      MD5:D50F337A510F6FA761BE677996724F6A
      SHA1:0F9751CECC16F7DDC3B781C2DF26FF239A180AB4
      SHA-256:ED5C7C5C17670E4481A7F6BF45A75ACDA510E5F3CB881CD9129B4F7BDE9D0A15
      SHA-512:51CE043611D9260C7BBB9E9642FA0C16574CA4DB30FF353D531250ABBFEDBE0E2A562EF5C154AEFC4A00E81F92BF4B352DDBFBC9C9D368A83D6AD9F6D69C6BA2
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......<*..xK..xK..xK....R.vK....P..K....Q.eK..*#..nK..*#..XK..*#..GK..q3 .zK..q30.wK..xK...K..."..cK..."..yK..."\.yK..xK4.yK..."..yK..RichxK..................PE..L...@..\.........."!.....................................................................@..........................8.......8.......p..x.......................\D..0...p...............................@...............<............................text.............................. ..`.rdata..h...........................@..@.data........P......................@....rsrc...x....p.......<..............@..@.reloc..\D.......F...B..............@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\PowerShellScriptLauncher.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):647328
      Entropy (8bit):6.609037098352568
      Encrypted:false
      SSDEEP:
      MD5:DD75EA2222A144BD7A536FDFC0EEF960
      SHA1:C860E19128AF1EDDA28B84CC2CED2AF496C87793
      SHA-256:CD91BC39D4265933782C86B543104B3957801C1B916B5848D2D86D589B018ACC
      SHA-512:E418896B3A28A35DAC58ACF7087E401F1AA83C89EE59178E9D593564269376D808B2029E34EA7737F59E62DDD9542D3215D74AE17488214D7561379781E741B6
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......O................o......m.....l.....Y......Y../...Y..s...............................a...................Rich............................PE..L...D..\.........."!.....R..........%........p.......................................j....@.........................@=.......=..d............................... c......p...............................@............p..T............................text....Q.......R.................. ..`.rdata.......p.......V..............@..@.data....=...P...*...2..............@....rsrc................\..............@..@.reloc.. c.......d...b..............@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\Prereq.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):580768
      Entropy (8bit):6.429051322638322
      Encrypted:false
      SSDEEP:
      MD5:688860CDC9B9987156B4EAC9DC752CEA
      SHA1:BD5F6A5F8F96BB6CFA354D88DDCEE65AB4E6C874
      SHA-256:AA54C3EDB979ECFD3090F26168203AF7ED752745558B6DA254304C95697B364F
      SHA-512:A6A2BFC27A362ABBD2EFB425F05E175C86D9260E6523B4D23FB2A4174B3B3EFAB7A2895EB1DFA3F3F1CC8F3BD62B9A041A67CDD893739A91A7A561C7B5F61439
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............q...q...q..O.U..q..O.W.iq..O.V..q.......q.......q.......q....'..q.... ..q....7..q...q...p..m....q..m....q..m.[..q...q3..q..m....q..Rich.q..........PE..L...J..\.........."!.....B...........v.......`......................................3.....@..........................]..<....^..........h........................V..`...p...............................@............`..\...|[..@....................text...)@.......B.................. ..`.rdata.......`.......F..............@..@.data...<............X..............@....rsrc...h............d..............@..@.reloc...V.......X...j..............@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\RegexProc.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):488608
      Entropy (8bit):6.590531251179427
      Encrypted:false
      SSDEEP:
      MD5:F89BA99CF811D490A171AB69C7C84738
      SHA1:6D8D508FA2FBC618BD5BBB15496EF977CEB0B921
      SHA-256:EB78BF4BB733DA9B1EC2A6FB326837CE853454DA174453B6435E120D0B814D45
      SHA-512:0F964DDE2C31270B1E1A7F27D7B63AE2E49F3639DAF97BEC657971514AE2C523445E4E4D8520D64211312264C57E9AA6DF03FEE3699A4E2454A6B2D84999C117
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........[E...E...E....s1.K....s3......s2.X.......S.......d.......~...L.S.N...E..........U......D....?.D......D...RichE...................PE..L...e..\.........."!.....J...........7.......`......................................1.....@.............................L.......<....@...............Z.......P...E..0...p...............................@............`..T............................text....I.......J.................. ..`.rdata..>....`.......N..............@..@.data....+..........................@....rsrc........@......................@..@.reloc...E...P...F..................@..B................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ResourceCleaner.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):910496
      Entropy (8bit):6.5321444980804495
      Encrypted:false
      SSDEEP:
      MD5:17DCBDFADFAA931BB42358D53A283908
      SHA1:5EAB5D8146EE32E49D626C134F6DFBD102F2EE7E
      SHA-256:29D1877B32D5D79069441F9624ACF5CC202CC5E90D45A4202B5E95D3859B4E24
      SHA-512:0A2FCC215F520B764157F1642BB7BD887F77DC4725F4B3B5B1D24EF6D361009AEAEA4261BBD66F0C9F646183F5767B6B6ACB51B9E844F3334B4F01ECE7FDCECA
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$..........R...R...R....gt.\....gv......gw.O.......D.......s...........[...S...[...A...R...^.............S....z.S...R...S......S...RichR...........................PE..L...a..\.........."!.........J.......5..............................................].....@......................... ................p............................. ...p...............................@...................\........................text...x........................... ..`.rdata..............................@..@.data....0...0....... ..............@....rsrc........p.......>..............@..@.reloc..............D..............@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SQL.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):824480
      Entropy (8bit):6.49012229053107
      Encrypted:false
      SSDEEP:
      MD5:123C42BD0B7F0A1B09B244FC7116956A
      SHA1:FD1974A35130DF107AE0895B60FE6C1A7A72A371
      SHA-256:EAB33BF37203F203B4AB511B6D9A669B27C34AC15BA7708D401F7E995CF9B14E
      SHA-512:78D5614522D35FC5C8626256582133BF697F5A43EBEB469E99AEA4448B2C07C31BF9B5C85BC281E8E7C0A5A50DECFAA66D59C256FA89251E70804B96413149E3
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........N...N...N.....I.\.....K......J.P.......V.......j.......5...G.;.O...G.+.Y...N...................O.....G.O...N./.O.......O...RichN...................PE..L......\.........."!.....4...V..............P............................................@.......................................... ...............z.......0..(...P...p...............................@............P...............................text....2.......4.................. ..`.rdata..l....P.......8..............@..@.data....=.......*..................@....rsrc........ ......................@..@.reloc..(....0......................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SecureProp.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):151200
      Entropy (8bit):6.535292727380059
      Encrypted:false
      SSDEEP:
      MD5:F5FD970CED7AC6452B5504ADEF958B46
      SHA1:55D28460A825A9E0E911B2A15EF7188C7ECE2119
      SHA-256:10749BF88510AF0F7F3A0A91CA751B5C7188D1565E33E2057ADB0A0DD99F57D4
      SHA-512:18C459473F62C0B271E0A421FBDB7B33DAEAC18DC4824B99A59CE7EF469E63DF6CEC6F80FA5E8BF6D7B833FCC8BB4B479375F470B15A0D1496702C775D58C4B1
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$................_.u..._.w.b..._.v...............................g...}....}....}.{........}....Rich..........PE..L......\.........."!.....,..........`d.......@...............................p......<~....@.....................................P....@..p............4.......P..h...P...p...............................@............@..h............................text....+.......,.................. ..`.rdata..x....@.......0..............@..@.data........ ......................@....rsrc...p....@......................@..@.reloc..h....P......................@..B................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SharePoint.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):251552
      Entropy (8bit):6.559594975688641
      Encrypted:false
      SSDEEP:
      MD5:B8EB812BF69CFB64AFF52C47DB78064F
      SHA1:4AF797E60A6C6BA6E2071490B382F1099F9B38C7
      SHA-256:9A0DFA21CF1598CD501973864505B25A8C6ACB3F52623CC2CB686F4F21D0761C
      SHA-512:EFE062C21C7EFB40FC9A19E688EF013582E91ACCF70E794B634958204FF0B7EACC8860AEFB2359C323AEAC9A5E0F3E31B15A8682C72C84D84FCC5CF5577D4E10
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........t...'...'...'.]@'...'.]B'+..'.]C'...'.&...'.&...'.&...'.."'...'...'...'*..&...'*..&...'*.N'...'..&'...'*..&...'Rich...'................PE..L...v..\.........."!.....l...Z......................................................."....@....................................x.......p........................'..@H..p...............................@.......................@....................text....j.......l.................. ..`.rdata...............p..............@..@.data...............................@....rsrc...p...........................@..@.reloc...'.......(..................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ShortcutFlags.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):294048
      Entropy (8bit):6.560549721820035
      Encrypted:false
      SSDEEP:
      MD5:DC1E943C05028D69A0AC98F021BDAEBB
      SHA1:48DBE9FC8583AE33719AD94B655DEF6167CFDF85
      SHA-256:DCBA51E5550F5DC6B1DB2D1F6769C12E79E267D66D158FE04F7A6C27262129D3
      SHA-512:1B734D3B61E29065B80850E2FC4AC1C8EA889BB033130AB0431365CDD74088F29E2C0DF2E6121F26CF1121D03650392A808F7A8322633654E207F520651D66B7
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........C..@"..@"..@"....f.N"....d.."....e.]"...J..V"...J..a"...J..."..IZ..D"..IZ..Q"..@".."...K..X"...K..A"...Kh.A"..@"..A"...K..A"..Rich@"..........PE..L...}..\.........."!................hW...............................................'....@.........................p&.......'.......`..x............b.......p..`-......p........................... ...@............................................text............................... ..`.rdata...0.......2..................@..@.data........@......."..............@....rsrc...x....`......................@..@.reloc..`-...p.......4..............@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\ShowBackgroundImages.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):117408
      Entropy (8bit):6.487857888744431
      Encrypted:false
      SSDEEP:
      MD5:BEE526BA37C1BF298AFAF15F495C0458
      SHA1:ADF8F829647097CB0C609CA9EF2D5959C80F638B
      SHA-256:DD4872AFB94C904EA27A697F81ADAFAA5C7F6C8628026A5320833CC1500AC410
      SHA-512:0D5A540807A1E1A5D99CDFDA4DF2F489F9E63BB9DAB64935E40B8B5458A013552C0F6AF69D990CB6AE20A126C3FF890767E4304BDD95D89BA92487C0ECE54C8D
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........a@(...{...{...{m..{...{m..{...{m..{...{.h*z...{.h-z...{.h+z...{.x.{...{.x.{...{../{...{Oi'z...{Oi.z...{Oi.{...{...{...{Oi,z...{Rich...{........................PE..L......\.........."!................O`....... ......................................}.....@.........................p.......$...d....................................r..p............................#..@............ ..\......@....................text...k........................... ..`.rdata..^u... ...v..................@..@.data...............................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\SoftwareDetector.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):592032
      Entropy (8bit):6.404096074351378
      Encrypted:false
      SSDEEP:
      MD5:9EAF76B93DA71B5D520DC6A1E2EFACD8
      SHA1:E14849883A4FA18BD8EF91F3EAAF5097AC69A012
      SHA-256:B13CC1975833CEBEC2F1EA83319AC2177003C8D822462EEE83A700F7CCCC7861
      SHA-512:700E07066363A6965B69B53E9870C53411BB2E14E270EFA8171DF19DC5CAA6A25095451AAAD50683B3D45349FC43428415692A0FDFF76668B71DC1F026AA4C53
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.............}...}...}.L8....}.L8..d.}.L8...}...~..}...y..}...x...}.......}.....}...|..}.n.t..}.n.}...}.n....}......}.n.....}.Rich..}.................PE..L......\.........."!.........X..............................................0............@.............................t...D........p..................................p...........................@...@............................................text.............................. ..`.rdata..b........0..................@..@.data....u.......d..................@....rsrc........p.......<..............@..@.reloc...............B..............@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\TxtUpdater.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):403104
      Entropy (8bit):6.492420826936873
      Encrypted:false
      SSDEEP:
      MD5:2953F3AD1629007C6CBA00640BB349E6
      SHA1:06AEA7F000082CE30B495FDAA979E7AC049C3A62
      SHA-256:1B94069E05D2D0A468E07FC0AB1BBB977885C4E2433E3B7C81AFA363498FD668
      SHA-512:FF0B8D3CB8FFD116C225907D27714C32F48DF4D09EA576C618AF7B8FC202CF3F5315C5A9F663D76BA89859E699CF000618E21A3FA34B4F45D9886069CDA576EB
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........U.f.4c5.4c5.4c5J..5.4c5J..5w4c5J..5.4c5.\`4.4c5.\g4.4c5.\f4.4c5.L.5.4c5.4b5<4c5h]j4.4c5h]c4.4c5h].5.4c5.4.5.4c5h]a4.4c5Rich.4c5................PE..L......\.........."!.................t.......@...............................@......g!....@.........................P....... ...x.......p........................;...N..p...........................`O..@............@...............................text...n-.......................... ..`.rdata..$....@.......2..............@..@.data...............................@....rsrc...p...........................@..@.reloc...;.......<..................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\WinOptionalFeatures.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):1019040
      Entropy (8bit):6.585825913697378
      Encrypted:false
      SSDEEP:
      MD5:8593C1FFFCE0B7E72DF90CA30C0E87EE
      SHA1:92BE4BD5D874166D57FD9BE75CC30A99DB2690D5
      SHA-256:810D4B0CCA4B9783986847A3FDFEBFCF4E6571FEE64F603A0D38B8145FF3D751
      SHA-512:292087B6F735F156EA6126C54F6AE8AB916995455BFA22974EA3D30CD8F0BCA240432F7260B57D57347901789C171D989DE69241988663327F3963F313AA4915
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......@B(..#F..#F..#F.aEE..#F.aEC..#F.aEB..#F.VKE..#F.VKB. #F.VKC.y#F.aEG..#F..#G..#F..JO.1#F..JF..#F..J...#F..#..#F..JD..#F.Rich.#F.................PE..L......\.........."!.................q...............................................N....@.........................p................................r...............[..p....................\.......[..@............................................text...)........................... ..`.rdata..P...........................@..@.data....S.......<..................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\XmlCfg.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):630944
      Entropy (8bit):6.473285739313301
      Encrypted:false
      SSDEEP:
      MD5:977C9CF4707E387C1701B503571BF284
      SHA1:BF1DD137A8BA0EDBA5CB669AB26764ED265A8AFF
      SHA-256:07AF2C321B1C5BCC02E0B64F335137B15E861CC1CB67E301B0403094F08EF6EE
      SHA-512:EFD45FD5C4E26CF43C54834655E1798707397E550310AD46ED78068E432F03E97A59A2B2FBFD5C650C68C09A6E91669CA7FCCADBD1BCF2D719BA63C8CD5D5344
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......a...%.f.%.f.%.f.B..+.f.B...f.B..8.f.w.e.3.f.w.b...f.w.c...f.,...$.f.,...2.f.%.g...f.o...f.f.$.f...$.f.%...$.f.d.$.f.Rich%.f.................PE..L......\.........."!................!5...................................................@.................................x........@.......................P...c...N..p............................O..@...............T............................text............................... ..`.rdata..:...........................@..@.data........ ......................@....rsrc........@......................@..@.reloc...c...P...d..."..............@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\addNetworkLocation.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):13472
      Entropy (8bit):6.423421297556365
      Encrypted:false
      SSDEEP:
      MD5:6633444220C9F7B6B9A980123F60A1D8
      SHA1:6C2C8EA12D45814451D14A1ED51EDDCBDEE98CFC
      SHA-256:D91067E36F3F9E55FDBCC2A9DE103466090F2E2A8E061A4F917C7F3405E63B89
      SHA-512:E5F9FB5139597990A846C6F7B19E3B18E1F6221B5ECC7361DD4459C383929403C13036C2969D93FD46A8C43916EE97B6651C3C5140FDCA2277B15D5A1920BB9F
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........Y...8...8...8...@l..8...@|..8...8...8..wQ...8..wQ...8...8x..8..wQ...8..Rich.8..........................PE..L....-.\..........".................P........ ....@..........................`......wR....@.................................."..P....@.......................P..p....!..p............................................ ..P............................text...`........................... ..`.rdata....... ......................@..@.data........0......................@....rsrc........@......................@..@.reloc..p....P......................@..B................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aicustact.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):365216
      Entropy (8bit):6.404247173348129
      Encrypted:false
      SSDEEP:
      MD5:CC39B3AACC40C413E889867583ABF9E3
      SHA1:51EA58A3135D9D4BA3157CE58EE0391E55E7CD6B
      SHA-256:1C9A9582153F824340CA0303E68BB72C500F5E9277B94F95186EC197CBCDD6A1
      SHA-512:5A1378659758BB948673E6763C2D8D2FD05B981C4E61E3F16CE2C0E5A8BCEC91F8C8DA5F61D958AFAC97E04394EB53F2B6B55D209B788A99908791D70E681436
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......I......R...R...R...R...R...R...R...R...R_.|S...R_.{S-..R_.zS:..R...R...R...R...R..~RK..R..vS@..R...S...R...R...R...R...R..}S...RRich...R........................PE..L....-.\.........."!.....n..........................................................^.....@.................................x........`..0............x.......p...>......p...........................p...@............................................text..._l.......n.................. ..`.rdata..x............r..............@..@.data........@.......&..............@....rsrc...0....`.......2..............@..@.reloc...>...p...@...8..............@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aipackagechainer.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):548352
      Entropy (8bit):6.322117462036537
      Encrypted:false
      SSDEEP:
      MD5:02FC1CD8B058CA686E641AAFB13DC222
      SHA1:840800A239E407AD14BAD1FFC09E5F4E71A24168
      SHA-256:8E7D6CA58A963E1E91DEBCF1797EA3971652116006B4030027D68F1A183187C3
      SHA-512:3C97E65308017E42257B646D0927086368917B138AF0BD9B9DD71C3F3C95E61A7FADB851A38E71BF7F4E17CE2F3BF74197DF2355E2B237CD3E50B64CEC5924FC
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........3 |.RN/.RN/.RN/~./.RN/~./[RN/~./.RN/.:M..RN/.:J..RN/.:K..RN/.*./.RN/.*./.RN/.*./.RN/.RO/.SN/\;G..RN/\;./.RN/.R./.RN/\;L..RN/Rich.RN/........PE..L...S..\.........."......^...................p....@.......................................@..........................................`.......................@..TR...t..p................... u..........@............p..@...d........................text....\.......^.................. ..`.rdata.. ....p.......b..............@..@.data...L"...0......................@....rsrc........`.......,..............@..@.reloc..TR...@...T..................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aischeduler.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):140960
      Entropy (8bit):6.469737180297298
      Encrypted:false
      SSDEEP:
      MD5:F2426A4E2C6DDDDB5E219FCDB93E9BE5
      SHA1:589E446ECA00564708AA144E61FB526537A3ADB4
      SHA-256:1F08C8D2EA5834CCC54B5A61E579BE035D169021DC48D846694076DD7E25BE3F
      SHA-512:5AC61914243F049F3F82F3D951F8AFA81E48ABE87A33A8824746C61DA86E7E0881C35CE4DB71AFBCAC14D0C987211088F821816942FB28771E0F4E951DEE4FB4
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$...................*.<....*.>...*.?........................N......I......^.......>................2......Z..........Rich...................PE..L....-.\.........."!.....b.......... ........................................P......8.....@.....................................P.... ..x....................0..(.......p...............................@.......................@....................text....a.......b.................. ..`.rdata...|.......~...f..............@..@.data...............................@....rsrc...x.... ......................@..@.reloc..(....0......................@..B........................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\aischeduler2.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):180896
      Entropy (8bit):6.461583139058314
      Encrypted:false
      SSDEEP:
      MD5:14F7CF6FC7ECBCA1538B1D2EF1AD0522
      SHA1:CCFDD2DE6B31A079FAF146FAA7FB67442195C464
      SHA-256:730BE76C146DDA54AE30FBD45FCBD6D4A4A4A3499A6AD0AC423B5417436A0D77
      SHA-512:BC94D4CD82488077D0CD5C3A6A0DB93C7239B1715FC7AA728817E5A9388D8C310F36FFB4024E70FE9A7CADB9487764A43695D9C6E6E8BBD5A0ED8A19FE1C7417
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........c.c.c....c.....c......c....c......c....c......c......c.c..2c......c....c......c.cf..c....c.Rich.c.................PE..L....-.\.........."!.................................................................j....@.........................P..........x.......x.......................\....W..p...................@X..........@...................@...@....................text............................... ..`.rdata..l...........................@..@.data................z..............@....rsrc...x...........................@..@.reloc..\...........................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\appxinstaller.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):126624
      Entropy (8bit):6.382847625066176
      Encrypted:false
      SSDEEP:
      MD5:51D487ACC2DEC4ACB8603173FC2F323C
      SHA1:65DB373A0DA655D8E6AB48D33B92F1F85C6A65FF
      SHA-256:B3C6AB90B7001224197BAC0B3E62EDFA148C9B51B576EE5169D75CB9949690EF
      SHA-512:D61282BC7CDF77F926B06BB5A307C8932A7BE1EE51DD3BF9655503508D9FA63EA51B7DDE0CFFF86640E363EFA06BC21FC4280D53742F367E6EDEFABD5B3BBD7E
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......-..ii..:i..:i..:...;c..:...;...:...;{..:;..;{..:;..;{..:`.#:c..:;..;F..:...;b..:i..:...:...;a..:..O:h..:i.':h..:...;h..:Richi..:........................PE..L......\.........."......(..........;f.......@....@.......................................@.............................................................................p...........................p...@............@...............................text...>'.......(.................. ..`.rdata..P{...@...|...,..............@..@.data...,...........................@....rsrc...............................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\certificateinstaller.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):160928
      Entropy (8bit):6.468698850539223
      Encrypted:false
      SSDEEP:
      MD5:816DDE9B36B9A73081494223B7540FE4
      SHA1:D4352AA5B1D8819273FA8C002FCFCF3E8D624877
      SHA-256:06A48360C25A9B629E152952394214302C9B5120F45E665B507A2F0B23CF5D2B
      SHA-512:83615EAA23FD28FA097FE2B80511A492715B75C8E9AE9C3FEFA5902A320AAD9609B592891B181AC548EF027E104C8631DAA04E67DE40D7AE1CC7F506A2FBE647
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......j>.._..._..._..K9..#_..K9.._..K9..8_..|7..:_..|7..._..|7..._..K9..=_..._.._..6..%_..6A./_..._)./_..6../_..Rich._..........PE..L......\.........."......>...&.......1.......P....@.......................................@.................................x3..<....`...............Z.......p.. ...@$..p...................P%.......$..@............P..<............................text...,<.......>.................. ..`.rdata.......P.......B..............@..@.data...T....@......................@....rsrc........`.......:..............@..@.reloc.. ....p.......@..............@..B........................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\chainersupport.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):252576
      Entropy (8bit):6.531830243865122
      Encrypted:false
      SSDEEP:
      MD5:AB2FDE03F42CB43F8E4DE68CD0D6D9BF
      SHA1:6282A4322FFA5E35D107175DC8A6C0195021B455
      SHA-256:120C8925A94165F9F84AB6D6F6844612583FDFA32160A190742F7793DD2B6C8B
      SHA-512:BDB5829F12911510BCF05C5C7E54AD1422D5D3333A2C350EC10881306358CA2A16871CEE0E89DC828121B8BB9578F3EDCB94275D7A45E3E951FC13449878233D
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........k...8...8...84.28...84.08...84.18...8...9...8...9...8...9...8..P8...8...8$..8...9...8...9...8..<8...8..T8...8...9...8Rich...8........................PE..L......\.........."!.....f...d......./...............................................z....@.....................................P...............................@&...Z..p............................Z..@............................................text....d.......f.................. ..`.rdata...............j..............@..@.data...............................@....rsrc...............................@..@.reloc..@&.......(..................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\defaultPrograms.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):202400
      Entropy (8bit):6.572934352080311
      Encrypted:false
      SSDEEP:
      MD5:07B718880E3C3960D9CAB092A3D7AFD6
      SHA1:624553894BA1ADF0141FF7F0B04266C978D87BB2
      SHA-256:3C52F550BCC6D45904557B9FCC944CE336E60E528BDA83FCDB58CB6028ADF982
      SHA-512:019675106B52BA6165D96B04453A6D68498505471FCDD5EE2FE79FC4F2C1BD08FC32164970E1FF90E176FAEE6919021BCCD4618A1645823E92AF76760B87AB5A
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........./...A...A...A...B...A...D.S.A...B...A...D...A...E...A...E...A...@...A...@.F.A.X.H...A.X.A...A.X.....A......A.X.C...A.Rich..A.................PE..L....-.\.........."!.........:......;........................................0......?.....@.........................................................................P...p...................`...........@............................................text...=........................... ..`.rdata..x...........................@..@.data...............................@....rsrc...............................@..@.reloc........... ..................@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\dotNetCustAct.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):140448
      Entropy (8bit):6.5490610238102365
      Encrypted:false
      SSDEEP:
      MD5:1C841F5E30A98FCA4614A634E4FBCBC7
      SHA1:2AE596C70D014C50C514AE91EABD47FAE688B33B
      SHA-256:B3886AE06548E1CEBE08E15B25A9DEE2481F461D1307E506D2CCD03EB660A62F
      SHA-512:16D0FB64DEB9AC19F784C55B1F37C6B1775B73C0695AB1FBDCA839970B08B3BC6AAEC8BBA59C7C601671F673F859D7021AB42E7D6711543D2AA1A1D203FAB531
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......!c..e.z.e.z.e.z....o.z......z....}.z.7j~.t.z.7jy.w.z.7j..M.z.lz..h.z.e.{...z..ks.`.z..kz.d.z..k..d.z.e...d.z..kx.d.z.Riche.z.........................PE..L......\.........."!.....b..........pb.......................................P......r.....@.............................`...P...d.... .......................0..........p...............................@...............d............................text...;`.......b.................. ..`.rdata..H............f..............@..@.data...............................@....rsrc........ ......................@..@.reloc.......0......................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\iis.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):2054304
      Entropy (8bit):6.508556859466602
      Encrypted:false
      SSDEEP:
      MD5:BC55BD73E18DDF0F58B009C5013BD21E
      SHA1:44EB9FFEF1A179B69CCA925ACD142FEE75E0831D
      SHA-256:603926004EA1C269247CE77D816AFB07C887E7B813B3A64EDD42FA908175006D
      SHA-512:17A61FF107EE5D6D9A46DCCAA1FAA2C214CF451D3DBF302615E00A227A79402491CB9921E209F99FFFFCFC5EC6048DD2D4AF3506A0FA7F5196DD44201812C71C
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$.................. .#.... .!.7.. . .......................V......Q......A.......................-......E..........Rich...........................PE..L....+.\.........."!.................u..............................................e.....@..........................`.......a..........`............>...........|...X..p...........................@Y..@............................................text............................... ..`.rdata..............................@..@.data....g.......R...h..............@....rsrc...`...........................@..@.reloc...|.......~..................@..B................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\lzmaextractor.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):13472
      Entropy (8bit):6.302925583038659
      Encrypted:false
      SSDEEP:
      MD5:6E98759FA8F0D5BAA327162D7210E68B
      SHA1:DF23C51434210914F104934E9BF4A9677CF4B595
      SHA-256:00CE57AF19BA294EB27288A3AA905A10E2299F08D43D3222BFDD12DC63DF4ADE
      SHA-512:5110EDE740346AB3E3CAD4F8D630CCDDD93AF020023F71DB6DE932527F44D5D47EA87C205759241130225B9E08D5306C78633B8C5B663826CBD39F1CBE64B19A
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........`...`...`.... ..`...`...`..8....`..8....`..8.L..`...`$..`..8....`..Rich.`..................PE..L...9..\.........."!................@........ ...............................`......L.....@.........................`"......p$.......@..h....................P..P....!..p............................................ ..`............................text............................... ..`.rdata..8.... ......................@..@.data........0......................@....rsrc...h....@......................@..@.reloc..P....P......................@..B........................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\msichainer.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):199840
      Entropy (8bit):6.553569742870994
      Encrypted:false
      SSDEEP:
      MD5:A931D9FEDFE38C4D17C692DFCFEF7E32
      SHA1:804912421A6550C0CB414AF75BCCBD6D9204D1CD
      SHA-256:65CADBB9A2D4C0684E00A4BF9AA46EACD77EF7E21468DC0B04A46D27D1DB9B61
      SHA-512:BE9F2E0BF8904AAA294250E2AD96477553627D3CFC417912AAE4BBCFD4E38ECE21D33BC605F4D9A3FD06E22879D28AFEE54470261E3BC4F2FFD32ABED07CF38A
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......7x.us..&s..&s..&.i&}..&.k&...&.j&n..&!q.'e..&!q.'Q..&!q.'3..&za.&~..&s..&...&.p.'|..&.pg&r..&.p.'r..&Richs..&................PE..L......\.........."..........,....................@..........................0......'J....@.....................................P...............................x.......p...........................p...@............................................text...O........................... ..`.rdata..t...........................@..@.data...............................@....rsrc...............................@..@.reloc..x........ ..................@..B........................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\serval.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):410784
      Entropy (8bit):6.499144793026633
      Encrypted:false
      SSDEEP:
      MD5:868D1F17D5888B49CC52BA8B7F8E20B1
      SHA1:B37C4A4D7A54CA0E49C91F8D973177EA88612125
      SHA-256:AC2E2BFFE3E773649B6D5C1A9229B22CD60AE30C4804954C61176EA25F2C19FE
      SHA-512:CEC3EDD3E18FBEA3778C09C88B12398D15E21CF0F1741221CECFDD60E1795B0BB174B0F3EB43C1D01CCCB61B61467159BFC17625862C6C1ECE2C7755C51EA664
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........]...<.E.<.E.<.E..]E.<.E.._E#<.E..^E.<.E.T.D.<.E.T.D.<.E.T.D.<.E.D/E.<.E.D?E.<.E.<.E.=.E,U.D.<.E,U.D.<.E,USE.<.E.<;E.<.E,U.D.<.ERich.<.E................PE..L...q..\.........."!.....6...........@.......P...............................`......W.....@.............................x...(........................*....... ..T?..._..p............................`..@............P..(............................text....4.......6.................. ..`.rdata.......P.......:..............@..@.data...............................@....rsrc...............................@..@.reloc..T?... ...@..................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\sharefolders.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):149664
      Entropy (8bit):6.510185976681373
      Encrypted:false
      SSDEEP:
      MD5:4760DA585A3ACC375AC0EDA000CB0168
      SHA1:71D8F544AD1F31959524275FC3AC5F50DEDDF89B
      SHA-256:05EC7AE3C6D96A375C83719369FE4758D1E4E94E6C8A4FC03A5308E5C62A721F
      SHA-512:ADA4566354B6F582195B37CEC775EFE7C2BD4D7FEF30A298A2A25016B433E010DF39B5BB2AFC85F8992F6EE5A1D084EE4C7F1785762EB0A5C506D1FBB55229CF
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......v.:.2.T.2.T.2.T.....?.T.......T...../.T.`.W.&.T.`.P...T.`.Q...T.;..%.T.2.U..T...].*.T...T.3.T...3.T.2..3.T...V.3.T.Rich2.T.........................PE..L...t..\.........."!................1l.......@...............................p......;L....@.........................`...........x....@..p....................P......P...p...............................@............@...............................text....,.......................... ..`.rdata..>....@.......2..............@..@.data........ ......................@....rsrc...p....@......................@..@.reloc.......P......................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\stdDllWrapper.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):19104
      Entropy (8bit):6.5922086910852995
      Encrypted:false
      SSDEEP:
      MD5:EC3BAD599EBDF6D46DA41A4AB98A6CA2
      SHA1:E653B57508D5181945E05AF4DE30CCB2A87F9557
      SHA-256:B8B035F0BC25406B8967C98B5D437D463CBE0DC4A0E5C0A33796859E991FB20C
      SHA-512:813A0530126ED3245BCAC8F2115255EA753DDB4F7F17F1CC5AADA8CD80FD2F3DB36B435C33BDD872B6C8A30D70437D8468EC8DBB519D88AD23343F0F2447BC97
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........Hl..&?..&?..&?..?..&?..'?..&?0./>..&?0.&>..&?0..?..&?...?..&?0.$>..&?Rich..&?........PE..L......\.........."!................@........0...............................p......Q:....@.........................01..l....2..<....P...............0.......`.. ....0..p............................................0..P............................text...P........................... ..`.rdata.......0......."..............@..@.data........@......................@....rsrc........P.......(..............@..@.reloc.. ....`......................@..B................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\tempFiles.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):214176
      Entropy (8bit):6.569138943577586
      Encrypted:false
      SSDEEP:
      MD5:2416073CBAF842C2CCFB7CD8156D3CF9
      SHA1:8684F2B9AE4AFCAB13A91AC6DD007BE8C81C1932
      SHA-256:5682C66E8E7F15DDC6B609642C6DA86D5088D96F0837F79E1EE903F9FB7E93ED
      SHA-512:3F8C82473271A6E1898A066DECE69CE5F0B9C6E4353D51A92C49AD02E0D1D13E65B7D1BC8150CE6B739C724ABED53540FBEB949AE1FA30553531B34AA90ACEBC
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............m...m...m..q....m..q...Lm..q....m......m......m......m....e..m...m..Gm..S....m..S....m..S....m...ma..m..S....m..Rich.m..........................PE..L...<..\.........."!.........8......&........................................`............@.....................................<....0...............*.......@......p...p...............................@............................................text...!........................... ..`.rdata..............................@..@.data...............................@....rsrc........0......................@..@.reloc.......@... ..................@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\userAccounts.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):366752
      Entropy (8bit):6.450993830996971
      Encrypted:false
      SSDEEP:
      MD5:D263DC6AE1CBB233CADAAE3B222D2A5A
      SHA1:E707AF5F527BDFB2985A52E3C5B144B07567A0DB
      SHA-256:1345116151E33FE8631C87BBD139BD1F5F9B5BC8190C409CD624DF4D17797206
      SHA-512:C3DA461DD32FBB3213553BCF0CABC1DD68ADFDB1E9A259FA6BB0666F39B9B00283422972A11043FEF74C7C30E95594F0A960EA297E65E035FF1321E0E73A76DB
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......./<+.k]E.k]E.k]E.....e]E......]E.....v]E.95F.}]E.95A.J]E.95@.P]E.b%..j]E.b%..~]E.k]D..]E..4L.H]E..4E.j]E..4..j]E.k]..j]E..4G.j]E.Richk]E.........PE..L......\.........."!................(L....................................................@..........................8..P...@:.......p...............~...........7......p...........................p...@............................................text............................... ..`.rdata...w.......x..................@..@.data...X....P.......0..............@....rsrc........p.......@..............@..@.reloc...7.......8...F..............@..B........................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\viewer.exe

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):401056
      Entropy (8bit):6.578724640980433
      Encrypted:false
      SSDEEP:
      MD5:FDD857830F5763D980E978AB17EE61CE
      SHA1:913658984B51AC2798654AB46C8C8D64DD887831
      SHA-256:51C03C5992CE50CB0D06CEECA0B4617959958E2CB52CFD5D5B6FAE8132CF94E1
      SHA-512:E6D6BBA8D4FB55F0348057C8710BD0876D7FED5C9573FCAD10C9E7003D53CA54040CAD4D7B0ADF94CDBC67BE9E26C44AEE60AE098585BB4194314B59240E98C6
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......."E..f$.Vf$.Vf$.V.fVh$.V.dV.$.V.eV{$.V4L.Wp$.V4L.WD$.V4L.W[$.Vo\.Vd$.Vo\.Vu$.Vf$.V.$.V.M.Ww$.V.MhVg$.Vf$.Vg$.V.M.Wg$.VRichf$.V........PE..L......\.........."......D.........._I.......`....@..........................P...... [....@.................................D....................................;...h..p............................h..@............`...............................text....C.......D.................. ..`.rdata..B]...`...^...H..............@..@.data....7..........................@....rsrc...............................@..@.reloc...;.......<..................@..B................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\custact\x86\win7library.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):303776
      Entropy (8bit):6.512746735249719
      Encrypted:false
      SSDEEP:
      MD5:CFC5B34757E2D3018CE1820F28156FA6
      SHA1:879985ED2513FB7EAFD71317875A063F38B02545
      SHA-256:35B8E291C6B223A0CBF99B1A4404FA5929B6B9D7F1BB69E512D40D4036CDFC4A
      SHA-512:1DBE3F2E90D72F5993B45D99FFDEA76AE2A47CD2EAEE2321A510520EA9432E0298419ED785C15CF03AB8CD2A682BC9345A02EA9AA07EAB4522E13826BF0ADC91
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 2%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........(...Ie..Ie..Ie../f..Ie../`.~Ie..!f..Ie..!a..Ie..!`..Ie../a..Ie../c..Ie../d..Ie..Id.OIe.u l..Ie.u e..Ie.u ...Ie..I..Ie.u g..Ie.Rich.Ie.................PE..L......\.........."!......................... .......................................@....@.........................PU.......V..........h.......................x.......p...........................p...@............ ...............................text...B........................... ..`.rdata..l?... ...@..................@..@.data........`.......F..............@....rsrc...h............R..............@..@.reloc..x........0...X..............@..B................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\aiu-ue.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):325
      Entropy (8bit):5.342562782796231
      Encrypted:false
      SSDEEP:
      MD5:DD69BE36C076A3C149EF32A8572E4A7A
      SHA1:B6B54FB5563C56A701093590B2B423D028C64A22
      SHA-256:59583C0C7B2C2D1165AB351E4BC308A318C2D5C6D0C48FAD08C3E604B7C8D35F
      SHA-512:AF01199D11AD6179429D6F182EE3204E48CE621054B234AFC616960E5E55F8B9E880A664A729E6F19C6AD22C0A2F9D757A0B26FE1A2459EA469988117BC657FB
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="neutral" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. Updater Editor defaults -->.. <STRING id="AIU.DefaultUpdateName" value="Your Application"/>..</DICTIONARY>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\aiu-ue_en.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):320
      Entropy (8bit):5.3476725851608915
      Encrypted:false
      SSDEEP:
      MD5:A97A76C49A75AD61990A25C4BEBBA05C
      SHA1:8B84906108F8C1BA5D852432EEC24FA1F9E648FD
      SHA-256:8431371108E8BEDCFA1D5F76E1BBDDFBFD4461A3617952CBE19FBB61779AE0C0
      SHA-512:F0FAC758A9E3F3DE3BEF3E07A0E472D668A98F0232606A45242D7C90C1CBA3168A30FA41B62474B0F7B7CF5D1D82AD63B0898F8DBCAA8730FB117A7EB79A11E5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="en" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. Updater Editor defaults -->.. <STRING id="AIU.DefaultUpdateName" value="Your Application"/>..</DICTIONARY>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\dictionary.xsd

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text
      Category:dropped
      Size (bytes):7007
      Entropy (8bit):4.635749213719295
      Encrypted:false
      SSDEEP:
      MD5:7D6F2A8971956F06A003E84C34F06782
      SHA1:77FE5C399F77084A7F484C798BB3805E7B03C181
      SHA-256:1780F1857DD0DF9DD3ACA7E5DCE0169B34AE6A98CA024F5C6FF61A28F9371347
      SHA-512:740B1247600CF084BBF56B40EAEC923A7681E78CFAF35F2BCA1FFE6F23D9347DAEA7D6BB0C4A1A1F6F67F52B3CFBF850B81C51376A0C1602B4B8FBCB93DFA5FD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8"?>.<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">. lang type -->. <xs:simpleType name="LanguageType">. <xs:restriction base="xs:string">. <xs:enumeration value="neutral"/>. <xs:enumeration value="af"/>. <xs:enumeration value="sq"/>. <xs:enumeration value="ar"/>. <xs:enumeration value="ar_IQ"/>. <xs:enumeration value="ar_EG"/>. <xs:enumeration value="ar_LY"/>. <xs:enumeration value="ar_DZ"/>. <xs:enumeration value="ar_MA"/>. <xs:enumeration value="ar_TN"/>. <xs:enumeration value="ar_OM"/>. <xs:enumeration value="ar_YE"/>. <xs:enumeration value="ar_SY"/>. <xs:enumeration value="ar_JO"/>. <xs:enumeration value="ar_LB"/>. <xs:enumeration value="ar_KW"/>. <xs:enumeration value="ar_AE"/>. <xs:enumeration value="ar_BH"/>. <xs:enumeration value="ar_QA"/>. <xs:enumeration value="az"/>. <xs:enumeration value="az_AZ_Cyrillic"/>. <xs:e

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (337), with CRLF line terminators
      Category:dropped
      Size (bytes):206453
      Entropy (8bit):5.270453643497688
      Encrypted:false
      SSDEEP:
      MD5:2000A34A4648DB0CEB169B42F74712D1
      SHA1:92F79D2FDC580F9AA1D1BB99FA07F49AFA0E89D9
      SHA-256:0ACC64E2F2070AA64252BD08859800EBD30D99F89B69C593FE03634453610C0B
      SHA-512:4BA8C2459CB8719443F6C249D04613ABA1EDF66A727FE3990F867161BED66B649739737222669630E8705BBD6A7D9E3E0FBF912A160133913C36DD4020D2BAFC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="neutral" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.AI_GenericProperty.Description" value="Your application description."/>.. <STRING id="AI.AI_GenericProperty.Name" value="Your Application"/>.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="New Folder"/>.. <STRING id="AI.DuplicateFile.DestName" value="Duplicate %s of %s"/>.. <STRING id="AI.Environment.DefaultName" value="New Variable"/>.. <STRING id="AI.Feature.DefaultDescription" value="Description"/>.. <STRING id="AI.Feature.DefaultTitle" value="Feature"/>.. <STRING id="AI.FileDownload.DefaultFileName" value="FileDownload.ext"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Play"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Support"/>.. <STR

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_ar.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
      Category:dropped
      Size (bytes):208398
      Entropy (8bit):5.568275888594407
      Encrypted:false
      SSDEEP:
      MD5:4DF56223B4F5D1DFC2192418815FA441
      SHA1:DB3EF4EB61F4334DC3E16FCFB0656927E2DB1B34
      SHA-256:CAF6A40B02403B5B07CB8010525A3B1CEAF2382F09B2F5D2AAFA0ADAF7BE7028
      SHA-512:756FBA5B0B0EE0DE15E5C803A0522DBAA3353EE9705BDE9FE3989BFB5CC164CFA684296B6CB7BA5C8C85B2557C3E29FB7FCCD3800F0277B68F3F80B40CCEAD7B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="ar" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value=".... ...."/>.. <STRING id="AI.DuplicateFile.DestName" value="..... %s .. %s"/>.. <STRING id="AI.Environment.DefaultName" value="..... ...."/>.. <STRING id="AI.Feature.DefaultDescription" value="....."/>.. <STRING id="AI.Feature.DefaultTitle" value="......"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="....."/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="....."/>.. <STRING id="AI.GameUx.DefaultGameDescription" value=".... .. [|CurrentGame]."/>.. <STRING id="AI.IniFile.DefaultFileName" value="... ...."/>.. <STRING id="AI.IniFile.DefaultKey" value="..... ..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_bg.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (422), with CRLF line terminators
      Category:dropped
      Size (bytes):125158
      Entropy (8bit):5.442877736036184
      Encrypted:false
      SSDEEP:
      MD5:08CF704EE285264B04AAFE7445B02D68
      SHA1:7F9AA2349FC1AE60B33EDB8BB9BE8FEE17A97E32
      SHA-256:A0D20E333294DAC2AC6890780F8645B9A1D7C5A439380BADE2C191E3F18A5482
      SHA-512:BB5F78C616A1D9EB367B0AD47EB20B463644B507825D988B1FCA1D34A0BB87A303D52570EF747651BD4066637EFAAEC445330537C947514FDB46FADC36E21ADD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="utf-8"?>..<DICTIONARY type="singlelanguage" lang="bg" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value=".... ....."/>.. <STRING id="AI.DuplicateFile.DestName" value="......... %s .. %s"/>.. <STRING id="AI.Environment.DefaultName" value=".... .........."/>.. <STRING id="AI.Feature.DefaultDescription" value="........"/>.. <STRING id="AI.Feature.DefaultTitle" value="......."/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value=".........."/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="........."/>.. <STRING id="AI.GameUx.DefaultGameDescription" value="...... ........ .. [|CurrentGame]."/>.. <STRING id="AI.IniFile.DefaultFileName" value="... ...."/>.. <STRIN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_ca.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (356), with CRLF line terminators
      Category:dropped
      Size (bytes):98134
      Entropy (8bit):5.269826701920589
      Encrypted:false
      SSDEEP:
      MD5:028DDE9AE3363764E7FF7EA3AC178DCD
      SHA1:0ACA682C5FEACC86D8FCD8DEF22BBEFDA00DC1D4
      SHA-256:E6EC954FE2BA9C2CC24129ABEA9A85A8EB0DF23875966CA1E216F88164775A1E
      SHA-512:51ACF0E5A9F66DA8335CC3C25D1EC31402A54965C54FB9A3F6D3A86E808A3AD1392737F9D710A47C6D081E7B199C11895E917AF224378A6788789D3E73CB4FA6
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="ca" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="Nova carpeta"/>.. <STRING id="AI.DuplicateFile.DestName" value="Duplicat %s de %s"/>.. <STRING id="AI.Environment.DefaultName" value="Nova variable"/>.. <STRING id="AI.Feature.DefaultDescription" value="Descripci."/>.. <STRING id="AI.Feature.DefaultTitle" value="Caracter.stica"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Inicia"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Suport"/>.. <STRING id="AI.GameUx.DefaultGameDescription" value="La vostra descripci. per [|ProductName]."/>.. <STRING id="AI.IniFile.DefaultFileName" value="Nou fitxer"/>.. <STRING id="AI.IniFile.DefaultKey" value="Nova clau"/>.. <STRING id

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_cs.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (430), with CRLF line terminators
      Category:dropped
      Size (bytes):84209
      Entropy (8bit):5.549443918885125
      Encrypted:false
      SSDEEP:
      MD5:564FAF09DB2970776E58C0407C201A9E
      SHA1:47F2EAD898DBECA1D021074D90E15C077258E992
      SHA-256:2C0CB40C269EFE85D59F67EA89C5EB10E5E2B050B2865B4711DE026FD785230F
      SHA-512:58D0190C639CE39D774FDE6502044D9B0023C9F09B8CA1459C43037F9D9DE73C873B0BFAF79D068F436EAFC0C6BA37453D3C474947C04BF6CF0934E72DA6C718
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="cs" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.DefaultDefaultDir" value="Nov. slo.ka"/>.. <STRING id="AI.DuplicateFile.DestName" value="Duplicate %s of %s"/>.. <STRING id="AI.Environment.DefaultName" value="Nov. prom.nn."/>.. <STRING id="AI.Feature.DefaultDescription" value="Popis"/>.. <STRING id="AI.Feature.DefaultTitle" value="Vlastnost"/>.. <STRING id="AI.IniFile.DefaultFileName" value="Nov. soubor"/>.. <STRING id="AI.IniFile.DefaultKey" value="Nov. kl.."/>.. <STRING id="AI.IniFile.DefaultSection" value="Nov. sekce"/>.. <STRING id="AI.IniFile.DefaultValue" value="Nov. hodnota"/>.. <STRING id="AI.Java.DefaultErrorFile" value="error.log"/>.. <STRING id="AI.Java.DefaultOutputFile" value="output.log"/>.. <STRING id="AI.Java.DefaultProductName" value="V.. prod

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_da.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (342), with CRLF line terminators
      Category:modified
      Size (bytes):105717
      Entropy (8bit):5.318489919283202
      Encrypted:false
      SSDEEP:
      MD5:B11FD961C8D72EDA4417FE7E05BD3C60
      SHA1:2253AD6B23CB59EF26A455B679B52F863BA6E923
      SHA-256:8F569CD62D2A4DEED88A85BB9D0081E8FD453C2D5FF0F3175F6DCB4C59B08E22
      SHA-512:8D3F6B973432453385FF4E064696DC8F0CF06966DA0D86F700AD855455D2149D58FA312574FB71ECC880DE87CE5415A72523C03B6A0DF754B298D2FEC9FE9263
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="da" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="Ny mappe"/>.. <STRING id="AI.DuplicateFile.DestName" value="Kopi %s af %s"/>.. <STRING id="AI.Environment.DefaultName" value="Ny variabel"/>.. <STRING id="AI.Feature.DefaultDescription" value="Beskrivelse"/>.. <STRING id="AI.Feature.DefaultTitle" value="Komponent"/>.. <STRING id="AI.FileDownload.DefaultFileName" value="FileDownload.ext"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Afspil"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Support"/>.. <STRING id="AI.GameUx.DefaultGameDescription" value="Din beskrivelse af [|CurrentGame]."/>.. <STRING id="AI.I

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_de.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (382), with CRLF line terminators
      Category:dropped
      Size (bytes):223732
      Entropy (8bit):5.331319621250765
      Encrypted:false
      SSDEEP:
      MD5:92E47FB1B3489500D7A4F18C6A9C49F8
      SHA1:919F0CA3B7F002D8F911AFD95B430F4EF58B2E59
      SHA-256:0D0875F0FFF35E1A63A9217761725CB8FDF365165D473444362593699ADC7A6E
      SHA-512:0986001ECA6FD1FED82DB3A90B9C8BC336DA834089AEADEB7F458D07EB70CB867E9DC2DD912A300A39155171D14A6057CDD8C8F1330961805E21CA107FA0A0F5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="de" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.AI_GenericProperty.Description" value="Ihre Anwendungsbeschreibung."/>.. <STRING id="AI.AI_GenericProperty.Name" value="Ihre Anwendung"/>.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="Neues Verzeichnis"/>.. <STRING id="AI.DuplicateFile.DestName" value="Kopie %s von %s"/>.. <STRING id="AI.Environment.DefaultName" value="Neue Variable"/>.. <STRING id="AI.Feature.DefaultDescription" value="Beschreibung"/>.. <STRING id="AI.Feature.DefaultTitle" value="Funktion"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Spielen"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Unterst.tzung"/>.. <STRING id="AI.GameUx.DefaultGameDescription" value="Ihre Beschreibung

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_el.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (407), with CRLF line terminators
      Category:dropped
      Size (bytes):153066
      Entropy (8bit):5.478136506234929
      Encrypted:false
      SSDEEP:
      MD5:65A8D423D13AD6AF0A18DE6FFF23D84A
      SHA1:C09CE97ADDDC3DC110194E6B8EC4A4272BE17CB4
      SHA-256:91EDC50463F60280985242EFFE5ABA568657D9871D9A80D1F0A66FD2025E5F60
      SHA-512:B26CE6174EFB300FE01E9986215C0E53B3DC2453DDBAD258274729ED19611C9224B12D53C6C56DFEA30F94238944E5338A651AA1556926365985FCD5010A22CD
      Malicious:false
      Reputation:low
      Preview:.<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="el" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32 bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value=".... ......."/>.. <STRING id="AI.DuplicateFile.DestName" value="......... %s ... %s"/>.. <STRING id="AI.Environment.DefaultName" value="... ........."/>.. <STRING id="AI.Feature.DefaultDescription" value="........."/>.. <STRING id="AI.Feature.DefaultTitle" value=".........."/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="..........."/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value=".........."/>.. <STRING id="AI.GameUx.DefaultGameDescription" value=". ......... ... ... .. [|CurrentGame]."/>.. <STRING id="AI.IniFile.DefaultFileN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_en.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (342), with CRLF line terminators
      Category:dropped
      Size (bytes):205242
      Entropy (8bit):5.273913317468664
      Encrypted:false
      SSDEEP:
      MD5:8A6129AF240BCB77B590DE81A31041DE
      SHA1:1472FE35442FCABF4D07A3328FC248E44A67B955
      SHA-256:0F5C234103FC414372CC7E7D5541EAEECFC3A3D7D1BAB43C50158BDC13454774
      SHA-512:45A7F4A842DBB73BEE1A846C933E09F582B013AD089FA687BAF09EE45153D55861A772DFD75230322362F969A8EDBECA1AD859241966BC95CC6EB66743CD3AAF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="en" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.AI_GenericProperty.Description" value="Your application description."/>.. <STRING id="AI.AI_GenericProperty.Name" value="Your Application"/>.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="New Folder"/>.. <STRING id="AI.DuplicateFile.DestName" value="Duplicate %s of %s"/>.. <STRING id="AI.Environment.DefaultName" value="New Variable"/>.. <STRING id="AI.Feature.DefaultDescription" value="Description"/>.. <STRING id="AI.Feature.DefaultTitle" value="Feature"/>.. <STRING id="AI.FileDownload.DefaultFileName" value="FileDownload.ext"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Play"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Support"/>.. <STRING i

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_en_GB.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (337), with CRLF line terminators
      Category:dropped
      Size (bytes):196788
      Entropy (8bit):5.270462917478872
      Encrypted:false
      SSDEEP:
      MD5:572108C2533F250A782F6A0C3D8E179F
      SHA1:9F6247F4E972B5827AC8F96C19FF281D1BFBD5A5
      SHA-256:6D74BD4152A374BD111F8F0C7CA11E2DF11BEB689A87BBB6C3DA1EF32438D6EA
      SHA-512:5DA7D3EBD5E19753521BDE62618C9C16AF9DF9EE228F404BE9E83856EB4C115C817FBE458558A3231379C1514BE4CD40838E53F4C132F393429AFEAA0D4C7E1B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="en_GB" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.AI_GenericProperty.Description" value="Your application description."/>.. <STRING id="AI.AI_GenericProperty.Name" value="Your Application"/>.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="New Folder"/>.. <STRING id="AI.DuplicateFile.DestName" value="Duplicate %s of %s"/>.. <STRING id="AI.Environment.DefaultName" value="New Variable"/>.. <STRING id="AI.Feature.DefaultDescription" value="Description"/>.. <STRING id="AI.Feature.DefaultTitle" value="Feature"/>.. <STRING id="AI.FileDownload.DefaultFileName" value="FileDownload.ext"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Play"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Support"/>.. <STRIN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_es.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (380), with CRLF line terminators
      Category:dropped
      Size (bytes):223894
      Entropy (8bit):5.222053968439913
      Encrypted:false
      SSDEEP:
      MD5:50F9BD27F20685215F07DC24D20BBDAB
      SHA1:727C26872ECC95FB65084869BFE6622429F1E971
      SHA-256:50B44DDA8D67B883FA31C7C4A89FF50A803EFD0D73C1349C4CD3124F4817D922
      SHA-512:92ACEB3408A2956B32CD6582CB3E5ADD2F1C3FBFE646433CC230C16C21C7451FE883D9D69946409CF1161FCAD0F1B0BA22A721E0C27CE434062673602B73FB62
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="es" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.... AI defaults -->.. <STRING id="AI.AI_GenericProperty.Description" value="La descripci.n de su aplicaci.n."/>.. <STRING id="AI.AI_GenericProperty.Name" value="Su Aplicaci.n"/>.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="Nueva Carpeta"/>.. <STRING id="AI.DuplicateFile.DestName" value="Duplicado %s de %s"/>.. <STRING id="AI.Environment.DefaultName" value="Nueva Variable"/>.. <STRING id="AI.Feature.DefaultDescription" value="Descripci.n"/>.. <STRING id="AI.Feature.DefaultTitle" value="Caracter.stica"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Ejecutar"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Soporte"/>.. <STRING id="AI.GameUx.DefaultGameDescription" value="Su descr

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_fa.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (326), with CRLF line terminators
      Category:dropped
      Size (bytes):254100
      Entropy (8bit):5.630960465554257
      Encrypted:false
      SSDEEP:
      MD5:7D3748954B82140F00F5ACA297655861
      SHA1:CA9F88090E8F92FDC1370B142A6B323866FCDC87
      SHA-256:6EB174E8D44E7C18B3287772EA53C7AA66E18148892A4656A329FF88808AF22F
      SHA-512:83751DF1AB23B0D98DD9F4462739F42182389AD263247B8C7FFFBEABA7244D0B452C6FE673A4322C6FB01AC89303CADDDB8DDFF152EF7BE16ADB3E5013E2C569
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="fa" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.AI_GenericProperty.Description" value="....... ...... ..."/>.. <STRING id="AI.AI_GenericProperty.Name" value="...... ..."/>.. <STRING id="AI.Directory.Default32BitName" value="... 32"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value=".... ...."/>.. <STRING id="AI.DuplicateFile.DestName" value="...... %s .. %s"/>.. <STRING id="AI.Environment.DefaultName" value="...... ...."/>.. <STRING id="AI.Feature.DefaultDescription" value="......."/>.. <STRING id="AI.Feature.DefaultTitle" value="....."/>.. <STRING id="AI.FileDownload.DefaultFileName" value="FileDownload.ext"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="..."/>.. <STRING id="AI.GameTask.DefaultSupport

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_fi.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (346), with CRLF line terminators
      Category:dropped
      Size (bytes):104887
      Entropy (8bit):5.310373463778603
      Encrypted:false
      SSDEEP:
      MD5:A90A7B181D66825F91636F20A111D109
      SHA1:1B74835FEC4D76091AF39C48E928E6F4D44FD8AC
      SHA-256:8EF7EC5FF11789886558A1C518677F4E3908F49DDB05EB3052F5514D79640500
      SHA-512:C559817EFE46FB38EDA97F179203027803FC8CE5AB67E51B74D8152A73F4B792AB7BEF25855756642B172F242C2A9DD6CCDE34E7622824C7E0C6E51E751DC0B6
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="fi" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32 bitti."/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="Uusi kansio"/>.. <STRING id="AI.DuplicateFile.DestName" value="Kaksoiskappale %s / %s"/>.. <STRING id="AI.Environment.DefaultName" value="Uusi muuttuja"/>.. <STRING id="AI.Feature.DefaultDescription" value="Kuvaus"/>.. <STRING id="AI.Feature.DefaultTitle" value="Toiminto"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Toista"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Tuki"/>.. <STRING id="AI.GameUx.DefaultGameDescription" value="Kuvaus kohteelle [|CurrentGame]."/>.. <STRING id="AI.IniFile.DefaultFileName" value="Uusi tiedosto"/>.. <STRING id="AI.IniFile.DefaultKey" value="Uusi avain"/>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_fr.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (391), with CRLF line terminators
      Category:dropped
      Size (bytes):233630
      Entropy (8bit):5.286029811687651
      Encrypted:false
      SSDEEP:
      MD5:647D8C988FF5B39639F8ABC3C2EC2609
      SHA1:04E2B555E5E85BAB9A3D168BCCE86C270CCFA0B8
      SHA-256:ECC5AD9F94A93858F3CC5032BF83361407BCF67E86AD00430D5D89774714E135
      SHA-512:E467126C70EC50DE4C8B12D92E5C613E9C775A8BC1C5C9A32247E92212DA46600DF4A4117D402CB08450E4BFE9D4C8E2EE60219018A794EE5E1877B4515966BE
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="fr" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="Nouveau R.pertoire"/>.. <STRING id="AI.DuplicateFile.DestName" value="Doublon %s de %s"/>.. <STRING id="AI.Environment.DefaultName" value="Nouvelle Variable"/>.. <STRING id="AI.Feature.DefaultDescription" value="Description"/>.. <STRING id="AI.Feature.DefaultTitle" value="Fonctionnalit."/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Jouer"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Support"/>.. <STRING id="AI.GameUx.DefaultGameDescription" value="Votre description de [|CurrentGame]."/>.. <STRING id="AI.IniFile.DefaultFileName" value="Nouveau Fichier"/>.. <STRING id="AI.IniFile.DefaultKey" value="Nouvelle Cl."/>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_he.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (335), with CRLF line terminators
      Category:dropped
      Size (bytes):127008
      Entropy (8bit):5.227788532554359
      Encrypted:false
      SSDEEP:
      MD5:CDA7ED71A2B3A210A42324F242F87E46
      SHA1:11C8FADFA51900E28F4BD3D78DFB9C22988708C8
      SHA-256:A3F6926D1E24782474DF395670EB912C5364CAE44F78F195F3FF8F60B976CED7
      SHA-512:FD408F746A8ABF3D5C8B3D321F92B26B1135FA6B630F8366A712919DA62D079E1CB98B8B23904B1B52F963B458749E3E45DEABA823A4AFEAD0EAF25299ACB99E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="he" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. Dialog table -->.. <STRING id="Dialog.AdminBrowseDlg" value="[ProductName] [..... .....]"/>.. <STRING id="Dialog.AdminInstallPointDlg" value="[ProductName] [..... .....]"/>.. <STRING id="Dialog.AdminWelcomeDlg" value="[ProductName] [..... .....]"/>.. <STRING id="Dialog.BasicUIDlg" value="[ProductName] [..... .....]"/>.. <STRING id="Dialog.BrowseDlg" value="[ProductName] [..... .....]"/>.. <STRING id="Dialog.CancelDlg" value="[ProductName] [..... .....]"/>.. <STRING id="Dialog.CustomizeDlg" value="[ProductName] [..... .....]"/>.. <STRING id="Dialog.DiskCostDlg" value="[ProductName] [..... .....]"/>.. <STRING id="Dialog.ErrorDlg" value=".... ......"/>.. <STRING id="Dialog.ExitDialog

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_hr.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (433), with CRLF line terminators
      Category:dropped
      Size (bytes):92959
      Entropy (8bit):5.3574175079787985
      Encrypted:false
      SSDEEP:
      MD5:F52A98AB49F68E9DE5B7B6DBFF1FC980
      SHA1:628A5ED02E7E6BB3D198410C47686C91A80A74EC
      SHA-256:C1FC3AF52831012D8E0179753C0133771158A51488FBADA96AE6551C5923F378
      SHA-512:D1C16CB323041B8E406E0650AA6B4738D9D19825E53E1BB0C3634ABB151A1ED497D2C8FC039615127C612AF0EA8B0D4B846888F8918E6C55EC3142388B83832D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="utf-8"?>..<DICTIONARY type="singlelanguage" lang="hr" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="Nova mapa"/>.. <STRING id="AI.DuplicateFile.DestName" value="Dupliciran %s od %s"/>.. <STRING id="AI.Environment.DefaultName" value="Nova varijabla"/>.. <STRING id="AI.Feature.DefaultDescription" value="Opis"/>.. <STRING id="AI.Feature.DefaultTitle" value="Zna.ajka"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Reproduciraj"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Podr.ka"/>.. <STRING id="AI.GameUx.DefaultGameDescription" value="Va. opis za [|CurrentGame]."/>.. <STRING id="AI.IniFile.DefaultFileName" value="Nova datoteka"/>.. <STRING id="AI.IniFile.DefaultKey" value="Novi klju."/>.. <STRING id="AI.IniFile.DefaultSection" v

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_hu.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (392), with CRLF line terminators
      Category:dropped
      Size (bytes):85778
      Entropy (8bit):5.532572379587891
      Encrypted:false
      SSDEEP:
      MD5:DE36940885FF8D6AA64BB0C6EA8DF856
      SHA1:9BB277DD76AC8461A69D9BB9CF25A094475A67B1
      SHA-256:F6E62FD3D1E339117EAE15F281F08D3FB0D5C77103947582EB91A62D008D9999
      SHA-512:4102F30B4B852D88C8A66CBE6BEFEDC94AF7CE007B35278ED689E03236A52F0EB96B3C0A22FD1B14B0709967310A2E2FA501865F4C901D7141D051DAB2AD83C7
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="hu" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value=".j mappa"/>.. <STRING id="AI.DuplicateFile.DestName" value="M.solat %s a k.vetkez.b.l %s"/>.. <STRING id="AI.Environment.DefaultName" value=".j v.ltoz."/>.. <STRING id="AI.Feature.DefaultDescription" value="Le.r.s"/>.. <STRING id="AI.Feature.DefaultTitle" value="Funkci."/>.. <STRING id="AI.IniFile.DefaultFileName" value=".j f.jl"/>.. <STRING id="AI.IniFile.DefaultKey" value=".j kulcs"/>.. <STRING id="AI.IniFile.DefaultSection" value=".j szakasz"/>.. <STRING id="AI.IniFile.DefaultValue" value=".j .rt.k"/>.. <STRING id="AI.Java.DefaultErrorFile" value="error.log"/>.. <STRING id="AI.Java.DefaultOutputFile" value="output.log

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_id.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (417), with CRLF line terminators
      Category:dropped
      Size (bytes):90347
      Entropy (8bit):5.281036611462817
      Encrypted:false
      SSDEEP:
      MD5:FEBB267E5187F982EEF1DEF58E8F263A
      SHA1:F1A45B3055A27EB54F9DE7B19038AEDE5B5592D3
      SHA-256:CCF66E08D0B37F0AD017E09CF4B7AA218DBFF66540E7F97CA6CD10657BD369CD
      SHA-512:06CA2620222698C507668C599E8379F527F543DD94CBE92BB2C72A1E44CE7A1A0380DFBB48110D1FA6467E93F8B7E516580DACE6E830E24E72B9DABC9F92A9F5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="utf-8"?>..<DICTIONARY type="singlelanguage" lang="id" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="Folder Baru"/>.. <STRING id="AI.DuplicateFile.DestName" value="Duplika %s dari %s"/>.. <STRING id="AI.Environment.DefaultName" value="Variabel Baru"/>.. <STRING id="AI.Feature.DefaultDescription" value="Deskripsi"/>.. <STRING id="AI.Feature.DefaultTitle" value="Fitur"/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Putar"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Mendukung"/>.. <STRING id="AI.GameUx.DefaultGameDescription" value="Deskripsi Anda untuk [|CurrentGame]."/>.. <STRING id="AI.IniFile.DefaultFileName" value="Berkas baru"/>.. <STRING id="AI.IniFile.DefaultKey" value="Kunci Baru"/>.. <STRING id="AI.IniFile.DefaultSection" v

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_is.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (405), with CRLF line terminators
      Category:dropped
      Size (bytes):84651
      Entropy (8bit):5.43645593643893
      Encrypted:false
      SSDEEP:
      MD5:87AD52422C312D140AE7B751BA652B4D
      SHA1:56562037B91A79A0F20D8C30F68D063D18348DB8
      SHA-256:337DF9FEC966FC9F9A5B1826235576C38AD38166F013E5ED35E4544C29586A48
      SHA-512:22E7077E6F0600E4B8B0C5005EADFDE7CCCF5A3E6AC383347CBA241439994C40D0D8B2A9BED2A4E1A6EDEBBE478ECAE9E7672C7664A19DC0AAFB446E76149D3E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="is" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.DefaultDefaultDir" value="N.r Mappa"/>.. <STRING id="AI.DuplicateFile.DestName" value="Afrit %s af %s"/>.. <STRING id="AI.Environment.DefaultName" value="N.r Breyta"/>.. <STRING id="AI.Feature.DefaultDescription" value="L.sing"/>.. <STRING id="AI.Feature.DefaultTitle" value="L.gun"/>.. <STRING id="AI.IniFile.DefaultFileName" value="N.r skr."/>.. <STRING id="AI.IniFile.DefaultKey" value="N.r Lykill"/>.. <STRING id="AI.IniFile.DefaultSection" value="N.r Hluti"/>.. <STRING id="AI.IniFile.DefaultValue" value="N.r Gildi"/>.. <STRING id="AI.Java.DefaultErrorFile" value="villa.trj.bolur"/>.. <STRING id="AI.Java.DefaultOutputFile" value="framlei.sla.trj.bolur"/>.. <STRING id="AI.Java.DefaultProductName" value=".inn Vara

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_it.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (419), with CRLF line terminators
      Category:dropped
      Size (bytes):187145
      Entropy (8bit):5.196256859222934
      Encrypted:false
      SSDEEP:
      MD5:56DFD69D1155C53CB919356869625489
      SHA1:A6AAF0244F51022EC2396C88161B5C66741EB05B
      SHA-256:265B648260E4EE8866359093ED8920CBB94BC00147EDC5FDAC5AF963120A8B4E
      SHA-512:069701C0722B6AEAC08C6D3681D14DEA13E971A8657B7E23D783C7BEB364A1920E50D6FD2B17F2CB6D69A0E7C27A79E202B441FC78167AB286BE50B2486E8F49
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="it" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="Nuova Cartella"/>.. <STRING id="AI.DuplicateFile.DestName" value="Duplicato %s di %s"/>.. <STRING id="AI.Environment.DefaultName" value="Nuova Variabile"/>.. <STRING id="AI.Feature.DefaultDescription" value="Descrizione"/>.. <STRING id="AI.Feature.DefaultTitle" value="Funzionalit."/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="Gioca"/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="Supporto"/>.. <STRING id="AI.GameUx.DefaultGameDescription" value="Descrizione per [|CurrentGame]."/>.. <STRING id="AI.IniFile.DefaultFileName" value="Nuovo File"/>.. <STRING id="AI.IniFile.DefaultKey" value="Nuova Chiave"/>.. <STRING id="A

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_ja.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
      Category:dropped
      Size (bytes):234573
      Entropy (8bit):5.994640306846146
      Encrypted:false
      SSDEEP:
      MD5:63D3DB32395D34239B5F709C4BE68604
      SHA1:8A5915A422D5B64559F96B237D4CEEF98A49D6D4
      SHA-256:05D6849930165491EA857CD10BA614F5BC6DA6E9F46C9B7F25BC02484BC457E2
      SHA-512:54A26C934EC5D80431447DB9E468683CD73093BAF796FCC68D3AC3D8123C694D324B2348B8B3467B073EAABA62A27AF52A58F56D76F0D7E8ADD2358E9EAA0C69
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="ja" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.AI_GenericProperty.Description" value="................"/>.. <STRING id="AI.AI_GenericProperty.Name" value="Your Application"/>.. <STRING id="AI.Directory.Default32BitName" value="32-bit"/>.. <STRING id="AI.Directory.DefaultDefaultDir" value="......."/>.. <STRING id="AI.DuplicateFile.DestName" value="... %s . %s"/>.. <STRING id="AI.Environment.DefaultName" value="....."/>.. <STRING id="AI.Feature.DefaultDescription" value=".."/>.. <STRING id="AI.Feature.DefaultTitle" value=".."/>.. <STRING id="AI.GameTask.DefaultPlayTaskName" value="..."/>.. <STRING id="AI.GameTask.DefaultSupportTaskName" value="...."/>.. <STRING id="AI.GameUx.DefaultGameDescription"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\dictionaries\ui_kk.ail

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (332), with CRLF line terminators
      Category:dropped
      Size (bytes):90720
      Entropy (8bit):5.725675538362357
      Encrypted:false
      SSDEEP:
      MD5:943A69B50445568409266F5A61887FD0
      SHA1:9D764B4F1720D1A21A4E08EA80EF8D0FD4BEB359
      SHA-256:4BA03C9D1658B36D27258353B9E68C0CCBB23DB4DA4F19BD0E95BBA3B92BBED0
      SHA-512:A9AAB022A310A7C29966C498B2654BB4DC3A3705190763F264915A32ACA72540A5E3D1E717E064F5BAEFC82E0EE85DAC8E699ACE0975E15C2C0EC15E98173F81
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<DICTIONARY type="singlelanguage" lang="kk" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="dictionary.xsd">.. AI defaults -->.. <STRING id="AI.Directory.DefaultDefaultDir" value=".... ....."/>.. <STRING id="AI.DuplicateFile.DestName" value="....... %s - %s"/>.. <STRING id="AI.Environment.DefaultName" value=".... ........"/>.. <STRING id="AI.Feature.DefaultDescription" value="........."/>.. <STRING id="AI.Feature.DefaultTitle" value="........."/>.. <STRING id="AI.IniFile.DefaultFileName" value=".... ...."/>.. <STRING id="AI.IniFile.DefaultKey" value=".... ...."/>.. <STRING id="AI.IniFile.DefaultSection" value=".... ....."/>.. <STRING id="AI.IniFile.DefaultValue" value=".... ..."/>.. <STRING id="AI.Java.DefaultErrorFile" value="error.log"/>.. <STRING id="AI.Java.DefaultOutputFile" value="output.log"/>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.5.1 (web)\.NET Framework 4.5.1 (web).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1342
      Entropy (8bit):5.60002942957851
      Encrypted:false
      SSDEEP:
      MD5:C4A9AFC1401198DBD057748A04790BB7
      SHA1:B764B0DE19C4F0275F45259051D0CBAD3EEAE73D
      SHA-256:98363D94B0A48459B32CBBB41813EB9D2A5DFA6F5FC9A7516CD14A588A7FAB9E
      SHA-512:D5DA5D8B961C09DD3889129C4ED445DE14044EC3823D5E3319D1E87EE6C68BEC427D5F81DD7F4547E6552BCF51500248D4C6995F6BA01EB0E071EC4B1ADE0819
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EDD0228464354F269D1E1FAEB8A9084F" DisplayName=".NET Framework 4.5.1 (web installer)".. SetupFileUrl="http://download.microsoft.com/download/7/4/0/74078A56-A3A1-492D-BBA9-865684B83C1B/NDP451-KB2859818-Web.exe".. Location="1" ExactSize="1021432" MD5="24281f84c5521204e4454207f3becf96".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /norestart".. Operator="1" Options="xy" TargetName=".NET Framework 4.5.1"/>.. <ATTRIBUTE name="GroupName" value=".NET Framework"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchCo

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.5.2 (web)\.NET Framework 4.5.2 (web).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1256
      Entropy (8bit):5.596347895056114
      Encrypted:false
      SSDEEP:
      MD5:B33747183AFAD85A3CB6572F2AADE47A
      SHA1:30F5E9EDF5AF0CE61339027E9126FF4CDBF059B2
      SHA-256:FF63DE04C9A32B98A3E15DA7232B323F582D055C499B6771BDC228E2B831C8B4
      SHA-512:40547206BC34F2890D1755392930E703E01575A7AB4DDFF4618D669843079DFA32BC24129049F2BA426D9A0806144269C48D2579AD13271F39827FD66F4D79C5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E275424811B28D95B40CAB85CC" DisplayName=".NET Framework 4.5.2 (web installer)".. SetupFileUrl="http://download.microsoft.com/download/B/4/1/B4119C11-0423-477B-80EE-7A474314B347/NDP452-KB2901954-Web.exe".. Location="1" ExactSize="1118920" MD5="ca41dba55a727f01104871b160cd5b1d".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /norestart".. Operator="1" Options="xy" TargetName=".NET Framework 4.5.2"/>.. <ATTRIBUTE name="GroupName" value=".NET Framework"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="E275424811B28D95B40CAB85CCRelease" Pr

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.5.2\.NET Framework 4.5.2.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1263
      Entropy (8bit):5.608855263708226
      Encrypted:false
      SSDEEP:
      MD5:E1EC84E895C2EA88D7893F034C54129F
      SHA1:F33264F44205D315715DA0A627DDD20BF00E016D
      SHA-256:5BF21A4BB62FB43B97B859D9CD2CB296772CF0083DF6A4565BF2FD8C4A71A91E
      SHA-512:E317E2CE3BD974CB81B99D2956AECFA605A1E110DD23993D440722224C4F3228CD62ADD229672FE6632113F80F776B2BA18796A04669272817B728B0EE7B6C13
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BE1A492345959ED6A4D5ACBD0EC0" DisplayName=".NET Framework 4.5.2".. SetupFileUrl="http://download.microsoft.com/download/E/2/1/E21644B5-2DF2-47C2-91BD-63C560427900/NDP452-KB2901907-x86-x64-AllOS-ENU.exe".. Location="1" ExactSize="69999448" MD5="ee01fc4110c73a8e5efc7cabda0f5ff7".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /norestart".. Operator="1" Options="xy" TargetName=".NET Framework 4.5.2"/>.. <ATTRIBUTE name="GroupName" value=".NET Framework"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="BE1A492345959ED6A4D5ACBD0EC0Release"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.6 (web)\.NET Framework 4.6 (web).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1437
      Entropy (8bit):5.593885503438677
      Encrypted:false
      SSDEEP:
      MD5:5D3CCB7B15798C91DB1BB6C6189E16EF
      SHA1:BB017C8965AD3E2FAA32E21A2FAAEA3E0D1C3AE8
      SHA-256:BFF2B3105F7DE6F9DCBEE296BF8C4604E081B42925DF50BDC652DDD083FAFA77
      SHA-512:44DCF7B150F9B350870CA07E9BAC17564085581C39887C80FBA9007DF503891F0DC4FC8EC09FECE04D6AC7FCFB96F18AC6AB91D8B61A7D61D30701090FFB1A95
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EEDF697C58FF44AEA12537BBFB266D19" DisplayName=".NET Framework 4.6 (web installer)".. SetupFileUrl="http://download.microsoft.com/download/1/4/A/14A6C422-0D3C-4811-A31F-5EF91A83C368/NDP46-KB3045560-Web.exe".. Location="1" ExactSize="1497400" MD5="58d88886a42aeb5d17e8b232c2697899".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 RTM x86, Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /norestart".. Operator="1" Options="xy" TargetName=".NET Framework 4.6"/>.. <ATTRIBUTE name="GroupName" val

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.6.1 (web)\.NET Framework 4.6.1 (web).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (360), with CRLF line terminators
      Category:dropped
      Size (bytes):1734
      Entropy (8bit):5.466215034589365
      Encrypted:false
      SSDEEP:
      MD5:819DBE2F7AE2291AEFA4576DAD7D8310
      SHA1:214A91616ACAF699CFF263224C3B07C2ABD68B6B
      SHA-256:417CA4FD171F157EEC224C34E73DFA657CE1E36AEBBACFBB523075545A3B1461
      SHA-512:57E7E42A550AFDA5107C6B217F69E0FA33E8579762B27580ACDDFD812E114FE3536F94978F5A6FF8240941B131766933FA559ED61C69B4BCF8F999EC466A260F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BB9062A4604BB61146D7C9AA49D" DisplayName=".NET Framework 4.6.1 (web installer)".. SetupFileUrl="http://download.microsoft.com/download/3/5/9/35980F81-60F4-4DE3-88FC-8F962B97253B/NDP461-KB3102438-Web.exe".. Location="1" ExactSize="1424328" MD5="4d1bb86d0eee168e1da91a36350c1c21".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 version 1511 x86, Windows 10 version 1607 x86, Windows 10 version 1703 x86, Windows 10 version 1709 x86, Windows 10 version 1803 x86, Windows 10 version 1809 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 version 151

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.6.1\.NET Framework 4.6.1.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (360), with CRLF line terminators
      Category:dropped
      Size (bytes):1749
      Entropy (8bit):5.48690281400621
      Encrypted:false
      SSDEEP:
      MD5:D9093CE37B9F897FEC2734D111FCA398
      SHA1:A493BF5D01549C2F3CAC680A234BAB73C936F44B
      SHA-256:C3E14B782331BC4259D606146F9F7E94295FBEBDE038946F2D51BCC1D7F99098
      SHA-512:C0E8D3989042EA640706FFCB28AED9CDD831ECACB17023AE1A6DEFB5D243B0069E9EEE0AD40EAB5C63944211C9E7003FE85C66CD3D4802D44D6D932C6754D082
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FDE9FBF14C64382AEFB5867591829B2" DisplayName=".NET Framework 4.6.1".. SetupFileUrl="http://download.microsoft.com/download/E/4/1/E4173890-A24A-4936-9FC9-AF930FE3FA40/NDP461-KB3102436-x86-x64-AllOS-ENU.exe".. Location="1" ExactSize="67681000" MD5="864056903748706e251fec9f5d887ef9".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 version 1511 x86, Windows 10 version 1607 x86, Windows 10 version 1703 x86, Windows 10 version 1709 x86, Windows 10 version 1803 x86, Windows 10 version 1809 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 version

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.6.2 (web)\.NET Framework 4.6.2 (web).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (331), with CRLF line terminators
      Category:dropped
      Size (bytes):1685
      Entropy (8bit):5.50959665525488
      Encrypted:false
      SSDEEP:
      MD5:20A5020DD92EC69988E53189E077C5F7
      SHA1:5D2B1C2B793F751189524AE761A31B8C36F55F83
      SHA-256:E937969D2B572A049B37DD5AD640F2E9B0D292691A9518602F8DFEDD1CAD9084
      SHA-512:AF860BE0676B39C91D13989E0828F9D3AE7C86601FE0E97AFAD5284AD51651848FFEFC017C46A01F7535252B9DD1152E2A180B05E23E4BEC83C2A3716B8F5C91
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BCB8EE3864A2CAD5BED4782268FBC" DisplayName=".NET Framework 4.6.2 (web installer)".. SetupFileUrl="https://download.microsoft.com/download/D/5/C/D5C98AB0-35CC-45D9-9BA5-B18256BA2AE6/NDP462-KB3151802-Web.exe".. Location="1" ExactSize="1429344" MD5="b5a67867cdce86e09e2625a6fa4d5fea".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 version 1607 x86, Windows 10 version 1703 x86, Windows 10 version 1709 x86, Windows 10 version 1803 x86, Windows 10 version 1809 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 version 1607 x64, Windows 10 version

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.6.2\.NET Framework 4.6.2.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (331), with CRLF line terminators
      Category:dropped
      Size (bytes):1696
      Entropy (8bit):5.5009371914580925
      Encrypted:false
      SSDEEP:
      MD5:736243F2F04BA8B082A102BDB22B0050
      SHA1:C0A993B845FEE25F8443C4246F8FE79BE1D146E1
      SHA-256:6B256276CC2674CAA3F06A681842936D4EA28C28933DAB61C7B23CB3A9F29128
      SHA-512:E924579B5BCD2901793B157A1C5EFB86C9D59595AFDD0D7F9F2A61E21828660B85DD309D81C47D879EECBDAFEF3B3C79838D1222AD781F051526222C8FA9BE31
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E6EF03A03ACB41E28F8D6A76831D390C" DisplayName=".NET Framework 4.6.2".. SetupFileUrl="https://download.microsoft.com/download/F/9/4/F942F07D-F26F-4F30-B4E3-EBD54FABA377/NDP462-KB3151800-x86-x64-AllOS-ENU.exe".. Location="1" ExactSize="62008080" MD5="9a5d647ee710af2b1aede329c40bbe1a".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 version 1607 x86, Windows 10 version 1703 x86, Windows 10 version 1709 x86, Windows 10 version 1803 x86, Windows 10 version 1809 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 version 1607 x64, Windows 10 versio

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.6\.NET Framework 4.6.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1428
      Entropy (8bit):5.5843855359842545
      Encrypted:false
      SSDEEP:
      MD5:060C4E683A869A5A882EDB32E032308B
      SHA1:5E82387E76F643CE848125D7C4DE41FEBFE68F09
      SHA-256:01D1CD32FEF24240B182B9674479C57DA6F6B1AB6B5A63BF75F988D8937CB7A8
      SHA-512:8C08722279444D16EBD5A94CD811558C5A7FFA1DD1EBC30F06A5D0A7B7D9C60E2C9D86A9A9787727B07C86E3001C588162E82EA0C0C794AF8275989B0AC466C3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DC417C6DDE44CDB0139EE138C17B2C" DisplayName=".NET Framework 4.6".. SetupFileUrl="http://download.microsoft.com/download/C/3/A/C3A5200B-D33C-47E9-9D70-2F7C65DAAD94/NDP46-KB3045557-x86-x64-AllOS-ENU.exe".. Location="1" ExactSize="65444688" MD5="88bc05e20114a4506f40c36911de92fa".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 RTM x86, Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /norestart".. Operator="1" Options="xy" TargetName=".NET Framework 4.6"/>.. <ATTRIBUTE name="GroupName" value=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.7 (web)\.NET Framework 4.7 (web).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (365), with CRLF line terminators
      Category:dropped
      Size (bytes):1751
      Entropy (8bit):5.489447307896007
      Encrypted:false
      SSDEEP:
      MD5:40C9FE5C213B337B0FAF7A01D7C1931B
      SHA1:0BAB88D192BBD1B0CB6A25BE6FACB544B47ED1EC
      SHA-256:4A870635C2F63AF317696C5A266C01FB759E79FE3F4B19C15859508D56773254
      SHA-512:3987642A2281A1224217780E47552F966BD0CD2433CEFCFF92EBF3DA319224560BD72287FAEF4F0D498C339E4E57C166F1871D5852D3E9E403C263350B4963E0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A9B0B950E0447D7BBD52C1DF716128D" DisplayName=".NET Framework 4.7 (web installer)".. SetupFileUrl="https://download.microsoft.com/download/A/E/A/AEAE0F3F-96E9-4711-AADA-5E35EF902306/NDP47-KB3186500-Web.exe".. Location="1" ExactSize="1426720" MD5="4faed340218dce4b778f1cd169a802fb".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 version 1507 x86, Windows 10 version 1511 x86, Windows 10 version 1703 x86, Windows 10 version 1709 x86, Windows 10 version 1803 x86, Windows 10 version 1809 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 version 1

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.7.1 (web)\.NET Framework 4.7.1 (web).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (336), with CRLF line terminators
      Category:dropped
      Size (bytes):1686
      Entropy (8bit):5.511942193943808
      Encrypted:false
      SSDEEP:
      MD5:5F0315B710561F976BC29C0EBBF332D3
      SHA1:7557EDC1217DC33995BCF10A7F7130C98EF2992D
      SHA-256:FAD8C1ACEF976F55E64FF49EE529B4CA01A86934FC6C0CC30648110F984C7AE0
      SHA-512:C7DA126899AF354ACB76B729B2D2C7700514A80F487568FB8015B3A90C362C18CA3132864E6B35CBE4EAEAC6D7637ECEF4421B0BB959DA3E069DB2BCB4B708F0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D5734F904894AAF30073527F3FCD" DisplayName=".NET Framework 4.7.1 (web installer)".. SetupFileUrl="https://download.microsoft.com/download/8/E/2/8E2BDDE7-F06E-44CC-A145-56C6B9BBE5DD/NDP471-KB4033344-Web.exe".. Location="1" ExactSize="1434504" MD5="4fb795478a8f346c337a1f84baccc85b".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 version 1507 x86, Windows 10 version 1511 x86, Windows 10 version 1709 x86, Windows 10 version 1803 x86, Windows 10 version 1809 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 version 1507 x64, Windows 10 version 1

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.7.1\.NET Framework 4.7.1.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (336), with CRLF line terminators
      Category:dropped
      Size (bytes):1701
      Entropy (8bit):5.513814735679013
      Encrypted:false
      SSDEEP:
      MD5:9E39D6000E3E198D165E6B9C36BCBAE7
      SHA1:1E2D6B885F93C68807D1C981B3DDA7729FD4081B
      SHA-256:5D81686B9C9BA056A7D9096BAF60E002E38D55AC288E936F164A3A145FEF09EA
      SHA-512:DF903D2C4C127D5C34D4AE109FA15638FEB68124E426B67CA0B533624E9B97B8E22051EBFBF435EEF4A33DAD5D82977EF63C473C1B4855E7E02E2442865C6844
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B8AA522D638C46D9A84AE3AEFBE7A086" DisplayName=".NET Framework 4.7.1".. SetupFileUrl="https://download.microsoft.com/download/9/E/6/9E63300C-0941-4B45-A0EC-0008F96DD480/NDP471-KB4033342-x86-x64-AllOS-ENU.exe".. Location="1" ExactSize="68742112" MD5="660e1a104f209f3cdb55b6d4e9ffa475".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 version 1507 x86, Windows 10 version 1511 x86, Windows 10 version 1709 x86, Windows 10 version 1803 x86, Windows 10 version 1809 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 version 1507 x64, Windows 10 versio

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.7.2 (web)\.NET Framework 4.7.2 (web).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (307), with CRLF line terminators
      Category:dropped
      Size (bytes):1632
      Entropy (8bit):5.520278762954751
      Encrypted:false
      SSDEEP:
      MD5:BCBAD134ADDD3E15D06B8C80CB848474
      SHA1:3D5D4EEE812F6FDA7A03DF2B30DA1073717E2AAE
      SHA-256:CCF522C3631F918C9CE0ADEA17E5F4AE8FF4A6C551B71AB33DEE7417AE600B58
      SHA-512:190DAEB01C048A654F44D095C5A1674496A538619B62E69BA0AEE2ECCACC2EF4E5FF917E64BF5CC6F8EB5C1870157B8452B68B254B303F8A4A782FBE5532851E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C676C2BD547E7A6181C255B343B7A" DisplayName=".NET Framework 4.7.2 (web installer)".. SetupFileUrl="https://download.microsoft.com/download/0/5/C/05C1EC0E-D5EE-463B-BFE3-9311376A6809/NDP472-KB4054531-Web.exe".. Location="1" ExactSize="1432848" MD5="c84209349f18afe5a41ce04e9ae8f487".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 version 1507 x86, Windows 10 version 1511 x86, Windows 10 version 1803 x86, Windows 10 version 1809 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 version 1507 x64, Windows 10 version 1511 x64, Windows 10 version

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.7.2\.NET Framework 4.7.2.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (307), with CRLF line terminators
      Category:dropped
      Size (bytes):1639
      Entropy (8bit):5.527907299391015
      Encrypted:false
      SSDEEP:
      MD5:2086CC466DD22F1444D080123D374830
      SHA1:FA2A3FAC4E32350CB90BDA6CE409EA9F65C2D0C7
      SHA-256:F376589C51707C5AB2DB745E5B43BF91ED2F3100842865142DA4313F6E63328A
      SHA-512:205AA909653A729C71CE16B233C3148C7A8D8A5B09696D84520278FF47E5DC4C85D37866C64F5ABC89B3E57EDC0F1F2012ABC78D321CB5B8827C817D58DF1F17
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A6D7F21EAEB4C4A901F0979CF110936" DisplayName=".NET Framework 4.7.2".. SetupFileUrl="https://download.microsoft.com/download/6/E/4/6E48E8AB-DC00-419E-9704-06DD46E5F81D/NDP472-KB4054530-x86-x64-AllOS-ENU.exe".. Location="1" ExactSize="83943272" MD5="87450cfa175585b23a76bbd7052ee66b".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 version 1507 x86, Windows 10 version 1511 x86, Windows 10 version 1803 x86, Windows 10 version 1809 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 version 1507 x64, Windows 10 version 1511 x64, Windows 10 version

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\.NET Framework 4.7\.NET Framework 4.7.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (365), with CRLF line terminators
      Category:dropped
      Size (bytes):1738
      Entropy (8bit):5.489920120464141
      Encrypted:false
      SSDEEP:
      MD5:342788CBD0852C5A20154DCA342D5BEC
      SHA1:1EC2DE616560224D9213EFF2B9D0AC06AD0B93A0
      SHA-256:0F65B92F86C53766821262BF7850EC5C7F6C0FBDAE98EE8E5B77EBF658107FA3
      SHA-512:04264490F22073C43781F19AD69788BC9C4CFEB0621EC4E6ED2B0751C263219B074DCE7AD16F2EFCA8A0D089B663591A26D5BBE7987B50551F4A5989A4F25343
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C8B23E544BA99E5809B4D984F750" DisplayName=".NET Framework 4.7".. SetupFileUrl="https://download.microsoft.com/download/D/D/3/DD35CC25-6E9C-484B-A746-C5BE0C923290/NDP47-KB3186497-x86-x64-AllOS-ENU.exe".. Location="1" ExactSize="61586744" MD5="b59040e489bff55433508438627d11e6".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 version 1507 x86, Windows 10 version 1511 x86, Windows 10 version 1703 x86, Windows 10 version 1709 x86, Windows 10 version 1803 x86, Windows 10 version 1809 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 version 1507

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\ASP.NET MVC 3 Runtime\ASP.NET MVC 3 Runtime.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1481
      Entropy (8bit):5.597920924337047
      Encrypted:false
      SSDEEP:
      MD5:05D157CC6CD270C09D70E51A99D20CA2
      SHA1:2C24E93273D6A8732991E113E47949D7DC088197
      SHA-256:C9A74CE4D6A67E8D5D5C9B2800351BE12E357C6CE1DC9A199B48D4DA6FBB6461
      SHA-512:DCBE02685A36F8377CFB95683F51000B18334B27BA9A35069711597170E1A4EBDE16EFD7A00C9CAE4AD8DB9134325830CE6E9A3C4151183F15EF207BBD81B657
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F0D1FB2BA7834CE6B6DACDC1F9FAD627" DisplayName="ASP.NET MVC 3 Runtime" VersionMin="3".. SetupFileUrl="http://download.microsoft.com/download/F/3/1/F31EF055-3C46-4E35-AB7B-3261A303A3B6/AspNetMVC3ToolsUpdateSetup.exe".. Location="1" ExactSize="22667104" MD5="7a0ea56e616d7d1e4c87d80b0ca6d1e2".. WinNTVersions="Windows Vista RTM x86".. WinNT64Versions="Windows Vista RTM x64".. NoUiComLine="/q".. Operator="0" Options="f" TargetName="ASP.NET MVC 3 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="F0D1FB2BA7834CE6B6DACDC1F9FAD627InstallPath" Prereq="F0D1FB2BA7834CE6B6DACDC1F9FAD627" SearchType="7".. SearchString="HKLM\SOFTWARE\Mic

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\ASP.NET MVC 4 Runtime\ASP.NET MVC 4 Runtime.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1470
      Entropy (8bit):5.566555762381398
      Encrypted:false
      SSDEEP:
      MD5:3F72983307E6815C28552C4CD26834F6
      SHA1:DAA5433A5824E56FF05D215AEA8CF8210FEF77E2
      SHA-256:7DC4F344C516C4BB6F10939B95862FCF601FCD24B8A55DDBC35AB3B6AE3EFA9C
      SHA-512:D8AFAA3A94AE9196F94F0C521B769E47910FA6AF43E269410C731C6F57CE9D601EA4AA663425258085D86652F7714614CA5144CA8CF472D128A5686B296B52C3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CEA1EA8F997C4428A8F4E9C851020995" DisplayName="ASP.NET MVC 4 Runtime" VersionMin="4".. SetupFileUrl="http://download.microsoft.com/download/2/F/6/2F63CCD8-9288-4CC8-B58C-81D109F8F5A3/AspNetMVC4Setup.exe".. Location="1" ExactSize="37684848" MD5="c71157d9b3a4105b2d3c5a968d0ced0a".. WinNTVersions="Windows Vista RTM x86".. WinNT64Versions="Windows Vista RTM x64".. NoUiComLine="/q".. Operator="0" Options="f" TargetName="ASP.NET MVC 4 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="CEA1EA8F997C4428A8F4E9C851020995InstallPath" Prereq="CEA1EA8F997C4428A8F4E9C851020995" SearchType="7".. SearchString="HKLM\SOFTWARE\Microsoft\ASP.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Access 2007 Runtime\Access 2007 Runtime.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1048
      Entropy (8bit):5.607393760734946
      Encrypted:false
      SSDEEP:
      MD5:6E0F021310AF7FF4F0E10B0B20C89042
      SHA1:9440D8DDD4152D679A1D03825B781D02B8C2CFFC
      SHA-256:78ABE2DEB341EE0FBB561A7703649D0B0328330C644EC690B876F57527D840E0
      SHA-512:FE12A4D9F0580AC0934DF8D413EE374813DBDBEA6D938D2CF07A89A39650AB2D88ECEA798A54014EC266CCDC5C742712115BD4FA05F017F92E412462DCC906E1
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F2DE1_E21C_494A_B2EE_4D8397D05ECD" DisplayName="Access 2007 Runtime" VersionMin="12.0".. SetupFileUrl="http://download.microsoft.com/download/D/2/A/D2A2FC8B-0447-491C-A5EF-E8AA3A74FB98/AccessRuntime.exe".. Location="1" ExactSize="58937448" MD5="f448b8b0d41b867fa0491df96bfe624d".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="Access 2007 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="F2DE1_E21C_494A_B2EE_4D8397D05ECDPath" Prereq="F2DE1_E21C_494A_B2EE_4D8397D05ECD" SearchType="7".. SearchString="HKLM\SOFTWARE\Microsoft\Office\12.0\Access\InstallRoot\Path".. Order="1" Property="PreReqSearch_F2DE1_E21C_494A_B2E

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Access 2010 Runtime x64 (update to SP2)\Access 2010 Runtime x64 (update to SP2).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1330
      Entropy (8bit):5.608964354556205
      Encrypted:false
      SSDEEP:
      MD5:A99055E3B68546577C8EE0C1DC0D17A9
      SHA1:63D76BF9158095A378D4939A604E6C93FF7A52E2
      SHA-256:F705D1DD1550088C25F517C2C55EA8D87772E7AEA29484D35790DCB038B68E88
      SHA-512:D28861F47E80BC8ABE46881BC78DED0A0A3B6472638ADBA6B76645393460E1B6708EA28D4062DFC911221593F24B840CE8C580476FC6BECDF60E15907C7A2BA8
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A1B4674CE33424C9F4B02E6FE0F7AD1" DisplayName="Access 2010 Runtime x64 (update to SP2)" VersionMin="14.0".. SetupFileUrl="http://download.microsoft.com/download/9/5/8/958881D9-568C-4333-A5AA-582D7B7F9B19/accessrtsp2010-kb2687444-fullfile-x64-en-us.exe".. Location="1" ExactSize="118332328" MD5="a1e1e7e17f8742edd07743d31f36a91f".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="Access 2010 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Access 2010 Runtime x64\Access 2010 Runtime x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1259
      Entropy (8bit):5.605249323997603
      Encrypted:false
      SSDEEP:
      MD5:62EAD03565E857CB039878FD3B0FE30B
      SHA1:673CCC2CFEB3903F99A636FBE9620302BA3B39D5
      SHA-256:4BDE441BDC1BAB8F3A0EB840AFD7E74F3B2F2CB5F8F3280BFB3DEA850B5DF520
      SHA-512:06406FE765350A4DDEE170D4A3030A41375ECA10E53971B290D508138C098C96A4765D975DEEC99670E8FDF3B215555217DDF3BB8DC13D4AA7313980E62E2068
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="AADF76A73A834015B7EA4683057D198E" DisplayName="Access 2010 Runtime x64" VersionMin="14.0".. SetupFileUrl="http://download.microsoft.com/download/2/6/0/260AA63A-A275-4A92-950D-CE20B490D0B9/AccessRuntime_X64.exe".. Location="1" ExactSize="222692848" MD5="beb5ed579714ed50d69c7fa2b29e4f64".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="Access 2010 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="AADF76A73A834015B7EA4683

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Access 2010 Runtime x86 (update to SP2)\Access 2010 Runtime x86 (update to SP2).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1267
      Entropy (8bit):5.575677838691179
      Encrypted:false
      SSDEEP:
      MD5:962A2E497F1AED3C0501163B74FE2A83
      SHA1:334581BF7EE8BC23EA21F38A27996C139991D07F
      SHA-256:99275ECB8F359531BE5ACC1AE81A2AE561B1651226F74C83EEAF205601BC2846
      SHA-512:44DC0DDA4E0A7FF069DAED1D2C0B5E8B1407AECDA91817921E49942B33AF9DBF4698A6BA7DF5E80092D8BF943525D6FBDF69B71735D2ED90DE2EFEE3C5E99D89
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E9E27973C9CE4AFE98FE8F72969CFCEC" DisplayName="Access 2010 Runtime x86 (update to SP2)" VersionMin="14.0".. SetupFileUrl="http://download.microsoft.com/download/C/C/2/CC28BC00-1AF0-44B9-8A5D-9D8C8E4899BB/accessrtsp2010-kb2687444-fullfile-x86-en-us.exe".. Location="1" ExactSize="88749456" MD5="18bde4f087af79133ef78a683822a78c".. WinNTVersions="Windows Vista RTM x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="Access 2010 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="E9E27973C9CE4AFE98FE8F72969CFCECMSACCESS.EXE" P

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Access 2010 Runtime x86\Access 2010 Runtime x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1199
      Entropy (8bit):5.6065889101058
      Encrypted:false
      SSDEEP:
      MD5:FA0D22367E3FAA5A917C7D0C06FE406C
      SHA1:2837FD585002B8DE3AA4F0A24DDC44AD0294EB6F
      SHA-256:3737E130DD41E995B8D92A2F1F8C71E5E5C2B8F2583E1E34C0B54C60D4DD0B77
      SHA-512:5D2B6897E5E26782F729F870E81C04F1729495FB4D920934BF3C596919FF02F5D8F7DF9BC4DD900B3783A554B2C12F94EFBA3CBE2BE0492DD7FF9546A996CF4F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F2842C_AFCA_4595_B5B6_0C9C1614D210" DisplayName="Access 2010 Runtime x86" VersionMin="14.0".. SetupFileUrl="http://download.microsoft.com/download/2/6/0/260AA63A-A275-4A92-950D-CE20B490D0B9/AccessRuntime.exe".. Location="1" ExactSize="183989280" MD5="3582736fbacada5b175bc4dfbcd3870f".. WinNTVersions="Windows Vista RTM x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="Access 2010 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="F2842C_AFCA_4595_B5B6_0C9C1614D210Path" Prereq="F2842C_AFCA_4595_B5B6_0C9C1614D210" Search

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Access 2013 SP1 Runtime x64\Access 2013 SP1 Runtime x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1319
      Entropy (8bit):5.614790843072689
      Encrypted:false
      SSDEEP:
      MD5:EC3FB12DCE7354FE66176CCC0B58CB6E
      SHA1:5B73B40E238F9D39B2AA55B6C15AFCC66F2BA645
      SHA-256:2C9358E369112481B4C72208AE1F0C4A94134A43ADEDA0B3EA56C63CE66EEAE1
      SHA-512:676D0830C60FF0E613B74C80C84B2C456679D94B21ED113AF3BFD648D5EB1DFF21C2CB43859CDF1241817F3DE8D6C0A24BA18EB806425AF8AA301A4529D74D67
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BF8BEBF91F3460BB7216B4742B9ADDF" DisplayName="Access 2013 SP1 Runtime x64" VersionMin="15.0".. SetupFileUrl="http://download.microsoft.com/download/5/E/A/5EA6017B-E7FE-40CA-8C3E-57387259F3BF/AccessRuntime_x64_en-us.exe".. Location="1" ExactSize="298473328" MD5="b12f8a55f1b530013e25b65269a5934d".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="Access 2013 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW Searc

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Access 2013 SP1 Runtime x86\Access 2013 SP1 Runtime x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1282
      Entropy (8bit):5.58770182026421
      Encrypted:false
      SSDEEP:
      MD5:3008E82D5EB18A48BE58D332BF316F97
      SHA1:50A22D151C9C0E861AB70493BDA2C7241F51287C
      SHA-256:59AF4AD2322A582A02B30A521D1838FE9BC0935DBF9A1E8948F5E8CED9E6C58A
      SHA-512:673FAC459F6B12848C470391891B820F4464A9D299B37765DC78C8D00C8E4E8C93DD6C1C460A86A5FAD2DE83CA834083BBF15606B95CEDF390B2F90D7A082FA6
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FF3F8247D7A0545748E23D457C" DisplayName="Access 2013 SP1 Runtime x86" VersionMin="15.0".. SetupFileUrl="http://download.microsoft.com/download/5/E/A/5EA6017B-E7FE-40CA-8C3E-57387259F3BF/AccessRuntime_x86_en-us.exe".. Location="1" ExactSize="222613240" MD5="95336c61b17c1c57cb9459f0dbcba1e1".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="Access 2013 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="FF3F8247D7A054

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Access 2016 Runtime x64\Access 2016 Runtime x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1330
      Entropy (8bit):5.6006444467091
      Encrypted:false
      SSDEEP:
      MD5:8B06A2A737DC678C90FF3698A965DE4A
      SHA1:D1CBA95D4E33C04498A18CD96E77BDA6027C76EF
      SHA-256:F8A83CF657E4E0583A4E00BD6EFE70777EE9AE5544B82E8F6592595F12E4DD48
      SHA-512:91C8B8B7930BAA92A8105B9A688955D5D23137328538F9582D232E8106961746DC24726D8014F46214FF26473FF329BB56EFCD6625ECB842661C107876008225
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DD8039D5C8624415BF192D98EE82CBCB" DisplayName="Access 2016 Runtime x64" VersionMin="16.0".. SetupFileUrl="https://download.microsoft.com/download/D/B/D/DBD20EF9-A945-4768-AEB0-617BCEA2214A/accessruntime_4288-1001_x64_en-us.exe".. Location="1" ExactSize="330879104" MD5="45ed1730e98572f312d1642cc9c53b25".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="Access 2016 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <R

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Access 2016 Runtime x86\Access 2016 Runtime x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1313
      Entropy (8bit):5.590113906401915
      Encrypted:false
      SSDEEP:
      MD5:6E665610BDF49F5BD0EB65883CDAF5D3
      SHA1:C2019BF5895F593EC58BF3D7BD13C41FA8B96C41
      SHA-256:97162F2D425AA8970E1F86347BD535DF6F59BE422F8C46EFB754BDED4FEE95F5
      SHA-512:5C2561079194181375D5CDB0B217ED9EF940B84FC04C59B6676C75F283FD505F16E4E97990427FF12846ABC5DBFC9E0405E82A2EB3BDCC0F9B9A45B81A18B475
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A8967625D0944C218331E6B62B2A164E" DisplayName="Access 2016 Runtime x86" VersionMin="16.0".. SetupFileUrl="https://download.microsoft.com/download/D/B/D/DBD20EF9-A945-4768-AEB0-617BCEA2214A/accessruntime_4288-1001_x86_en-us.exe".. Location="1" ExactSize="247976464" MD5="3c57bb889394df89a2e42d5193af9b14".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="Access 2016 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="A

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Adobe AIR\Adobe AIR.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1019
      Entropy (8bit):5.535407295377119
      Encrypted:false
      SSDEEP:
      MD5:F72D3E4D101D24A6F70886C639D172D1
      SHA1:CAF78FD4C228228050312A7AE50329014FBA2361
      SHA-256:6103AE75B84E71BE7BBDEE1371EA28CBA198AD6653800F03A96F842DD0E165FE
      SHA-512:EB9932CD50B3769E042E51779E8DD2F9FDB864F5CC33852B351E2875CA965766FAFDE1597F8524DF39C9CA7AC2D93E2F97D80DD41A1D9AFB5CA072AC1031BF76
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BC59E81E2ED4810B71F06DEA5C3A309" DisplayName="Adobe AIR 21" VersionMin="21.0".. SetupFileUrl="http://airdownload.adobe.com/air/win/download/21.0/AdobeAIRInstaller.exe".. Location="1" ExactSize="0".. NoUiComLine="-silent".. Operator="1" Options="f" TargetName="Adobe AIR?AdobeAIRInstaller_21_0_0_215.exe"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="BC59E81E2ED4810B71F06DEA5C3A309AdobeAIR.dll" Prereq="BC59E81E2ED4810B71F06DEA5C3A309" SearchType="0".. SearchString="[CommonFilesFolder]Adobe AIR\Versions\1.0\Adobe AIR.dll" VerMin="21.0.0.215".. Order="1" Property="PreReqSearch_BC59E81E2ED4810B71F06DEA5C3A309"/>.. </COMPON

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Adobe Reader 08\Adobe Reader 08.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1037
      Entropy (8bit):5.57139981744885
      Encrypted:false
      SSDEEP:
      MD5:B4E2AB52B24C19742E647AE657B49E79
      SHA1:3ED57D1715DF4AD96F26710431E9F4226F365EE2
      SHA-256:37D94D86890A3BA1C9FB99FEC92084D17B3A69DAC406478FD234D93FCDF99FB0
      SHA-512:C65F601B5E38E4805291AB5E7C2B313B316783774EB2B6126B76A1CF349653195FB7F68569973F96D147C83572F1ABD2D521C64DBF2E015D705A515A1A3DF684
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EBA7F9_8C84_48DF_9F82_451CAB3EDDDE" DisplayName="Adobe Reader 8" VersionMin="8.3".. SetupFileUrl="http://ardownload.adobe.com/pub/adobe/reader/win/8.x/8.3.0/en_US/AdbeRdr830_en_US.msi".. Location="1" ExactSize="35445760" MD5="76e0f38f830ab74d76390c7d88a69c81".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="Adobe Reader"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="EBA7F9_8C84_48DF_9F82_451CAB3EDDDEUpgradeCode" Prereq="EBA7F9_8C84_48DF_9F82_451CAB3EDDDE" SearchType="4".. SearchString="{A6EADE66-0000-0000-484E-7E8A45000000}" VerMin="8.3.0".. Order="1" Property="PreReqSearch_EBA7F9_8C84_48DF_9F82_451CAB3ED

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Adobe Reader 09\Adobe Reader 09.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1032
      Entropy (8bit):5.57821991338374
      Encrypted:false
      SSDEEP:
      MD5:BBE79490EAAFC8F9365B76591112FB9F
      SHA1:57EC45E8B2444BDD0EACF33FEEB7AE5EE1B43EB2
      SHA-256:C03A176A3A07F180389498E0F0C51E46E5060E1D23662B7E0FCD48B42D52EBB2
      SHA-512:309CF1B6F80DE40FD7FBF0D42A908FF8E96D500663E0B9BFA8853A6608041CACD09CCD252E6EC0DAC3074CEF86CDA5B4DBD40FA65B8AFB314016442F8C284AC0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="ABA35_7270_46F8_8F6D_37F12D7D9D71" DisplayName="Adobe Reader 9" VersionMin="9.5".. SetupFileUrl="http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.5.0/en_US/AdbeRdr950_en_US.exe".. Location="1" ExactSize="33560984" MD5="ebd8758eb2b721cf8d07dfbeaa9bef7c".. NoUiComLine="/sAll".. Operator="1" Options="f" TargetName="Adobe Reader"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="ABA35_7270_46F8_8F6D_37F12D7D9D71UpgradeCode" Prereq="ABA35_7270_46F8_8F6D_37F12D7D9D71" SearchType="4".. SearchString="{A6EADE66-0000-0000-484E-7E8A45000000}" VerMin="9.5.0".. Order="1" Property="PreReqSearch_ABA35_7270_46F8_8F6D_37F12D7D9D71"/

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Adobe Reader 10\Adobe Reader 10.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1045
      Entropy (8bit):5.585212341528333
      Encrypted:false
      SSDEEP:
      MD5:CE3A3007D93160B466F5F13388A14475
      SHA1:3358B30EB9D0D9FAE893ACBB519DD5739641ECD6
      SHA-256:33CF80875002A58750A66D38C708B66FBFAEBC2B719C6F12958D3C57108E9911
      SHA-512:48C46E42E71127305AF0BE42A95B886AA275D7D27A7548AA70A2AD1D0C3EEA291BC29C4CCD0FA9BD0FBB257A3E7BF888E6708810C424661B839581D89260ABBC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F5C72B1_F637_4F96_9D73_65A4C14F2022" DisplayName="Adobe Reader X" VersionMin="10.1".. SetupFileUrl="http://ardownload.adobe.com/pub/adobe/reader/win/10.x/10.1.4/en_US/AdbeRdr1014_en_US.exe".. Location="1" ExactSize="50844096" MD5="b5516233ac8eb5d0e8faff582138a455".. NoUiComLine="/sAll".. Operator="1" Options="f" TargetName="Adobe Reader"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="F5C72B1_F637_4F96_9D73_65A4C14F2022UpgradeCode" Prereq="F5C72B1_F637_4F96_9D73_65A4C14F2022" SearchType="4".. SearchString="{A6EADE66-0000-0000-484E-7E8A45000000}" VerMin="10.1.4".. Order="1" Property="PreReqSearch_F5C72B1_F637_4F96_9D73_6

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Adobe Reader 11\Adobe Reader 11.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1025
      Entropy (8bit):5.561260940981352
      Encrypted:false
      SSDEEP:
      MD5:FA51098F2B22BADE959A087099C8B146
      SHA1:1F3798941E0541EDBEFB417CDA7477B13748802A
      SHA-256:785D835DF371E8AAD46D347E1A8D90F0E7592D217D711B34A8418BF6EF534378
      SHA-512:D6212008F98143D068CBC4181693ECE4D913633A07A41572F5FA0E60EAFB6326CA6948D5041CB50C8E031BD0465A13DC68695C1E5D28934D5DF6098012619F30
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C046B66AD422FACB3E9EFCC48928A" DisplayName="Adobe Reader XI" VersionMin="11.0".. SetupFileUrl="http://ardownload.adobe.com/pub/adobe/reader/win/11.x/11.0.10/en_US/AdbeRdr11010_en_US.exe".. Location="1" ExactSize="75858112" MD5="31688efbc3b9c99914a5bb7fb58aec9e".. NoUiComLine="/sAll".. Operator="1" Options="f" TargetName="Adobe Reader"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="C046B66AD422FACB3E9EFCC48928AUpgradeCode" Prereq="C046B66AD422FACB3E9EFCC48928A" SearchType="4".. SearchString="{A6EADE66-0000-0000-484E-7E8A45000000}" VerMin="11.0.10".. Order="1" Property="PreReqSearch_C046B66AD422FACB3E9EFCC48928A"/>.. </

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Apache Tomcat 7.0\Apache Tomcat 7.0.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1022
      Entropy (8bit):5.525039583612533
      Encrypted:false
      SSDEEP:
      MD5:085C53EE1344DD53AC5D1D6C85916E09
      SHA1:D6B8DDE879D487D81A0926CCF993854E7CDFB095
      SHA-256:2B0971D545E01984B7E436CA16D61ADB8D6589287B469FC0B30E80393B60D774
      SHA-512:C9A0DF48AA0EFB69547C57E35F68647F0360143C597328C00742FFBBB13281CA83764DC32E95E838C93D4E4C8AE5D9BC31803ED108212324CCA30BDE1855C45C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.8" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D3B7B8FB475E8EED0D9EE3DEB3DC" DisplayName="Apache Tomcat 7.0.93" VersionMin="7.0".. SetupFileUrl="http://www.us.apache.org/dist/tomcat/tomcat-7/v7.0.93/bin/apache-tomcat-7.0.93.exe".. Location="1" ExactSize="9883180" MD5="207eb0f184d9e89172503b6a5d1479c5".. NoUiComLine="/S".. Operator="1" Options="xf" TargetName="Apache Tomcat"/>.. <ATTRIBUTE name="GroupName" value="Web Server"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="D3B7B8FB475E8EED0D9EE3DEB3DCVersion" Prereq="D3B7B8FB475E8EED0D9EE3DEB3DC" SearchType="2".. SearchString="HKLM\SOFTWARE\Apache Software Foundation\Tomcat\7.0\Tomcat7\Version" VerMin="7.0.93".. Order="1" Property="PreReqSearch_D3B7B8FB475E8EED0D9EE3DEB3DC"/>.. </COM

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Apache Tomcat 8.5\Apache Tomcat 8.5.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1267
      Entropy (8bit):5.54397564940838
      Encrypted:false
      SSDEEP:
      MD5:83D0398D69C674CC4B91FCD9AC82E20C
      SHA1:E03EAA8EACC0A101AA135A79AC828C03CBA14C5B
      SHA-256:DA940ECE57016C13AE779179FB4E5C02ADE3096E32CEF36C6474EE40B31A53E2
      SHA-512:A33253EE37629EBB498C9A7F6798CBB4BF949E2C5C4C69F8F40CE6B7C2CAA3B4D6DAAA328B60F592435B8B42CAD550D699B29CE9D4033C4802EEC01B64CF0569
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.8" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DEF4A06AD54FF1ADA49CD913E03F82" DisplayName="Apache Tomcat 8.5.38" VersionMin="8.5".. SetupFileUrl="http://www.us.apache.org/dist/tomcat/tomcat-8/v8.5.38/bin/apache-tomcat-8.5.38.exe".. Location="1" ExactSize="10499408" MD5="a573c3c26cf7243c8b8606fe5fdfa6ad".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. NoUiComLine="/S".. Operator="1" Options="xf" TargetName="Apache Tomcat"/>.. <ATTRIBUTE name="GroupName" value="Web Server"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="DEF4A06AD54FF1ADA49CD913E03F82Version

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Apache Tomcat 9.0\Apache Tomcat 9.0.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1271
      Entropy (8bit):5.542905637846122
      Encrypted:false
      SSDEEP:
      MD5:8C0AEFCC72C9EF681E54FCBFF6FDAE8C
      SHA1:1D187A9E2B252969AF7DA63A4F3E747BA589E15B
      SHA-256:5AA8647F4B9BAAB077205FAA37374A6781D8D2FB2F40ACB8630F1D0B18C763D1
      SHA-512:EEA5FE8E68D73103059AF78D669E6283F7CD83BDF99046319BF7AC22F015C51DAC5C2A4C11D3C7927EFA57FD1C323AA9FB27C5F9F567B3DE36962746C40F4D82
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.8" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C16615717EF460EA0847BF18A643E82" DisplayName="Apache Tomcat 9.0.16" VersionMin="9.0".. SetupFileUrl="http://www.us.apache.org/dist/tomcat/tomcat-9/v9.0.16/bin/apache-tomcat-9.0.16.exe".. Location="1" ExactSize="11622336" MD5="410b7a8057bed3a2e42523567017fbdb".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. NoUiComLine="/S".. Operator="1" Options="xf" TargetName="Apache Tomcat"/>.. <ATTRIBUTE name="GroupName" value="Web Server"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="C16615717EF460EA0847BF18A643E82Versi

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\DirectX 11.0 Runtime x64\DirectX 11.0 Runtime x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1456
      Entropy (8bit):5.5456656812647775
      Encrypted:false
      SSDEEP:
      MD5:544D0618B07AE99B514D2210EB160679
      SHA1:41FACCD0E3936CC525A685060BBD965D835AB4AC
      SHA-256:271DCB4847F3A5C409D76831E6E1ED5F9F939352CEDB532AB1034005866AC474
      SHA-512:C1E1287002C0057EFB584FB1446E1D6DF2429A3A8949613F26374D77F95E5F39DC19D36543EA809CDA11D16988615EC226B8CA0BFDCA0682B4C339A8AC04AECC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B6FBF6979285455486B7C8B4E3AEC51C" DisplayName="DirectX 11.0 Runtime x64" VersionMin="11.0".. SetupFileUrl="http://download.microsoft.com/download/8/8/8/8880BE12-D67C-47AE-A6CD-4A532A48EAB8/Windows6.0-KB971512-x64.msu".. Location="1" ExactSize="9848595" MD5="de9e22c4d3f6700a5641d580d2dd308a".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="DirectX 11.0 Runtim

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\DirectX 11.0 Runtime x86\DirectX 11.0 Runtime x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1332
      Entropy (8bit):5.556864823576313
      Encrypted:false
      SSDEEP:
      MD5:DCDCD0017E7BC5330FE2B48BD77D83F3
      SHA1:2FCBCBAB6EE06C7495DDCBCBCD6A88E08A153714
      SHA-256:BE24422FA36A319CB2994E0FAF32918D060C13E3F8FBB3E8FB75C0E26AC7B9C0
      SHA-512:2730C41BBB3151130716EF0BDE8A2E6FF6EFEFC49EE99E98E47A82C7A92C636B788DF6236C08BA76EDDED2B2635CA3C99886AC40C6BEAA8D2475F85E04369511
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F3097F60DB4E63B60D0F782528F486" DisplayName="DirectX 11.0 Runtime x86" VersionMin="11.0".. SetupFileUrl="http://download.microsoft.com/download/B/A/F/BAF2D238-529A-4C54-AD31-BAFFE001F91E/Windows6.0-KB971512-x86.msu".. Location="1" ExactSize="4814058" MD5="d99c457d2d15a4d5fab4ea55b818e631".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="DirectX 11.0 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Games"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msi

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\DirectX 11.1 Runtime x64\DirectX 11.1 Runtime x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1436
      Entropy (8bit):5.524693665066491
      Encrypted:false
      SSDEEP:
      MD5:B3711DC19EEF71B587F681A3CF1765D8
      SHA1:AB862E96C9C817D2C6386FBD269915D15EA56995
      SHA-256:F456EA44CFA821D5857DB84358100DF92438D87EE14E2920D812398548BF7740
      SHA-512:86C4957628203B95C03A6F6897D69AB317B58FAF4C908E6CB94178978215FE2EBBF652D217B62315E1AE0FDFE8C1F2705F4E4945901CB78D6DE8F50DAC5AE937
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E7D2E49499A10B9A7ECB13006" DisplayName="DirectX 11.1 Runtime x64" VersionMin="11.1".. SetupFileUrl="http://download.microsoft.com/download/1/4/9/14936FE9-4D16-4019-A093-5E00182609EB/Windows6.1-KB2670838-x64.msu".. Location="1" ExactSize="11840839" MD5="b8481b87445afae01ae3a1aeb116f05c".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="DirectX 11.1 Runti

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\DirectX 11.1 Runtime x86\DirectX 11.1 Runtime x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1343
      Entropy (8bit):5.559053316543201
      Encrypted:false
      SSDEEP:
      MD5:CB9F09141587D6C12E2D9A1611C9C3C0
      SHA1:75D0035502E5E51E29AC04E5EA4786B3334131C1
      SHA-256:DB2FA36F0B6E6E4870036062B5BFE1FFE597EC22AD797BB00853E08252C15258
      SHA-512:A456C4F2D0881A904FC8B773762228E0433AEAA7A53545C740A280607243CE7A51BD043BF2A20A38EB9F1FCF2CCBC635CE01447E3D48244D2BA83C4EF736D673
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B8B288DDC9A1447F9982AA999738B9E3" DisplayName="DirectX 11.1 Runtime x86" VersionMin="11.1".. SetupFileUrl="http://download.microsoft.com/download/1/4/9/14936FE9-4D16-4019-A093-5E00182609EB/Windows6.1-KB2670838-x86.msu".. Location="1" ExactSize="5911327" MD5="ffed3f8c07a6f73ef5e6aab6d19a7475".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="DirectX 11.1 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Games"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advins

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\GFWM Client\GFWM Client.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1075
      Entropy (8bit):5.572521190805264
      Encrypted:false
      SSDEEP:
      MD5:253C17EB6971EA5BC9E1CDD0289F0054
      SHA1:BBD90CAE7DFB007CAF4465481D7200EA88842830
      SHA-256:A682FC6E1EFB62AE66CD03EAEDDE303B06BD8561AA0284F24F2DF950C5CB0924
      SHA-512:B1D487DF67FD7BBD9614054D372CC1846E2133A9E48E190DE2335E166FFC720C8E6DCECB370AF694803B25941A971C242621078E291E66DDAB04346713548478
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D0D4C58C7F84C3EBF7D16463129B492" DisplayName="Games for Windows Marketplace Client" VersionMin="3.5".. SetupFileUrl="http://download.gfwl.xboxlive.com/content/gfwl-public/redists/production/gfwlivesetup.exe".. Location="1" ExactSize="642712" MD5="0e20d50b6ad6229520911b203deeef36".. Operator="1" Options="y" TargetName="Games for Windows Marketplace Client"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Games"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="D0D4C58C7F84C3EBF7D16463129B492GFWLClient.exe" Prereq="D0D4C58C7F84C3EBF7D16463129B492" SearchType="0".. SearchString="[ProgramFilesFolder]Microsoft Games for Windows - LIVE\Client\GFWLClient.exe" VerMin="3.5.67".. Order="1" Property="Pre

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\IIS Express 8.0 x64\IIS Express 8.0 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1234
      Entropy (8bit):5.601826428434217
      Encrypted:false
      SSDEEP:
      MD5:59E3E38AFD4B93BE99F78A4987975D18
      SHA1:67F6FCA20F7AF393BD79F0A9282A701A58E366E7
      SHA-256:290CCDDD83E4F02A3CC1B700D302BA75D93552094B6E7A1F9C63C3E59C780380
      SHA-512:F6AAD18548EB32F88FD3CCD204EE7241ECC8B98389F39BD5643EFC6A50E6A90A5F2818F235E5473CEA9246E3A224A74FBC5FEEE1D7ECA0CBCCBEE0F4AC0FA236
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BCF262C2C6C42B5BF1CEBF790F55C07" DisplayName="IIS Express 8.0 x64" VersionMin="8.0".. SetupFileUrl="http://download.microsoft.com/download/1/6/3/163BBBDE-5523-416D-A293-EA0492020E4A/iisexpress_8_0_RTM_x64_en-US.msi".. Location="1" ExactSize="6635520" MD5="2473bb5146e3317a616011c636549db6".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="IIS Express 8.0"/>.. <ATTRIBUTE name="GroupName" value="Web Server"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="BCF262C2C6C42B5BF1CEBF790F55C07Version" Prereq="BCF262

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\IIS Express 8.0 x86\IIS Express 8.0 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1207
      Entropy (8bit):5.579872125435737
      Encrypted:false
      SSDEEP:
      MD5:9E6AF34C987D270CD8EB69B54BE2CC81
      SHA1:46409BADB2337EA1C969D4DAEDF16A895D24BF23
      SHA-256:761497B5CFBB1612BD32DC47D44AC3798CF18EB0B5A338C2FA57D60305329584
      SHA-512:B5DF25F701F2106F5A7135627AC9EEEB08B469B9AFAC44C0299947EEF8157A1B243C8099811D8267912E738C16006CD2C8D0C75CD0E39F3502AF2CE2C6989F67
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="AF52A69643F0949CE5A964EA8049" DisplayName="IIS Express 8.0 x86" VersionMin="8.0".. SetupFileUrl="http://download.microsoft.com/download/1/6/3/163BBBDE-5523-416D-A293-EA0492020E4A/iisexpress_8_0_RTM_x86_en-US.msi".. Location="1" ExactSize="4603904" MD5="292e59671cc44f93e6e7adfe46bb943c".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="IIS Express 8.0"/>.. <ATTRIBUTE name="GroupName" value="Web Server"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="AF52A69643F0949CE5A964EA8049Version" Prereq="AF52A69643F0949CE5A964EA804

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\IIS URL Rewrite 2.0 x64\IIS URL Rewrite 2.0 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1272
      Entropy (8bit):5.6128265604961545
      Encrypted:false
      SSDEEP:
      MD5:BA32C46F7100974CAA5D28E99810F437
      SHA1:ADB0B44CC183A410E9776E4D6B50E68DA7372D16
      SHA-256:E116FFE45CD6AE9E12EA4C7479054272C370D692E5396624BFDFF3D505C931BA
      SHA-512:42B023966679795DD362D5AAF95FBB09185BA8E548CDEC629E587F332969008AD27569A04C87E34DEC4C8D744DF786D906F1CAAE5227EF2711AF659105863CE1
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FFBA4953D1946D0B83D746165C18839" DisplayName="IIS URL Rewrite 2.0 x64" VersionMin="7.2.2".. SetupFileUrl="http://download.microsoft.com/download/6/7/D/67D80164-7DD0-48AF-86E3-DE7A182D6815/rewrite_2.0_rtw_x64.msi".. Location="1" ExactSize="6421504" MD5="c787d79b2d1a7b732ba325873e916f73".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="IIS URL Rewrite 2.0"/>.. <ATTRIBUTE name="GroupName" value="Web Server"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="FFBA4953D1946D0B83D746165C1883

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\IIS URL Rewrite 2.0 x86\IIS URL Rewrite 2.0 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1245
      Entropy (8bit):5.5823359596013455
      Encrypted:false
      SSDEEP:
      MD5:FB45AC24F098CF075585A2780D6102A4
      SHA1:A9139B56BD0EEFC4E3B9A4F6702DA3359BB771B1
      SHA-256:235B788F1E6D35370674140857B8E46CE693575760439264DE103F640E1DC82B
      SHA-512:2000710CAFAC3003657D45B012CE9FF59E2F97C5BEADBA741BB20E1F3C4DD87F054941DDAB0FEEE503766E91574D7AB63CDB76D1A44204698F53C6239D0F370F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B7D2BC8B4C029CCD2536FB643F48" DisplayName="IIS URL Rewrite 2.0 x86" VersionMin="7.2.2".. SetupFileUrl="http://download.microsoft.com/download/6/9/C/69C1195A-123E-4BE8-8EDF-371CDCA4EC6C/rewrite_2.0_rtw_x86.msi".. Location="1" ExactSize="5693440" MD5="a2366c32eadaf8a46dc6358ec004f886".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="IIS URL Rewrite 2.0"/>.. <ATTRIBUTE name="GroupName" value="Web Server"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B7D2BC8B4C029CCD2536FB643F48Version" Prereq="B7D

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\IIS Web Deploy 3.5 x64\IIS Web Deploy 3.5 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1221
      Entropy (8bit):5.608702173736943
      Encrypted:false
      SSDEEP:
      MD5:BD9FAB87A43E6179A14B2EC76782B5BD
      SHA1:130A774885B8EBFB45EE40C74BAAB26C054B89C3
      SHA-256:465259986D1CFAC8DFF00932B3249DC7E2242CBA07C5081E45E1676464BC586C
      SHA-512:4FDD6CE5D83BA6DE991EA5FCE2EF01947079DE7A8681E34CF4B14FA8E415A4F91A62FE5490FE0BEDE7A75A679FAED665A3665F65959AC29B794533022A3E91FE
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B509B920457D9352C09A70855B5F" DisplayName="IIS Web Deploy 3.5 x64" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/D/4/4/D446D154-2232-49A1-9D64-F5A9429913A4/WebDeploy_amd64_en-US.msi".. Location="1" ExactSize="6139904" MD5="024ec4ee9708585ac1b6b0cf55fd0946".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista RTM x64".. NoUiComLine="/quiet ADDLOCAL=ALL".. Operator="1" Options="xf" TargetName="IIS Web Deploy 3.5"/>.. <ATTRIBUTE name="GroupName" value="Web Server"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B509B920457D9352C09A70855B5FVersion" Prereq="B509B920457D9352C09A70855B

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\IIS Web Deploy 3.5 x86\IIS Web Deploy 3.5 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1208
      Entropy (8bit):5.589246611709527
      Encrypted:false
      SSDEEP:
      MD5:824484A3E9940AD8B1E4065DD2F0F090
      SHA1:33436E0D0FBAFB8ED408823595B9FD9E8B636492
      SHA-256:EFDE985D957AD8305A7C919184745D9E744C22266527C78B294F2CDF0549C5B3
      SHA-512:6BC81306A14D0BC9415BD2736FD7B3D64E9A407F5C439FF966956270796ADE99E81942039A91A0BD45D35442FEB3271D7D0D251DF8587660BF2B812A4D473C04
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="ED42CE59049D1933CFA29D8720DCE" DisplayName="IIS Web Deploy 3.5 x86" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/D/4/4/D446D154-2232-49A1-9D64-F5A9429913A4/WebDeploy_x86_en-US.msi".. Location="1" ExactSize="6053888" MD5="a7a116e895615ae6c54149aec5616ba2".. WinNTVersions="Windows Vista RTM x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet ADDLOCAL=ALL".. Operator="1" Options="f" TargetName="IIS Web Deploy 3.5"/>.. <ATTRIBUTE name="GroupName" value="Web Server"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="ED42CE59049D1933CFA29D8720DCEVersion" Prereq="ED42CE59049D1933CFA29D8720DCE" SearchType

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 07 for XP x64\Internet Explorer 07 for XP x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1439
      Entropy (8bit):5.533356579794263
      Encrypted:false
      SSDEEP:
      MD5:D4A5EC74182FAA417E8270292F1E5DBB
      SHA1:4EDAAFFD2CB7D3700F6517AE11BF30382506978A
      SHA-256:D46043F0B5BC0EEEFAE440FB1F468A711445A1D8A57D7049C24A49C06EDE2885
      SHA-512:AF9CA0F5FFC814B4B9D4141B0C9088E22CB61F50690A0119B6906388BEA115D5904B5B3D2E18F702EA114098A1B7A21F73A4216DAF839ED5863E87FE7F7866FD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B330539FFF704E3FAB1F238B245A4C90" DisplayName="Internet Explorer 7 for Windows XP/Server 2003 x64" VersionMin="7.0".. SetupFileUrl="http://download.microsoft.com/download/1/1/4/114d5b07-4dbc-42f3-96fa-2097e207d0af/IE7-WindowsServer2003-x64-enu.exe".. Location="1" ExactSize="29662072" MD5="af5465b7e20fe89266a5b81ba1857be1".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="Internet Explorer 7"/>.. <ATTRIBUTE

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 07 for XP x86\Internet Explorer 07 for XP x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1336
      Entropy (8bit):5.552088101534587
      Encrypted:false
      SSDEEP:
      MD5:8DFEDE1615FDDB13BE192B6527FE5F97
      SHA1:BBF71AE3384143BD241635A4F4413A0F0849879E
      SHA-256:B1CC3D86A363D5F22D5EEB5EB3AE8C359981542439F244BC853F9A8EECBC733A
      SHA-512:0019FFC0E4E9AC8803637A574CFC152ABA87476A7506B435025B7B393C4D4527F6DE0C4FE516EF1E49B30A56D90FECA6B4B88180D236330991726F59387A15AA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D5169_02A2_4859_9CC5_943F4782D144" DisplayName="Internet Explorer 7 for Windows XP x86" VersionMin="7.0".. SetupFileUrl="http://download.microsoft.com/download/3/8/8/38889dc1-848c-4bf2-8335-86c573ad86d9/IE7-WindowsXP-x86-enu.exe".. Location="1" ExactSize="15452536" MD5="ea16789f6fc1d2523f704e8f9afbe906".. WinNTVersions="Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Internet Explorer 7"/>.. <ATTRIBUTE name="GroupName" value="Internet Explorer"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.P

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 08 for Vista x64\Internet Explorer 08 for Vista x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1401
      Entropy (8bit):5.49237265730351
      Encrypted:false
      SSDEEP:
      MD5:9075AEDA08D564675BC74909D17DBF6E
      SHA1:61837FE9A0D6BAE811545A8D69194850C4DB8756
      SHA-256:CC3E313E41B12B63EA6D1EFBFC99A7CF63E836DBBA45934E872129A92966A00B
      SHA-512:1FB3F794E7A49850E92ED58EC184FE5C4E06CB887B8809698876F2D8C025E2FD5ACBD923F7972C9F657E7E0D307ECE5C02222671598062FC762E005A5E12EC6D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F44049588522BF4EE5664" DisplayName="Internet Explorer 8 for Windows Vista/Server 2008 x64" VersionMin="8.0".. SetupFileUrl="http://download.microsoft.com/download/D/C/F/DCF5DACB-313F-40C6-889C-AD1F8546099D/IE8-WindowsVista-x64-ENU.exe".. Location="1" ExactSize="25492336" MD5="079d1d6c413d0d095a2a6b8b927ea328".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="Internet Explorer 8"/>.. <ATTRIBUTE name="G

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 08 for Vista x86\Internet Explorer 08 for Vista x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1341
      Entropy (8bit):5.570430616095685
      Encrypted:false
      SSDEEP:
      MD5:A084B00B55E82FB81DAF0C748FBAB660
      SHA1:32E1E84482BF7E79B9FC7D243D288717692FB47F
      SHA-256:B975B21D2E3731BAE77DE0F46DAB3D6600DC06D6CD04CD640825A787CE171BD3
      SHA-512:97E130E0D0BC3F4C22AA52BB2635E00F8F3A39CC9BB535F4150AFA3D8E27BF7E419B3043F520EB3D0911681FF245F6D9DEBE282A6854F1CE672FA000CA91DB0E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E9FCC6A_DF04_48EF_ABA3_9D69B9F981D4" DisplayName="Internet Explorer 8 for Windows Vista/Server 2008 x86" VersionMin="8.0".. SetupFileUrl="http://download.microsoft.com/download/F/8/8/F88F09A2-A315-44C0-848E-48476A9E1577/IE8-WindowsVista-x86-ENU.exe".. Location="1" ExactSize="13944160" MD5="fae1f096b5e97209f3c5c3badb5db7cf".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Internet Explorer 8"/>.. <ATTRIBUTE name="GroupName" value="Internet Explorer"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreRe

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 08 for XP x64\Internet Explorer 08 for XP x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1442
      Entropy (8bit):5.539132071919354
      Encrypted:false
      SSDEEP:
      MD5:6AA1304290263B004296B40372B0F707
      SHA1:2C63EF02E6C2BB7E5003B76FB0ECF2152BCCF2A3
      SHA-256:748BE556B76AF427C03AA069739BDAB2C221EEC871A3DFC9B07099C890E887FC
      SHA-512:5F37F00D6BF9AD5D10B303A6AEE279ED60736C93C1570F4B6CDF7A5AB6F3F70DC2D83C249EF37BB989B0D83C867A96C0F71578CB10BE622ED4E2F0B4EDBE2F17
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D053116D8E134B4CA2D962BD80AE55C3" DisplayName="Internet Explorer 8 for Windows XP/Server 2003 x64" VersionMin="8.0".. SetupFileUrl="http://download.microsoft.com/download/7/5/4/754D6601-662D-4E39-9788-6F90D8E5C097/IE8-WindowsServer2003-x64-ENU.exe".. Location="1" ExactSize="33972080" MD5="f357a6b6b69fbd427610f1dd83a17c16".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="Internet Explorer 8"/>.. <ATTRIBUTE

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 08 for XP x86\Internet Explorer 08 for XP x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1323
      Entropy (8bit):5.539711819726658
      Encrypted:false
      SSDEEP:
      MD5:699650BC7137C900161F37EDA5AF3F19
      SHA1:2B9A5BAB20B6D3C76170EE8684A03106A9595000
      SHA-256:E24F0C06449E64DA3A30CA3F766BFBA1080783C20DDB0EFB5FED4D4DB748CF0B
      SHA-512:658C6056C3A40919234279A08DDC1A5E16884EE184FEE1A359B20E906FCF9CBB1E228F75BDA6B58164B70BD24EAFF5D41F2CAC54E1B5CA6FB9CB6B639F76E364
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A7799839749449FFE020185FA8CD7" DisplayName="Internet Explorer 8 for Windows XP x86" VersionMin="8.0".. SetupFileUrl="http://download.microsoft.com/download/C/C/0/CC0BD555-33DD-411E-936B-73AC6F95AE11/IE8-WindowsXP-x86-ENU.exe".. Location="1" ExactSize="16883056" MD5="616c2e8b12aaa349cd3acb38bf581700".. WinNTVersions="Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Internet Explorer 8"/>.. <ATTRIBUTE name="GroupName" value="Internet Explorer"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreRe

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 09 for Vista x64\Internet Explorer 09 for Vista x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1483
      Entropy (8bit):5.522729851233934
      Encrypted:false
      SSDEEP:
      MD5:6C58CDC196719838C912D20B896AD4BA
      SHA1:F3DB4B1850D9B35940D701816BD3A41924F6F1CB
      SHA-256:10203FE242444D542C6A3C79C13C9CE98B4DE8BDDD4AE3B777819724F5CA3660
      SHA-512:71BDD0A4894F66F49DF613ECF8C1C83EE957BF29C2D3E68FCD7CEFFE87939B69AC291296EF1805198C3CE088707742D71BF8CC073BB77459533C06F9559748D3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D8A80184134547AA8D7C4EABB3A3C1" DisplayName="Internet Explorer 9 for Windows Vista/Server 2008 x64" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/7/C/3/7C3BA535-1D8C-4A87-9F1D-163BBA971CA9/IE9-WindowsVista-x64-enu.exe".. Location="1" ExactSize="36138288" MD5="e0c1d5628b4d7f80f1d61b267ce32305".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" Tar

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 09 for Vista x86\Internet Explorer 09 for Vista x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1375
      Entropy (8bit):5.524632744375354
      Encrypted:false
      SSDEEP:
      MD5:FD7565EFA0F6B6C2B995CD867EEC6053
      SHA1:C6D8C133C87B51AB0D1FF73B4E8C8EA0D0EBBA98
      SHA-256:E771F10E18E99C20A3A35CD5FC153C94E67C80690A1553CFB584A0DCB207A477
      SHA-512:7A95DB1333974C01BDD429F85582F0B76AAC3FCBF5E136754E5E6C77A8E74E89B482C7E9F7B7C283A1BD29E0AED76530413DDB95988116418D0DC535F8C8B5EE
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B09EF4AE6DD4466F91C7A0EE2C42C467" DisplayName="Internet Explorer 9 for Windows Vista/Server 2008 x86" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/0/8/7/08768091-35BC-48E0-9F7F-B9802A0EE2D6/IE9-WindowsVista-x86-enu.exe".. Location="1" ExactSize="18005296" MD5="873e41935054b1be1e624c7e51c2e615".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Internet Explorer 9"/>.. <ATTRIBUTE name="GroupName" value="Internet Explorer"/>.. </COMPONENT>.. <C

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 09 for W7 x64\Internet Explorer 09 for W7 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1416
      Entropy (8bit):5.5300420887433575
      Encrypted:false
      SSDEEP:
      MD5:33D2EE54228DC561AC9C6B1D31ADA55C
      SHA1:270F55E8DBA64A45502950441E320AAD46CEAB00
      SHA-256:2A627263ED25E59CFE3F7C3BCDDAA6D22A92BA6B08679FD2DBD27A826C31F14E
      SHA-512:D295E1FF746D16F1CB3F4FCD5A76E5A3359ADDAE641F3CFC1D15537D265E3DB7095C407B7A2065BC7E63F2693986422D5CDDF44E11A1B4A108AFFFDCD8EE5329
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="ACF56A448E91A3FC9D8DF8B7CE" DisplayName="Internet Explorer 9 for Windows 7/Server 2008R2 x64" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/C/1/6/C167B427-722E-4665-9A40-A37BC5222B0A/IE9-Windows7-x64-enu.exe".. Location="1" ExactSize="36380976" MD5="7c20c6512aedb1f358b6d4edd82ac3e9".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="Internet Explorer 9"/>.. <ATTRIBUTE name="G

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 09 for W7 x86\Internet Explorer 09 for W7 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1354
      Entropy (8bit):5.559234139489698
      Encrypted:false
      SSDEEP:
      MD5:91C4E62BF430C89A475FD496F98A2F30
      SHA1:21CE2386D497AE3E48154274B4A773121F797CA3
      SHA-256:4241D912E456D02363788320BF10B313011CBD2D89AACAEEDC907B2FF6FAE9BA
      SHA-512:2AD0A0566F30670F7DDA46E31213D3602A1F9F8566FF0642B65D405B6BFC75E209055D66F8F28CFE28F9A25BB59C5B451403B680E3A267CA1CC96A479D1EF609
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F716F5F8_326D_400C_8AC7_5FCA621D8325" DisplayName="Internet Explorer 9 for Windows 7 x86" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/C/3/B/C3BF2EF4-E764-430C-BDCE-479F2142FC81/IE9-Windows7-x86-enu.exe".. Location="1" ExactSize="18124080" MD5="ef96e737f4a1a6e586e44bcd146bb19e".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Internet Explorer 9"/>.. <ATTRIBUTE name="GroupName" value="Internet Explorer"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msi

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 11 x64\Internet Explorer 11 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1456
      Entropy (8bit):5.517180696960708
      Encrypted:false
      SSDEEP:
      MD5:BF27480F3CE10BF0103CBD9FB7E4E720
      SHA1:EAD7D61D78CA292BBB06DF71805C9B2E70D22CFA
      SHA-256:C49713DFA67EC51E821D4D1CE86D77376694E09B30452012AEF4F13F48568416
      SHA-512:F59846359FE3D0EB4896B70A5EE68341A1272712B2A1283646FA916A29956DF243544041485163438417339ADAA94CE55FDFCCB15DFDBBD512E465D78F075B3F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D95118924CEFB7917A8BC7F8A28F" DisplayName="Internet Explorer 11 x64" VersionMin="11.0".. SetupFileUrl="http://download.microsoft.com/download/7/1/7/7179A150-F2D2-4502-9D70-4B59EA148EAA/IE11-Windows6.1-x64-en-us.exe".. Location="1" ExactSize="55915216" MD5="839a1a4d5043d694cd324c33937e00ae".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="Internet Explo

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Internet Explorer 11 x86\Internet Explorer 11 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1352
      Entropy (8bit):5.559409263505474
      Encrypted:false
      SSDEEP:
      MD5:93BF53ECD17FE5C6B863CEF1F5E0BD0A
      SHA1:772B1054893B7CAC0B927125D7B28AA1EADBBF86
      SHA-256:BCE1226851FC8A494BFF172B748D4111626C116B16238FC06D448039B8D02EA7
      SHA-512:D9E9E0A6EF29913D5F23FEC345766A4F468BEAD1ABE3CBFB711E5005F023DE091322437FC8CA61F6D32A383D8FB53964716E0B2270E17821B0EDB15694B45EC4
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E74B59B7F65C41D38A5139639A220F08" DisplayName="Internet Explorer 11 x86" VersionMin="11.0".. SetupFileUrl="http://download.microsoft.com/download/9/2/F/92FC119C-3BCD-476C-B425-038A39625558/IE11-Windows6.1-x86-en-us.exe".. Location="1" ExactSize="29720784" MD5="7d3479b9007f3c0670940c1b10a3615f".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Internet Explorer 11"/>.. <ATTRIBUTE name="GroupName" value="Internet Explorer"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.ad

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 11 Devel x64\Java SE 11 Devel x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1473
      Entropy (8bit):5.603938375649098
      Encrypted:false
      SSDEEP:
      MD5:F45E0E9ADCB27B3E291831AB12CA8B02
      SHA1:B809A8F5E1AAEF734A46CC2A32F03783CEBA1B75
      SHA-256:6611D0966AB95D17F8E502D28CD63AB70CF4316F4E8C18CC9B9A696427D3AB7D
      SHA-512:0B75465153508D9C88BA419AD8233DCEB42C28338234B3C45F55455E497FB98E71F64BDB3E7D73DF0D5A91D1492EDF18DAD334044152B7927EC13DF70078AEFD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.6" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B4E7E89B44BCBA7D8AF9A6659B363" DisplayName="Java SE Development Kit 11.0.1 x64" VersionMin="11.0.1".. SetupFileUrl="http://www.oracle.com/technetwork/java/javase/downloads/jdk11-downloads-5066655.html".. Location="2" ExactSize="0".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. Operator="0" Options="xy"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B4E7E89B44BCBA7D8AF9A6659B363CurrentVersion" Prereq="B4E7E

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 6 Devel x64\Java SE 6 Devel x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1386
      Entropy (8bit):5.621281044443001
      Encrypted:false
      SSDEEP:
      MD5:1602F648A35E52B891FD3231BC24C078
      SHA1:7EA5FD83DD49EFFE48713624E4B90BE38F02B1ED
      SHA-256:4C14A8ABB64E454B782F914C82514357A106703DFB7B0180CAB26E693C8ACE91
      SHA-512:9879EF2EDE710A209FC57C18F37E3644592B7917EDB795D880CEBC3383E1F65E6C25225F0ABCC71355A5103A0366FDF6004FB473C55EBB739D49196B61983E35
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BDB643D71C47A2B391399B80DE096A" DisplayName="Java SE Development Kit 6u45 x64" VersionMin="1.6".. SetupFileUrl="http://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase6-419409.html#jdk-6u45-oth-JPR".. Location="2" ExactSize="0".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. Operator="0" Options="xy"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="BDB643D71C47A2B391399B80DE096ACurrentVersion" Prereq="BDB643D71C47A2B391399B80DE096A" SearchType="2".. SearchString="HKLM\SOFTWARE\JavaSoft\Java Development Kit\CurrentVersion" VerMin="1.6"..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 6 Devel x86\Java SE 6 Devel x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1318
      Entropy (8bit):5.5802964509187465
      Encrypted:false
      SSDEEP:
      MD5:E27A089F76CE7325F7F1365F33189AA4
      SHA1:5998FAF42D09A8DA272856EB1834651A5820D1C3
      SHA-256:8F5249B19A461DE4DFF950FB126462F52C4EA92E6BEFC5880716839F35AA416E
      SHA-512:463EAC4E72C50DA9C56DC67074FA59D5A36EEE1C9B5FD65FB64593E3C6865F65DDC127FAA338429741DEA2C03539588592F11333964C7B1FDAE5E64703F68292
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B5E999CB_DED3_4C69_950A_BAB50E520522" DisplayName="Java SE Development Kit 6u45 x86" VersionMin="1.6".. SetupFileUrl="http://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase6-419409.html#jdk-6u45-oth-JPR".. Location="2" ExactSize="0".. Operator="0" Options="y"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B5E999CB_DED3_4C69_950A_BAB50E520522CurrentVersion" Prereq="B5E999CB_DED3_4C69_950A_BAB50E520522" SearchType="2".. SearchString="HKLM\SOFTWARE\JavaSoft\Java Development Kit\CurrentVersion" VerMin="1.6".. Order="1" Property="PreReqSearch_B5E999CB_DED3_4C69_950A_BAB50E520522"/>.. <ROW Search

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 6 Runtime x64\Java SE 6 Runtime x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1409
      Entropy (8bit):5.558286569500168
      Encrypted:false
      SSDEEP:
      MD5:BD6721740EE6F3289D4978C040093221
      SHA1:1B66275D85744D7E9B81D6583DAEF8778458E6E6
      SHA-256:F48D86F2419DBA0A570ED2DF103CC5591D991A60F592E921B493EEBC18CFBADC
      SHA-512:03059CE0CD3EBC80159C03F6DAB2230D934BCCD36F67479762960C847038EFAD72C2BB616B6C5A29F5ED9BB318FB9F3DD545E3E178FA9A946ED263D49D520DE2
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E74CF256044426188A26D82E2C25D85" DisplayName="Java SE Runtime Environment 6u45 x64" VersionMin="1.6".. SetupFileUrl="http://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase6-419409.html#jre-6u45-oth-JPR".. Location="2" ExactSize="0".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. Operator="0" Options="xy"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="E74CF256044426188A26D82E2C25D85CurrentVersion" Prereq="E74CF256044426188A26D82E2C25D85" SearchType="2".. SearchString="HKLM\SOFTWARE\JavaSoft\Java Runtime Environment\CurrentVersion" VerMin

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 6 Runtime x86\Java SE 6 Runtime x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1313
      Entropy (8bit):5.591887022288067
      Encrypted:false
      SSDEEP:
      MD5:554B586E9675ACE53542ED11F896E1A4
      SHA1:84DF0E134B0DA42357C14C3FA9EBC70E32C009A5
      SHA-256:5E4F04CEB788B18C63A65C77B281A51A4A846891C9DE4015D5C1C45F1EF9C2AB
      SHA-512:76231F41C8905D545090435F50E39B1FE55EB5826302AF2E9CD5430B6DD4C3F4C0784891E3C97C922E4242AF6F18EB8E581BD478C8E2C3FC4C05EA7C3C4F95BB
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EC39D_0B8D_4C2E_A373_7F11E2281A4C" DisplayName="Java SE Runtime Environment 6u45 x86" VersionMin="1.6".. SetupFileUrl="http://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase6-419409.html#jre-6u45-oth-JPR".. Location="2" ExactSize="0".. Operator="0" Options="y"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="EC39D_0B8D_4C2E_A373_7F11E2281A4CCurrentVersion" Prereq="EC39D_0B8D_4C2E_A373_7F11E2281A4C" SearchType="2".. SearchString="HKLM\SOFTWARE\JavaSoft\Java Runtime Environment\CurrentVersion" VerMin="1.6".. Order="1" Property="PreReqSearch_EC39D_0B8D_4C2E_A373_7F11E2281A4C"/>.. <ROW SearchKey=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 7 Devel x64\Java SE 7 Devel x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1445
      Entropy (8bit):5.585319854837088
      Encrypted:false
      SSDEEP:
      MD5:42515F4A65A90FA0D73D17A17855829B
      SHA1:42A90537615D585936D7B82626A7467C984E411A
      SHA-256:58124675C82279CFFCB01FDD576F4F53CA590F3028BB24D3D48B420B605CF226
      SHA-512:F2AE06ABB72B381AA0655395EC0FC2F0F4D702F74F88EC729389F7767E10A26E1D5225623EAF6869FF8A9DD21372D8A3A1E3E578D09044147C023E3DF3AA0483
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="ABECD543848517E3E97B1BC934" DisplayName="Java SE Development Kit 7u80 x64" VersionMin="1.7".. SetupFileUrl="http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html".. Location="2" ExactSize="0".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. Operator="0" Options="xy"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="ABECD543848517E3E97B1BC934CurrentVersion" Prereq="ABECD543848517E3E97B1BC934" SearchType="2".. SearchString="HK

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 7 Devel x86\Java SE 7 Devel x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1494
      Entropy (8bit):5.585458215677469
      Encrypted:false
      SSDEEP:
      MD5:63E6252425A1CF96DA3476075083C5C1
      SHA1:1EA082D4813688543B117A618AB0C604C3B1A94D
      SHA-256:FA008D37C8307D8A69E01A068568BE626E425D5F8710AEEB3FDBB14E29C4F3C6
      SHA-512:5BC2DFE621DA123A7ABB8C7988380C0D321E071EBE7BDFC9A2696B99AA79A85ADBC1299D69014357F181966ED50295F09D27D4AD6732F7186B2000D94BE795F2
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BC7834C2EA994AB6BC0D7A59B8E3E040" DisplayName="Java SE Development Kit 7u80 x86" VersionMin="1.7".. SetupFileUrl="http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html".. Location="2" ExactSize="0".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. Operator="0" Options="y"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="BC7834C2EA994AB6BC0D7A59B8E3E040CurrentVersion" Prereq="BC7834C2EA994AB6BC0D7A59B8E3E040" SearchType="2

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 7 Runtime x64\Java SE 7 Runtime x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1482
      Entropy (8bit):5.522889394672064
      Encrypted:false
      SSDEEP:
      MD5:640F6377C4B6A0212F34B32A88C4B222
      SHA1:5013AD2FD289598BD2B66D135EBF5D4CC0200E0B
      SHA-256:57FD4E6DAF514510CC7381FFBA321BCDF08DBEE5B51693A27208E7F6A8F50FCE
      SHA-512:4169B32A64E07A593D7CB54523733602EFF3567484F601B8474446EC58C33A67693CF093F14E0A2EE92AFCBD6665F58FC4FD76271B493A09AD77FFC3E3E6CD51
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C036D207A4AB3BE16366CEBCB6C6C" DisplayName="Java SE Runtime Environment 7u80 x64" VersionMin="1.7".. SetupFileUrl="http://www.oracle.com/technetwork/java/javase/downloads/jre7-downloads-1880261.html".. Location="2" ExactSize="0".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. Operator="0" Options="xy"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="C036D207A4AB3BE16366CEBCB6C6CCurrentVersion" Prereq="C036D207A4AB3BE16366CEBCB6C6C" SearchType="2".. Sea

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 7 Runtime x86\Java SE 7 Runtime x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1510
      Entropy (8bit):5.544555427221963
      Encrypted:false
      SSDEEP:
      MD5:1E7AE7E40FAAAB8C558D88C097343911
      SHA1:55A40858C37ABC2D964FE7C6D043ED5EF1DDB06E
      SHA-256:F82AB4CF4DAC93DA8A7FEDC32E5B8D02C70B58C98B5DCA85F43A3E697A0666A4
      SHA-512:F2186DC237A843B795E15CCF5E494B15A13289413A06DAE6DCA8CF42316736EF5E8CDD00E9ACF24AF7328DFEFFDF2996C474D9F5B5F70F5E626FAD43E4420BF8
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EE84CE1C98744810AB435A53A3737024" DisplayName="Java SE Runtime Environment 7u80 x86" VersionMin="1.7".. SetupFileUrl="http://www.oracle.com/technetwork/java/javase/downloads/jre7-downloads-1880261.html".. Location="2" ExactSize="0".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. Operator="0" Options="y"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="EE84CE1C98744810AB435A53A3737024CurrentVersion" Prereq="EE84CE1C98744810AB435A53A3737024" SearchTyp

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 8 Devel x64\Java SE 8 Devel x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1613
      Entropy (8bit):5.610944097580255
      Encrypted:false
      SSDEEP:
      MD5:C53931C06F87E675596395F33FFDF5DA
      SHA1:E2CE0DF627867BEDF550394F4B7BE4F04FD98960
      SHA-256:0F05E7CB63E674282117555D1FFF6234FD6A8D771D03705FE829D44C76446B0B
      SHA-512:7F50CE805F6DED196F0F1C25982ACBC9DAA3417D6C8667B896AFA52B3772E385906D7FA2020AB093FF38867E461552E8C96536510C8785560E4386D7EAB0ADAD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A7ABF114F70B4B98B4E678E9C4028BEE" DisplayName="Java SE Development Kit 8u171 x64" VersionMin="1.8".. SetupFileUrl="http://javadl.oracle.com/webapps/download/AutoDL?BundleId=233156_512cd62ec5174c3487ac17c61aaa89e8".. Location="1" ExactSize="217342912" MD5="190c8f5b344cfe7ecf4aa6f80c9f517f".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. Operator="0" Options="xf" TargetName="Java SE Development Kit?jdk-8u171-windows-x64.exe"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 8 Devel x86\Java SE 8 Devel x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1600
      Entropy (8bit):5.60609166768863
      Encrypted:false
      SSDEEP:
      MD5:3F9E96B524AECC9A12EB3250FFE558EA
      SHA1:560231CBD7EAED91EB4DADCB9EE1EFBB60CF72CE
      SHA-256:7C9DC3157821821E492C24632FF61E66D5AE467E2A998D7DBA160175E3E38C77
      SHA-512:26F2F0CF7B8DCCB2BEE50AB29E525A3EDAC26B6B79B1B0EF291F130601141D2E3E867AF24914B7C1C0005B6FC15E7CEC2D5C4944F4EFC2F2864F40BC332F1AC6
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="AE271A3D54B9EAD86B92A0492B701" DisplayName="Java SE Development Kit 8u171 x86" VersionMin="1.8".. SetupFileUrl="http://javadl.oracle.com/webapps/download/AutoDL?BundleId=233155_512cd62ec5174c3487ac17c61aaa89e8".. Location="1" ExactSize="208770496" MD5="40aa9b17953179353ee0a2c8dfdccd99".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. Operator="0" Options="f" TargetName="Java SE Development Kit?jdk-8u171-windows-i586.exe"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 8 Runtime x64\Java SE 8 Runtime x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1625
      Entropy (8bit):5.591619736324362
      Encrypted:false
      SSDEEP:
      MD5:6F7DAE98A7C9CF582AD49D5D8E1A539C
      SHA1:66C5E973584D2D40F5284B8F275D19AF7EBA367D
      SHA-256:82B17299E7F725EB273D73DD6D18D873DB2BD9904FA0FBAE2332F6D98AB56D2C
      SHA-512:3DB83D1BAB579E38F5F438A8F30EAFA5E32FB716082C95EF9C426A9D1C28CE3FAE75DBDBD0125E1AF07FE72905758FE654F39E23A4B1BADA5A895A77B8683A68
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F6D8148C0594E7491C36E27FD5E9E89" DisplayName="Java SE Runtime Environment 8u171 x64" VersionMin="1.8".. SetupFileUrl="http://javadl.oracle.com/webapps/download/AutoDL?BundleId=233172_512cd62ec5174c3487ac17c61aaa89e8".. Location="1" ExactSize="71830472" MD5="0c7fe540f431566ce5bd47a276b1001e".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. Operator="0" Options="xf" TargetName="Java SE Runtime Environment?jre-8u171-windows-x64.exe"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Java SE 8 Runtime x86\Java SE 8 Runtime x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1640
      Entropy (8bit):5.603662180087414
      Encrypted:false
      SSDEEP:
      MD5:63E9EDAC2F88D2F3B62A182899C1A4CA
      SHA1:AE7FFBE03569CD9AC3FF9B8326812101CF4199BE
      SHA-256:0760FD0D7C234E573921F68D83ACF2E7B4A70F1D2E38DA6D3D60E539E1101B38
      SHA-512:EDD253099E4CA8BD4539090E4C692135C91142406F1D38624DB7E3F319E82098BB4A378EB9665DB5B9FFAB7CD309DFB0D93945D1C9B1C13C71AC2DED00733B82
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DBAC51E1B77D4A88904D3BFCC8A734A9" DisplayName="Java SE Runtime Environment 8u171 x86" VersionMin="1.8".. SetupFileUrl="http://javadl.oracle.com/webapps/download/AutoDL?BundleId=233170_512cd62ec5174c3487ac17c61aaa89e8".. Location="1" ExactSize="64657864" MD5="cde60721f20716df018ba603c0dd5e2f".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. Operator="0" Options="f" TargetName="Java SE Runtime Environment?jre-8u171-windows-i586.exe"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchCom

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Compact 3.5 SP1 x64\MSSQL Compact 3.5 SP1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1341
      Entropy (8bit):5.58726882739852
      Encrypted:false
      SSDEEP:
      MD5:85D63D5C0E3F0ABB979A7C6F8939E047
      SHA1:1D52BF7AEEEA67AA557DF74459B3BF169418D9FC
      SHA-256:871846DB31DFC9880C97ED388E45C50AE0491AC5141AC4C9AF535D665995D94D
      SHA-512:7926045F4F2A391E31BC9920F1422727527F26EF4A158581F9B6A3AD5A6BC245969B82C5D7A0D442BFFDF4B7C3DBFA503CB3AA1B071E8684DAA8183931552FEA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EC7E4A63F48A5A8E32FBE684E0BB5" DisplayName="SQL Server Compact 3.5 SP1 64-bit" VersionMin="3.5".. SetupFileUrl="http://download.microsoft.com/download/8/4/2/8423c019-ccb4-4d7d-b7f0-bcf83f1b9218/SSCERuntime-ENU-x64.msi".. Location="1" ExactSize="2642944" MD5="039caa3f2c5afdf5b8dc6c72d62a082b".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="SQL Server Compact 3.5 SP1"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchCom

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Compact 3.5 SP1 x86\MSSQL Compact 3.5 SP1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1317
      Entropy (8bit):5.5930338193644
      Encrypted:false
      SSDEEP:
      MD5:F96FDE4CAC6E21EC31EE38C449186B86
      SHA1:85BC99CF5CF0B196BDB99A7C201A26DB4357903C
      SHA-256:960ADD958BC88E49E5017C52AF80470201E546BBFF18C542A66640E9B00D3BA5
      SHA-512:0AF29B418555CC00B134F390144E9039D28EAEA15E3C1FF6E2906456976036DE29496780E18D7C80565C89307B89ADAB96F4F868BC01C3ACC4E8BA210B5A2CE0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A9B48_8408_472C_8975_B606D4D61EE1" DisplayName="SQL Server Compact 3.5 SP1 32-bit" VersionMin="3.5".. SetupFileUrl="http://download.microsoft.com/download/8/4/2/8423c019-ccb4-4d7d-b7f0-bcf83f1b9218/SSCERuntime-ENU-x86.msi".. Location="1" ExactSize="2361344" MD5="062dcde4ec577cc93c1822ef5894fe51".. WinNTVersions="Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="SQL Server Compact 3.5 SP1"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="A9B48_

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Compact 3.5 SP2 x64\MSSQL Compact 3.5 SP2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1215
      Entropy (8bit):5.564765000507286
      Encrypted:false
      SSDEEP:
      MD5:1441C4928A9EF14D6BB31E43E52457AE
      SHA1:E7513B448258836428D6EB2DAF88F477EF418A06
      SHA-256:85C233F3C3041F2CD603CB361C532C3B7728A8A1D65FC976917C6F4CDF08FF6D
      SHA-512:CFEA690A9CFDCB6EFEE1D49D2AB0F05206B46BE343FDFD3F0E925C7D424016CD684374A421BD1D2BE4D5536333C1BDE5C707CE0E7DD0F823CFACC3C2388D1295
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FC88CA9E4084464A0FD5FAB5FC4FBBA" DisplayName="SQL Server Compact 3.5 SP2 64-bit" VersionMin="3.5".. SetupFileUrl="http://download.microsoft.com/download/E/C/1/EC1B2340-67A0-4B87-85F0-74D987A27160/SSCERuntime-ENU.exe".. Location="1" ExactSize="0".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="SQL Server Compact 3.5 SP2"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="FC88CA9E4084464A0FD5FAB5FC4FBBAVersion" Prereq="FC88CA9E4084464A0FD5FAB5FC4FBBA" SearchType="2"..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Compact 3.5 SP2 x86\MSSQL Compact 3.5 SP2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1163
      Entropy (8bit):5.567507384340685
      Encrypted:false
      SSDEEP:
      MD5:C6CCB26C83E20D4CD9910483E18232E3
      SHA1:A403B0999BA644A11C9AECAFCD8F37049B577FAF
      SHA-256:63311EFDE38C273F6485A2C2C7FC5903B87B9AE0EA19A5BD0F0327344461655B
      SHA-512:B1D78BE99E2CA43A0DC85CDF53A1AC190ED229FBA781D02F521CA843BD1B51CE0B0FE8CB10551EBBE7B0900598E339CD6318002EF8C5F5470831BCBFD59E8EFF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F46BC734_5C84_4146_80EE_8145B78281FA" DisplayName="SQL Server Compact 3.5 SP2 32-bit" VersionMin="3.5".. SetupFileUrl="http://download.microsoft.com/download/E/C/1/EC1B2340-67A0-4B87-85F0-74D987A27160/SSCERuntime-ENU.exe".. WinNTVersions="Windows 10 x86".. WinNT64Versions="Windows 10 x64, Windows Server x64".. Location="1" ExactSize="0".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="SQL Server Compact 3.5 SP2"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="F46BC734_5C84_4146_80EE_8145B78281FAVersion" Prereq="F46BC734_5C84_4146_80EE_8145B78281FA" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\Microsoft SQL Serv

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Compact 3.5 x86\MSSQL Compact 3.5 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1334
      Entropy (8bit):5.602838857122703
      Encrypted:false
      SSDEEP:
      MD5:EA05D318441F828E6EFC22AD9D57986C
      SHA1:290EF3D3125E759421B06F7B2509B78B2F61D42A
      SHA-256:96E4CC5D05D74E9A4D83AC1C1500B08671F03F5CCDEFC0D07884DAA9659FFC40
      SHA-512:02A5E3BF19EE27C237C2EEF55CF1BEABE6E33CF7B1249A97AC2F214B7161D13A1F54477F1A1D7E2E493C35DCA2F41C4D1CA3E0B70FDC4FA42CB446187CF8B6FA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B7219_254D_4329_9870_520183AA162D" DisplayName="SQL Server Compact 3.5 x86" VersionMin="3.5".. SetupFileUrl="http://download.microsoft.com/download/b/8/5/b85fb87c-2f67-46c2-a475-0ded755f2e76/SSCERuntime-ENU.msi".. Location="1" ExactSize="1831936" MD5="81802b011fa0f84e62c3967101e756d3".. WinNTVersions="Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="SQL Server Compact 3.5"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B7219_254D_4329_9870_

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Compact 4.0 SP1 x64\MSSQL Compact 4.0 SP1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1268
      Entropy (8bit):5.592642640352776
      Encrypted:false
      SSDEEP:
      MD5:56B5C0AF1488387C893870400B8D2E82
      SHA1:DBDBCFA85F5845FE439B0FBA8C484B752E731590
      SHA-256:327607044970AED9669C09B9CEC4BA9E128548E70EAE784F482AB5DFAD7F34DF
      SHA-512:193CF63DDB2F6494005EA88D76A106D75D1FEEBB585ED1E911C748EFB1518C4021DBF5EC62157908B96C0EB15FE32D18F59435E59E93170C3DD10DBF99612703
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B289E6E082E4114B1E67EA598BB884D" DisplayName="SQL Server Compact 4.0 SP1 x64" VersionMin="4.0".. SetupFileUrl="http://download.microsoft.com/download/F/F/D/FFDF76E3-9E55-41DA-A750-1798B971936C/ENU/SSCERuntime_x64-ENU.exe".. Location="1" ExactSize="2638632" MD5="ff8b645421f67e7963bdca643fe4b20f".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet /i".. Operator="1" Options="xf" TargetName="SQL Server Compact 4.0 SP1"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B289E6E082E4114B1E67EA598BB884DVersion" Prereq="B

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Compact 4.0 SP1 x86\MSSQL Compact 4.0 SP1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1237
      Entropy (8bit):5.602575481108221
      Encrypted:false
      SSDEEP:
      MD5:C06F14C014AC1F148B0B00C16D6AD070
      SHA1:96346AE90C9CF3D52319FD4D84EE9567F9852399
      SHA-256:190B042C283F7DF76BD8AAAAE78AD30E25296C5E060AA5EC4D07190213CD733B
      SHA-512:89827F767443F1A707B074D804383DB612988017CFC241207C495134C5AD30ECE0FD99D5BD828F191668483C3EA9DFAEBA1A5BBFA4E175C5258F6C333D70E336
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B7F3EF2947194DBBA24570C9D8F78D96" DisplayName="SQL Server Compact 4.0 SP1 x86" VersionMin="4.0".. SetupFileUrl="http://download.microsoft.com/download/F/F/D/FFDF76E3-9E55-41DA-A750-1798B971936C/ENU/SSCERuntime_x86-ENU.exe".. Location="1" ExactSize="2397488" MD5="e71ec483986ac687300bf7ae5001cbb2".. WinNTVersions="Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet /i".. Operator="1" Options="f" TargetName="SQL Server Compact 4.0 SP1"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B7F3EF2947194DBBA24570C9D8F78D96Version" Prereq="B7F3EF2947194DBBA24570C9D8F78D96"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Compact 4.0 x64\MSSQL Compact 4.0 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1268
      Entropy (8bit):5.610612989906416
      Encrypted:false
      SSDEEP:
      MD5:553C7D6D7AF8088A382AFC86B98EEA5D
      SHA1:1B1324F1FAD8D95314E99BBA57E04E9EC80D4034
      SHA-256:00B2394085E5384C5247B301E12CB94BAA56150B0BB863F1DA73FCA4C226C02E
      SHA-512:0F0C6E834DD874B7196F8A5AAEA45C6CC9310B11CAE4669A22FC1CE212EED2C917BACDE495AAE31559D877F115E1B05F40CE64DBCC094574E50126E1265B0CC7
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A5FAD2_A0AB_492E_9F3A_F3AED8E676FF" DisplayName="SQL Server Compact 4.0 x64" VersionMin="4.0".. SetupFileUrl="http://download.microsoft.com/download/0/5/D/05DCCDB5-57E0-4314-A016-874F228A8FAD/SSCERuntime_x64-ENU.exe".. Location="1" ExactSize="2621240" MD5="a417082ecaedd95afb41f73dc140c350".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet /i".. Operator="1" Options="xf" TargetName="SQL Server Compact 4.0"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="A5FAD2_A0AB_492E_9F3A_F3AED8E676FFVersion" Prereq="A5FAD2_

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Compact 4.0 x86\MSSQL Compact 4.0 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1241
      Entropy (8bit):5.610295358008798
      Encrypted:false
      SSDEEP:
      MD5:9A77F4ECF113015A2FB30638809CA152
      SHA1:FE7553319142EF122E3C68FE23287A464B50F535
      SHA-256:2987D1E70C83B8699AED99CD932DD930F389296A9AA2169B21191F171CBDB37A
      SHA-512:69E5099577FCF17712E34B4BDF1BA6339F0DFC66C78C95A158CA2209840195FB00EEA7FD1F2B5FE0CF4F1B3D1585993F699D37702D4CC897C5DD8E4472857869
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B6B4DA29_4C9D_4CCC_B9CF_7A79BD06DD79" DisplayName="SQL Server Compact 4.0 x86" VersionMin="4.0".. SetupFileUrl="http://download.microsoft.com/download/0/5/D/05DCCDB5-57E0-4314-A016-874F228A8FAD/SSCERuntime_x86-ENU.exe".. Location="1" ExactSize="2379544" MD5="0a55733cf406fbd05dfcff5a27a0b4f7".. WinNTVersions="Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet /i".. Operator="1" Options="f" TargetName="SQL Server Compact 4.0"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B6B4DA29_4C9D_4CCC_B9CF_7A79BD06DD79Version" Prereq="B6B4DA29_4C9D_4CCC_B9CF_7A79BD06DD79"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ExprWT 2012 SP2 x64\MSSQL ExprWT 2012 SP2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2292
      Entropy (8bit):5.601170974433352
      Encrypted:false
      SSDEEP:
      MD5:C741B1F30632C3395BF1AFDEA5B57CA4
      SHA1:59C0FAF90FCF827F852D12E78124B824EBD94EB0
      SHA-256:7A3FCDA7479508F2E3FD40052FAF284955E6CEE444DEDE3B29A84AC2E0298536
      SHA-512:3360E8DB00D14E41345D12EDDA63618420B77BF3592D5EACD7A5C5AF616F50899FCE588C1AD7EE5CC34D969A3D00AED8128A2D53FB418497286C103B9880F12A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DBADBD3ADDD453396D0C551A0D7D8EA" DisplayName="SQL Server Express with Tools 2012 SP2 x64" VersionMin="11.0.5058.0".. SetupFileUrl="http://download.microsoft.com/download/0/1/E/01E0D693-2B4F-4442-9713-27A796B327BD/SQLEXPRWT_x64_ENU.exe".. Location="1" ExactSize="1154608280" MD5="0b0d69ccbf6eda3393cebfe49f460b5f".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine,SSMS /INSTAN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ExprWT 2012 SP2 x86\MSSQL ExprWT 2012 SP2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2318
      Entropy (8bit):5.6140692471852836
      Encrypted:false
      SSDEEP:
      MD5:EEB42236F000E9EEBF7F6C6BF3663146
      SHA1:FB3CA19407B179F26E48E91E6953C90670D49EAD
      SHA-256:93885C46E097FEE8B7942F2F81C683FB384673A5DEA8F55AD4106D22667C7FCD
      SHA-512:8EF03F5C4F7668E96C9B93E72B79C77E38B966BC570CF2A28FDAE0405DBADB2D34472962FB70C43820C33881AB8EDE56B3FC3C812476A6FC690471FEC8B82A4B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CC3B52B0BDE43099F6958458DADC8DD" DisplayName="SQL Server Express with Tools 2012 SP2 x86" VersionMin="11.0.5058.0".. SetupFileUrl="http://download.microsoft.com/download/0/1/E/01E0D693-2B4F-4442-9713-27A796B327BD/SQLEXPRWT_x86_ENU.exe".. Location="1" ExactSize="1149511136" MD5="a71657f52e701ffbf6212420f50a60c9".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEAT

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ExprWT 2012 SP3 x64\MSSQL ExprWT 2012 SP3 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2311
      Entropy (8bit):5.615050121744671
      Encrypted:false
      SSDEEP:
      MD5:BD73EA4733F1C322B92F8E5A4A42FBA8
      SHA1:E99F27F62F83B88CD9687BA7119E48C14491611A
      SHA-256:E6176910B86E4776AE72E0B9E187CC9A4A1E943D3E52B85A6DC397DC319A6AFC
      SHA-512:F53F7B99160AEAD81830EA27E017C74FA9708CA8A210FC8BF70DC9819D9E17D38854EE7E68D323299C311C35DF01E8492FD9E92B1985A829A4F315EDA657C34E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DD35672202EC413E9BBB66CE2FEF05A5" DisplayName="SQL Server Express with Tools 2012 SP3 x64" VersionMin="11.0.6020.0".. SetupFileUrl="https://download.microsoft.com/download/F/6/7/F673709C-D371-4A64-8BF9-C1DD73F60990/ENU/x64/SQLEXPRWT_x64_ENU.exe".. Location="1" ExactSize="1155846264" MD5="0c657ffb3a029585c2c89b64b7508981".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine,SS

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ExprWT 2012 SP3 x86\MSSQL ExprWT 2012 SP3 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2337
      Entropy (8bit):5.594644956725259
      Encrypted:false
      SSDEEP:
      MD5:ABD4CF9A81AA5DD9503C11D4184F77B0
      SHA1:B29FEA6E0D265699F994414374E54BF0830D5C8C
      SHA-256:FC8D2622AA014A8D2EAB218C361E6366693F22D7FC3392DD1C50077B21CFBE91
      SHA-512:922B7B6E9AD8212BE6CABBB4AEB588CC575949F59A41444DD46CA68307D71EB29AC839D243819365263E635539CD7B37536EA304066B4260B32FDA0C3AA79F4C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BAED88DB6FA04E919DDBE962EFF9097E" DisplayName="SQL Server Express with Tools 2012 SP3 x86" VersionMin="11.0.6020.0".. SetupFileUrl="https://download.microsoft.com/download/F/6/7/F673709C-D371-4A64-8BF9-C1DD73F60990/ENU/x86/SQLEXPRWT_x86_ENU.exe".. Location="1" ExactSize="1150969392" MD5="654b5b1e8961321813f70311a0457199".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Ins

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ExprWT 2014 SP1 x64\MSSQL ExprWT 2014 SP1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1969
      Entropy (8bit):5.615004417730407
      Encrypted:false
      SSDEEP:
      MD5:366A318F5B7B272F11F730593FB521DC
      SHA1:ADCD8C28B873598E7A7E1A40DAE2277671B701B6
      SHA-256:0CD610699855A34AC641696277F9E4CB6B5E6CC8C4C8679870BA0B9B71ACB1E4
      SHA-512:ADB2A44B87366BE26462C5443ABCF85C2C55FDF60B0F157B7A6BC4CFFA3229E5C0B3C2A30FF4BE95C63202FAECF785E6B12507AC007B0A3CA25290B92D18DAF6
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B198CBE7C9064728A1DE167EE2BA374F" DisplayName="SQL Server Express with Tools 2014 SP1 x64" VersionMin="12.0.4100.1".. SetupFileUrl="http://download.microsoft.com/download/1/5/6/156992E6-F7C7-4E55-833D-249BD2348138/ENU/x64/SQLEXPRWT_x64_ENU.exe".. Location="1" ExactSize="1134753312" MD5="c76d9cfa4096205294815491deeea3df".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine,SSMS

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ExprWT 2014 SP1 x86\MSSQL ExprWT 2014 SP1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1986
      Entropy (8bit):5.608196006115235
      Encrypted:false
      SSDEEP:
      MD5:01A7BFDF8AFCE01E254C022C2FE01645
      SHA1:E29CBC63AE71EEFF092F2EFE6F127A2684E23212
      SHA-256:5B66A86D576E6AE920DA70402A250E0E378EF5043C451BBD59A968C910475437
      SHA-512:413CA69A616DA52450DE379C49088A20FBE9D726F22562251E1F9241DE2CBEF261E952507D76FB10782E47F005E666A6990151DE3011171DF6FAF511987CDC0F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A4D3FBDDAA5497FA70CDA9DD4046CBD" DisplayName="SQL Server Express with Tools 2014 SP1 x86" VersionMin="12.0.4100.1".. SetupFileUrl="http://download.microsoft.com/download/1/5/6/156992E6-F7C7-4E55-833D-249BD2348138/ENU/x86/SQLEXPRWT_x86_ENU.exe".. Location="1" ExactSize="1160965480" MD5="5ea7cfa4c3e68c407a5aa27c7e35495d".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ExprWT 2014 SP2 x64\MSSQL ExprWT 2014 SP2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1941
      Entropy (8bit):5.623112190282322
      Encrypted:false
      SSDEEP:
      MD5:181A92896EB1BE5871693C3786C87439
      SHA1:98D67DC715D1B8AD26E1DC4DCC25DDAAE0192585
      SHA-256:4932F59FDB17D7CD7319B6D6570C5EDE158E2AE3C9ABFDF09BD66D7411668EDA
      SHA-512:3FA9BFA6784C61A64C0342D9B90D4838B2288B65399E03F3E6EAA41AEE5DB4E136A9EAC1D5E8C47B9C8B1DD38C5651EB41293FA6E0F7F2085B575926B93822F3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FDF55AC97463B985524BEC9B61110" DisplayName="SQL Server Express with Tools 2014 SP2 x64" VersionMin="12.0.5000.0".. SetupFileUrl="https://download.microsoft.com/download/2/A/5/2A5260C3-4143-47D8-9823-E91BB0121F94/SQLEXPRWT_x64_ENU.exe".. Location="1" ExactSize="1152263128" MD5="ed4fcf4aa1dbd82d8242c13231fe0bab".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine,SSMS /INSTANCEN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ExprWT 2014 SP2 x86\MSSQL ExprWT 2014 SP2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1986
      Entropy (8bit):5.6131850229620595
      Encrypted:false
      SSDEEP:
      MD5:D7B871E38085C400C589CBD5073E1682
      SHA1:68759D0E3E62135CD8AC77ED9879AE44DB0C208A
      SHA-256:F9D2F0C275A92B8ADEC5AE1E65F00DA09E2ED05B7B483870800D7E7F9A8DD397
      SHA-512:558804CB24F81E58EC348B1CD1378DED09D9CAA782B288D90FFA03F95E2AA595259CF1D13E2788B6F8CCE607D7DDE7DFB92E4127C95F4E0BB6A704FA8DFB5B84
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D27FD986DB5F4C3FB3CA22C0F081D7F0" DisplayName="SQL Server Express with Tools 2014 SP2 x86" VersionMin="12.0.5000.0".. SetupFileUrl="https://download.microsoft.com/download/2/A/5/2A5260C3-4143-47D8-9823-E91BB0121F94/SQLEXPRWT_x86_ENU.exe".. Location="1" ExactSize="1179305016" MD5="cf6292b87800542b577befa2af64d1df".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATUR

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ExprWT 2014 x64\MSSQL ExprWT 2014 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1991
      Entropy (8bit):5.605736515812552
      Encrypted:false
      SSDEEP:
      MD5:098B390EE62ABC266FC203652DD0A4F3
      SHA1:84EF83BF91B7A945770DF9D6B04AB1B74E079769
      SHA-256:250CBCCC4D2565DEAA8E1A589D25EC746F8EE1B0E27E5BE4AD0C6CC91DD76BFF
      SHA-512:86CE18142C97BE362812776E17780A78906A05231712DC5527C763B80B094F7E08791BEA7CCF0C38719334D426A97696ED4209FC9060B2184520EFB36EB498F6
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CDFD403368049F0A9DE33D73D911D6E" DisplayName="SQL Server Express with Tools 2014 x64" VersionMin="12.0".. SetupFileUrl="http://download.microsoft.com/download/E/A/E/EAE6F7FC-767A-4038-A954-49B8B05D04EB/ExpressAndTools%2064BIT/SQLEXPRWT_x64_ENU.exe".. Location="1" ExactSize="873690784" MD5="3bb7d34aaf063b73ac92d31aad896ba6".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 x64, Windows Server x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /A

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ExprWT 2014 x86\MSSQL ExprWT 2014 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2038
      Entropy (8bit):5.596510644882195
      Encrypted:false
      SSDEEP:
      MD5:688DA0ECF18BD9FA90ECA1B2E3376851
      SHA1:42F7C5E9312CD45299495FB397F2EE1F70A3CBF7
      SHA-256:8F40D738718C54D83DA2EFD3E8BEE697BC1BDE42DDB6BEE82D3648C5D2B111CD
      SHA-512:591A323F18B2CE67D026AE875D8DBA99D6939B5EC6935805F44BFB18F027ED5523D3C123490D42EA8315C0D59634C2AD3EF93FA157917100130F88F53C24EBBD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FC3624700A754D5396ACE9AF0AE30E15" DisplayName="SQL Server Express with Tools 2014 x86" VersionMin="12.0".. SetupFileUrl="http://download.microsoft.com/download/E/A/E/EAE6F7FC-767A-4038-A954-49B8B05D04EB/ExpressAndTools%2032BIT/SQLEXPRWT_x86_ENU.exe".. Location="1" ExactSize="881606336" MD5="22a1a43e9cbd3cc23931234fb5ca502c".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 x64, Windows Server x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiCo

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2005\MSSQL Express 2005.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1366
      Entropy (8bit):5.631880370052799
      Encrypted:false
      SSDEEP:
      MD5:59B24677608AE1B305A9F67FEA3D79FD
      SHA1:DCD7916964E2E601F986B0FB99E4CC92DEDFD9EF
      SHA-256:CAE097ADB16A91AE090FE0B94200DC6D229032A6FDC90CBCBD7A1C8F04D8097A
      SHA-512:A057EC9AAB066E063EB60C6F4EC951DA95476BF3D6417328CC33B35AE4B3F5387DA1C77606F96218AFDCDDC51495F4B91D5F2D4DBF22D32552EFB869FFF2BF0C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B7E27A_E19A_4814_A183_8D60D5CB2035" DisplayName="SQL Server Express 2005" VersionMin="9.00".. SetupFileUrl="http://download.microsoft.com/download/f/1/0/f10c4f60-630e-4153-bd53-c3010e4c513b/SQLEXPR.EXE".. Location="1" ExactSize="56105688" MD5="6797955b505d3871cabb630db28623a9".. WinNTVersions="Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/qn ADDLOCAL=SQL_Data_Files INSTANCENAME=SQLEXPRESS".. Operator="1" Options="f" TargetName="SQL Server Express 2005"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008 SP1 x64\MSSQL Express 2008 SP1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2899
      Entropy (8bit):5.632155635270213
      Encrypted:false
      SSDEEP:
      MD5:E8A58C93FF99858BDBA3FED5742F9992
      SHA1:54B7F851E4230EA73BF8C46F35217F39022867E3
      SHA-256:8D452096FCDE5EED4F295755E27D830130D9FF043B3607E2E68E96532AB69D2C
      SHA-512:BB4AA5FF7DF9932C2F11532B234EBFCD1CBBDD5D152A8067878DD4F512F59E4706682C1566DF3662F921C1E00D7541D3FEC105BAB5D8900444634D5F26BB14F8
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E9253D806CB468C8DF2B4D6CF037F6D" DisplayName="SQL Server Express 2008 SP1 x64" VersionMin="10.0.2531.0".. SetupFileUrl="http://download.microsoft.com/download/8/E/5/8E53FAA8-1129-4621-903F-3F8DB6D066AC/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="109358432" MD5="1b35c291d3bbf7164d9d1d35ed153f2c".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot; /SQLSYSADMINACCOUNTS=&quot;%USERDOMAIN%\%USERNAME%&quot;".. Operator="1" Optio

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008 SP1 x86\MSSQL Express 2008 SP1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2196
      Entropy (8bit):5.675657210166626
      Encrypted:false
      SSDEEP:
      MD5:A5CFBB542CD4FABE7CEF6A9AD187C106
      SHA1:4B843EFB1262079E83A04C73C5732F8A36E30755
      SHA-256:9EB9F819D73DF99C83A6120D9F7909CF376A00AF6C4D12C374AFBD10008516B3
      SHA-512:3D4F5A384919FD1D5ABB4A03D25D689D0169C21EB71A03567D2D1591B91E29FE4C50A47B7F518552703C32F93E2026D6DA6B3CD270EE63F513EE354C068E49AC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B497_00D2_40E3_86B9_58D902CD16F5" DisplayName="SQL Server Express 2008 SP1 x86" VersionMin="10.0.2531.0".. SetupFileUrl="http://download.microsoft.com/download/8/E/5/8E53FAA8-1129-4621-903F-3F8DB6D066AC/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="99962704" MD5="eb35f44933dce806e2c876a3f3253203".. WinNTVersions="Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot; /SQLSYSADMINACCOUNTS=&quot;%USERDOMAIN%\%USERNAME%&quot;".. Operator="1" Options="f" TargetName="SQL Server Express 2

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008 SP2 x64\MSSQL Express 2008 SP2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2883
      Entropy (8bit):5.608194281896854
      Encrypted:false
      SSDEEP:
      MD5:57198ABD9993EF6197267C1A46E4BBF7
      SHA1:316146C99E4D261D115EB3FD83AD02645339D7C7
      SHA-256:6867B7EC7F85F41A0B19E6DAC8BE18978C544BF24738A3618E32DBA2587B72B6
      SHA-512:9D7ADA4AF69B4080431DFF52771E0192502DE382223C547DBA7DA8048E97ECDC02DD9DD28B54D5E07EFDDED1530615F981ACBE8AA3A4A7469AFFB14DBF46CA7C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E1E85D05EC4DDBB443ABA0A6F31588" DisplayName="SQL Server Express 2008 SP2 x64" VersionMin="10.0.4000.0".. SetupFileUrl="http://download.microsoft.com/download/3/9/A/39ABE28E-9A82-41FE-A923-AD52FDAD165C/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="115793248" MD5="9acf180070f836eeda120486a4b65514".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot; /SQLSYSADMINACCOUNTS=&quot;%USERDOMAIN%\%USERNAME%&quot;".. Operator="1" Option

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008 SP2 x86\MSSQL Express 2008 SP2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2237
      Entropy (8bit):5.675623851692866
      Encrypted:false
      SSDEEP:
      MD5:B9F3F61F1382B5C99CF09C7145928B84
      SHA1:2807A11132528181883FE25ABA4F34A36208FD2D
      SHA-256:16AB2AD987418810DD6F2006811416FB52CC9A7098BDAACCFAE2A6BE7BD1D13F
      SHA-512:D640CC4077D66AEEF4EED84832529F8B36D25200ACA34F84C84D940D7A26AF5B66EBA06615BC2DD6AA12099E1CDDCE3B4F79097E9C325BC752981E36B20B52EF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DB95C79D_BEB0_412A_8763_CCAE132E37E6" DisplayName="SQL Server Express 2008 SP2 x86" VersionMin="10.0.4000.0".. SetupFileUrl="http://download.microsoft.com/download/3/9/A/39ABE28E-9A82-41FE-A923-AD52FDAD165C/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="105386848" MD5="d5875c71f0297fe80c2d7e22d844b9ac".. WinNTVersions="Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot; /SQLSYSADMINACCOUNTS=&quot;%USERDOMAIN%\%USERNAME%&quot;".. Operator="1" Options="f" TargetName="SQL Server Expr

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008 SP3 x64\MSSQL Express 2008 SP3 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2782
      Entropy (8bit):5.621393927347992
      Encrypted:false
      SSDEEP:
      MD5:365846EA13550EA2AAF768CCE8976797
      SHA1:ED25D4D307E1593140217B497C7B371372C8B175
      SHA-256:AEABDB35E9E274431D1C8B44A6BDCE8BD9A1CC134BA3C789146ECB7B02736879
      SHA-512:7A6F0B5C1311098F7D8E6ABD3D471A2613860BB4298E851CF5AA10C185B15A79A158D1FB2614980FBBD72060AAAEC38743C966ED1EB673DF034875DF2BE86083
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F9E74C19A45909E736BF2E9228AC1" DisplayName="SQL Server Express 2008 SP3 x64" VersionMin="10.0.5500.0".. SetupFileUrl="http://download.microsoft.com/download/0/F/D/0FD88169-F86F-46E1-8B3B-56C44F6E9505/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="118085472" MD5="6343925ec8f6dcb5b3baba0aaf319bbd".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows 10 x64, Windows Server x64".. NoUiComLine="/q /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot; /SQLSYSADMINACCOUNTS=&quot;%USERDOMAIN%\%USERNAME%&quot;".. Operator="1" Options="xf" TargetName="SQL Server Express 2008 SP3"/>.. <ATTRIBUTE name="GroupName" val

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008 SP3 x86\MSSQL Express 2008 SP3 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2060
      Entropy (8bit):5.648335948292711
      Encrypted:false
      SSDEEP:
      MD5:B1D5FB71A2C69E71DB4B5BBCE52EE115
      SHA1:06744F64C3110B7E64848FB532C1526C7FB1B68C
      SHA-256:EB42ED5304612C21C5E01CF403D15846BF3FF883B537AD21E8FEB26654A212BD
      SHA-512:43C4A4FC0758587B956AB00681B29ACC1965A090C87E3D61D32CD1B504AA6DDEDE701AC9357241F71EE6990C5F079B2D63EF99B4FEA267307F89462543B41F9A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DC14E4FBFE482AA7DD7DF1244B7B9D" DisplayName="SQL Server Express 2008 SP3 x86" VersionMin="10.0.5500.0".. SetupFileUrl="http://download.microsoft.com/download/0/F/D/0FD88169-F86F-46E1-8B3B-56C44F6E9505/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="107108704" MD5="5560dc070189b9ad01b1f6b17871b1b3".. WinNTVersions="Windows 10 x86".. WinNT64Versions="Windows 10 x64, Windows Server x64".. NoUiComLine="/q /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot; /SQLSYSADMINACCOUNTS=&quot;%USERDOMAIN%\%USERNAME%&quot;".. Operator="1" Options="f" TargetName="SQL Server Express 2008 SP3"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msic

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008 x64\MSSQL Express 2008 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2892
      Entropy (8bit):5.638696920738799
      Encrypted:false
      SSDEEP:
      MD5:BD19E4A04E1D573ECFE1C82F772AC4B3
      SHA1:1C4A3C825D0C45103D81BB0495FF7016119C183E
      SHA-256:2C74BA9CA688B7CE1B2B033E4CB0F90F85794766B47E04DA81DB5506F58E798E
      SHA-512:DA835080EC8FD710E73BCDA9172953EC28B76693CED6B77D0EF529CEA070C04E4A1111154E30F8126DA396123C048823F897969CB579A67E542DAE88AD9A80C7
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A490BDB0A5764259BB32EC806AD8F90D" DisplayName="SQL Server Express 2008 x64" VersionMin="10.0".. SetupFileUrl="http://download.microsoft.com/download/c/2/8/c28cc7df-c9d2-453b-9292-ae7d242dfeca/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="86525456" MD5="db795c94199d028a7ec1fd81f7406ae6".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot; /SQLSYSADMINACCOUNTS=&quot;%USERDOMAIN%\%USERNAME%&quot;".. Operator="1" Options="xf" Tar

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008 x86\MSSQL Express 2008 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2214
      Entropy (8bit):5.657985292373619
      Encrypted:false
      SSDEEP:
      MD5:791B336EE7423ACD133C35D2F4FC0147
      SHA1:B1D064E206053BF87E036F96AF4B70D9B9D6C542
      SHA-256:96E79EB26118AFD3263ABEA380727216938243B46707FABFFDE59A46B31262A3
      SHA-512:07D18E6FACCEF333238F55BE3EABE123206BCC41C684B65D13230DA2136F726B2A65504A8F1C73980ED72A392F4A0DBF3968903F64B6F7CFACC1BBDD068F05D0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BD569C9C_D2BB_4B64_99DA_80C2B49DF418" DisplayName="SQL Server Express 2008 x86" VersionMin="10.0".. SetupFileUrl="http://download.microsoft.com/download/c/2/8/c28cc7df-c9d2-453b-9292-ae7d242dfeca/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="93377552" MD5="ba1eafe16fffcb21dcea3dc6c4f6e131".. WinNTVersions="Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot; /SQLSYSADMINACCOUNTS=&quot;%USERDOMAIN%\%USERNAME%&quot;".. Operator="1" Options="f" TargetName="SQL Server Express 2008"/>.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008R2 SP1 x64\MSSQL Express 2008R2 SP1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2868
      Entropy (8bit):5.611835396698733
      Encrypted:false
      SSDEEP:
      MD5:84518EF15FF9A076485A3F327CBB1CDC
      SHA1:FA4A4E0C8C18F6382FB5A3272F682A6F676A7D0A
      SHA-256:3A65A8B2CA14C10865F269BF2FD696FC19A216E28AFDF93087E18F41F7475404
      SHA-512:693CC4058EE570349D97F24AF4104B0EC30678DCD3D15C24857D2A6797463AC2020F9A2E367A77E6761ED753BE29421120510CF960BB44577C314A5078325888
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="ED524CC07D4D299EBB6D6F3CA4E053" DisplayName="SQL Server Express 2008R2 SP1 x64" VersionMin="10.50.2500.0".. SetupFileUrl="http://download.microsoft.com/download/D/1/8/D1869DEC-2638-4854-81B7-0F37455F35EA/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="123172192" MD5="07f1fc981fe653cbe0ac19fb76703b4e".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista RTM x64, Windows Vista SP1 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot;".. Operator="1" Options="xf" TargetName=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008R2 SP1 x86\MSSQL Express 2008R2 SP1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2253
      Entropy (8bit):5.638906586230225
      Encrypted:false
      SSDEEP:
      MD5:341B762C7474386420238F8A5681C101
      SHA1:84AC05F4BDE2CD452BA78DE64FBF69CCDB7773F7
      SHA-256:0A5D36DE3AACDAE8BFC1B780B7C6B02021F35BEB10A74AA15888CE09F90AE4C2
      SHA-512:21CE804B3E88E2AAA7E0BCD334C3F1748563E7660831D34E58CAEC9D7B0E4FF17EE76338F8E7E9486CC4664F95F65D44C5AD69A3675EDA994D28408DF70C94AF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CBA36B11_EBDA_4FAD_8E91_8ADA37CA6006" DisplayName="SQL Server Express 2008R2 SP1 x86" VersionMin="10.50.2500.0".. SetupFileUrl="http://download.microsoft.com/download/D/1/8/D1869DEC-2638-4854-81B7-0F37455F35EA/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="111274848" MD5="01befebfe8c04a58a20af380b582872a".. WinNTVersions="Windows Vista RTM x86, Windows Vista SP1 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows Vista RTM x64, Windows Vista SP1 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot;".. Operator="1" Options="f" TargetName="SQ

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008R2 SP2 x64\MSSQL Express 2008R2 SP2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2775
      Entropy (8bit):5.512481447632408
      Encrypted:false
      SSDEEP:
      MD5:99F0A0F04909863B24D0B4B11708E4F4
      SHA1:BDF0D42A4E69C54906C88AC2D07E4C5176A3349F
      SHA-256:5EEB598614DF7B1D19477F547854A8F7323A63F2231DA07C67C7B965479454BC
      SHA-512:DD93DC84CAD9558576D7F9868B5F9EE22DFD6226C92CA6B7C859A8CCDAC99419B1DC2F2620040EF37C82C3DE2FCC3B2BE286419164D4D3CEAFD31573096EE371
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C2A04884F288FF2ACF8B444E240" DisplayName="SQL Server Express 2008R2 SP2 x64" VersionMin="10.50.4000.0".. SetupFileUrl="http://download.microsoft.com/download/0/4/B/04BE03CD-EAF3-4797-9D8D-2E08E316C998/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="128331696" MD5="00cb440fefad74c122fb427d0c910059".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista RTM x64, Windows Vista SP1 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot;".. Operator="1" Options="xy" TargetName="SQL Server Express 2008R2 SP2"/>.. <ATTRIBUT

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008R2 SP2 x86\MSSQL Express 2008R2 SP2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2131
      Entropy (8bit):5.611649556326365
      Encrypted:false
      SSDEEP:
      MD5:B7055C9581B87F0D38FBC2695D50C697
      SHA1:7458CBC430C93F09A84D09EA68A18FAEAAF9FC8A
      SHA-256:35A35F69431C9E03A7790C9542A6E8543FE81F2DB1C2D844AFBAC24B0D3080B2
      SHA-512:5E1D8024EE0D3E625028BAF3B6C691BE3E4F62BE5C77BB139E2121AB63267F2AC95A78900AF024479893C7CDFC7807FCA06439A927E3BE5C27008C5202418ABA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C90B194E224AFC9EA6DB24D7909F41" DisplayName="SQL Server Express 2008R2 SP2 x86" VersionMin="10.50.4000.0".. SetupFileUrl="http://download.microsoft.com/download/0/4/B/04BE03CD-EAF3-4797-9D8D-2E08E316C998/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="115763632" MD5="01d53a5e1971d25eca27a72fececbee4".. WinNTVersions="Windows Vista RTM x86, Windows Vista SP1 x86, Windows 10 x86".. WinNT64Versions="Windows Vista RTM x64, Windows Vista SP1 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot;".. Operator="1" Options="y" TargetName="SQL Server Express 2008R2 SP2"/>.. <ATTRIBUTE name="GroupName" valu

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008R2 x64\MSSQL Express 2008R2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2917
      Entropy (8bit):5.614002080663862
      Encrypted:false
      SSDEEP:
      MD5:8C79DD733EF2BCA760536F00F3461E30
      SHA1:465E0585853D64F5A136DC69FCB8B57DC12F6359
      SHA-256:2EA2BEF8B70422F1D69A44B307585D1A9DCA6AFA72A63B26931574490E5AA4CC
      SHA-512:A95E2E2FB4B754C2D35DE960CD831BC3EDC6D7E8E3273C7CFD43F6EE028834AA9B79247554EDF0A82C48B69D203AE3C3628A62F6642D2B14FA1ADE39CAC1B0B9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D8570608F25A4ED9BE6140C79C229B8A" DisplayName="SQL Server Express 2008R2 x64" VersionMin="10.50".. SetupFileUrl="http://download.microsoft.com/download/5/1/A/51A153F6-6B08-4F94-A7B2-BA1AD482BC75/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="77677408" MD5="25ac50a8196cc4969c6f15d2f81c1dc1".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista RTM x64, Windows Vista SP1 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot;".. Operato

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2008R2 x86\MSSQL Express 2008R2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2265
      Entropy (8bit):5.61065504785339
      Encrypted:false
      SSDEEP:
      MD5:BF50B28F80F04645C9F04FC9E44CF1FC
      SHA1:3646F2CA2EC324C1EFBCB1CEC7E22CCF6251C48E
      SHA-256:6B94B26511C2655D79E8C6D6E187DC12D1E793F70B0273FBB8C05DC010578DE3
      SHA-512:290C44CF78361C5F94CBF1A6F9BD28E7F734AA8C7F1CF88D2D9AEF9D615F79749A2D19E2A12BE4A590ABAB99284EE4F5A40010B200EDA3FF7B867C0173924CE5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CFEB55_E155_4C34_ACDD_F2302CF52CB1" DisplayName="SQL Server Express 2008R2 x86" VersionMin="10.50".. SetupFileUrl="http://download.microsoft.com/download/5/1/A/51A153F6-6B08-4F94-A7B2-BA1AD482BC75/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="74524000" MD5="2019a6394520a2bd3510d90ce69e05a0".. WinNTVersions="Windows Vista RTM x86, Windows Vista SP1 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows Vista RTM x64, Windows Vista SP1 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /SQLSVCACCOUNT=&quot;NT AUTHORITY\NETWORK SERVICE&quot;"..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2012 SP1 x64\MSSQL Express 2012 SP1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2567
      Entropy (8bit):5.55835888470083
      Encrypted:false
      SSDEEP:
      MD5:27C21957CF51CD4A73406C945BF86B8C
      SHA1:8C065A70039EB369B295859E9428E1548D0FA949
      SHA-256:DE37A5DC6C98BEDBC7484F6871FC3F14D3357312D2B2A23EFE33B1F4564B1758
      SHA-512:948103B809CE6F452C2DB7395633D4E593A5D2A064CA0739960A61D3167123984F0D69DC54D836FAE8E6B916EE7B71954565E72AE463591AC43A95BA7129456A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B748C48AB962A18286818A674" DisplayName="SQL Server Express 2012 SP1 x64" VersionMin="11.0.3000.0".. SetupFileUrl="http://download.microsoft.com/download/5/2/9/529FEF7B-2EFB-439E-A2D1-A1533227CD69/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="155281408" MD5="1da4cc5c1711595b91e8f347ded64c33".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 x64, Windows Server x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEng

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2012 SP1 x86\MSSQL Express 2012 SP1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1959
      Entropy (8bit):5.58846529896575
      Encrypted:false
      SSDEEP:
      MD5:0DC20EB0A29ADBF8DFCF3548825E31DF
      SHA1:AFD25A6B13D60A047EE8AFF7B138800C00CB282A
      SHA-256:849253228FD3E54D3E141BC8F1B4EE6396D16BDCF8876D8B494818C719BD909E
      SHA-512:5249B2B6AE2FCE2A88BA1096F2E6D0BAB121CF28B6142DB9B10066417264E94C727103B3919D7E0DC0CBEEF286E6C99FF4B94B8E53FCEC8E3D0C9B79B66C2DA4
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A3A449A9204A9BC036DEB0B" DisplayName="SQL Server Express 2012 SP1 x86" VersionMin="11.0.3000.0".. SetupFileUrl="http://download.microsoft.com/download/5/2/9/529FEF7B-2EFB-439E-A2D1-A1533227CD69/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="139571184" MD5="3a8b6a378303d72a57d7f67dfb617e57".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 RTM x86, Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 x64, Windows Server x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICE

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2012 SP2 x64\MSSQL Express 2012 SP2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2622
      Entropy (8bit):5.602160174553707
      Encrypted:false
      SSDEEP:
      MD5:7697E10E68A1272B689A50398EFDCCFE
      SHA1:9FA7256C9B6F61AFA077328E1B55796BDBE7336A
      SHA-256:1F687B734F38D16F06E22E09FB3EAEFBFFF2095BF9EC4A639F9F36570875839E
      SHA-512:F8B0310062263A48AE3C85B070F041C521FCFC91CF69D7BBB0E95F9255DDBD617B22D572B8DE01B3E19B71A6C02E7045DFF6E42FB5DD98A9248713696A1F9054
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C424DA898C354D00B71A9EFAEC807F7E" DisplayName="SQL Server Express 2012 SP2 x64" VersionMin="11.0.5058.0".. SetupFileUrl="http://download.microsoft.com/download/0/1/E/01E0D693-2B4F-4442-9713-27A796B327BD/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="310443304" MD5="03daf53298beabc4bd8b4fd64e5465d1".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2012 SP2 x86\MSSQL Express 2012 SP2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1963
      Entropy (8bit):5.61545947154211
      Encrypted:false
      SSDEEP:
      MD5:154D7A810733B1117FAE151DB2391DC2
      SHA1:D937F45EC223B5AC00AA22FFDEB1BC0051F17BBE
      SHA-256:12C3F6C3687AC56FDEE80E019F966D9F01EAE32ABB97DF42694ACDFC5B798730
      SHA-512:6DAE4A253B9B2984353C70DB6BEF1CAF7CFDB5E0140933CAA633F9B4561319D308C2A1A1077CE85FFB929FAFE5DAAA6F71A2197067867AFF938301F89461B522
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EE497291D024CB7AFB6BD17437F6FA9" DisplayName="SQL Server Express 2012 SP2 x86" VersionMin="11.0.5058.0".. SetupFileUrl="http://download.microsoft.com/download/0/1/E/01E0D693-2B4F-4442-9713-27A796B327BD/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="274628920" MD5="bee018e5b756be731ab5b983634c6c72".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2012 SP3 x64\MSSQL Express 2012 SP3 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2566
      Entropy (8bit):5.577740566315584
      Encrypted:false
      SSDEEP:
      MD5:645C6150D8960B8D3D5B65165723139A
      SHA1:627FC44D150D88EB2CFE732B3F60D5295B60B86B
      SHA-256:C9D10B2FD9CB398696C2026FE750AB2107B46EF266F12A10627A030599D1C132
      SHA-512:8829E4A7DD422838872EF46AC6AB1820D2AE96A22DAAB73B9694927A3C4E4E2B20817FA6C30861926C9803C7C3988753BB4AB104EE1E53AE2B2800E6A572492B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F252D5E4B7EA872E1BACBEEB48B" DisplayName="SQL Server Express 2012 SP3 x64" VersionMin="11.0.6020.0".. SetupFileUrl="https://download.microsoft.com/download/F/6/7/F673709C-D371-4A64-8BF9-C1DD73F60990/ENU/x64/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="310972408" MD5="9c42a9d61b9cca732804d7f7f5edc5f5".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPR

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2012 SP3 x86\MSSQL Express 2012 SP3 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1958
      Entropy (8bit):5.599938082881004
      Encrypted:false
      SSDEEP:
      MD5:95A982EF7ABE35B1A57BB75744AA32C8
      SHA1:BF998DE0CAA113E0F1E50D3D826993D3C197B811
      SHA-256:15C893871CA96427328E5F7A1ECAEC889B36C35BAE284E52C958D0C01FAC6BE1
      SHA-512:2CED6EE041904B214D6C247E976410E8D7011FDED3A739A3A127B38256E7E536D5830D5CBD8B73BEDFF2F3FBA688B20A8C11619F49FB1D0E83859081B517350E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A40CDF9374E39954C54E06FFE99A3" DisplayName="SQL Server Express 2012 SP3 x86" VersionMin="11.0.6020.0".. SetupFileUrl="https://download.microsoft.com/download/F/6/7/F673709C-D371-4A64-8BF9-C1DD73F60990/ENU/x86/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="275062360" MD5="352f7cf82f592ef958dd6c5d9ac73dad".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQ

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2012 x64\MSSQL Express 2012 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2624
      Entropy (8bit):5.584448201724522
      Encrypted:false
      SSDEEP:
      MD5:5DFA501963532EA5FCB799028AB1558A
      SHA1:0142BB5634D1AB10B16FE1E465B9AE4B7EFA6CD7
      SHA-256:DA980E16E416E499B15E4C86B512189EA3F987BFE9AA68A4E622C1D0FB74662A
      SHA-512:6BC60E2610B6915EBE2BF55141C6DA8BB4A96E2EC49AACAE9903E3A0CDE2D3562B8DB1EC1BD5BC1F3F91F19AAC080DF45996363692EB1F2FD236C5FEB425630D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E678318451A92907F0838C63CCD" DisplayName="SQL Server Express 2012 x64" VersionMin="11.0".. SetupFileUrl="http://download.microsoft.com/download/8/D/D/8DD7BDBA-CEF7-4D8E-8C16-D9F69527F909/ENU/x64/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="138757208" MD5="9437810c7090fcfdb0801f24963d814c".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERL

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2012 x86\MSSQL Express 2012 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2042
      Entropy (8bit):5.592720528542907
      Encrypted:false
      SSDEEP:
      MD5:040786D69DCAC7CBA64046F63A0E6070
      SHA1:13CAD7269806548FB1BFC0BA327CBCB1E9D0B83B
      SHA-256:47C97529278F6A65B8CBAEAF00DD0F85CF0A07CAE60A6411DD2DBEB09FE73854
      SHA-512:9C4BAF67924E6858C4F9E3DB3033570FA7F179B63A87FEC0B32B9622D69438BA7DF60F61A6EF09B23EFFDC1EFABE10B25B8B5D1AF51F2D3DA2D16475BE0C3F36
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E74D394442598C7E68505BEEF299" DisplayName="SQL Server Express 2012 x86" VersionMin="11.0".. SetupFileUrl="http://download.microsoft.com/download/8/D/D/8DD7BDBA-CEF7-4D8E-8C16-D9F69527F909/ENU/x86/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="122317400" MD5="8610717fb9778b20f239491201431c9a".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 RTM x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/U

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2014 SP1 x64\MSSQL Express 2014 SP1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2259
      Entropy (8bit):5.6205749116740815
      Encrypted:false
      SSDEEP:
      MD5:18ABD88754B37611DE4D4ADE94788462
      SHA1:62CE20E2B9E380D0930993DE413E76E3EB0411EA
      SHA-256:8100BCC00EDC059CF4F9156BE9827E373CC96A8F129E8A58A07D29615781CAAE
      SHA-512:63A7F714D816A74F60B551AD4D29EF7FE6710E3C2FC952BB46294725030B7A77D3849EF84F084AAE678AC93031DA9ADBF6E5B33A74F65FA2ACD4AE29A1EC7E84
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E4EC98DAC4F3FAD73360645FDB907" DisplayName="SQL Server Express 2014 SP1 x64" VersionMin="12.0.4100.1".. SetupFileUrl="http://download.microsoft.com/download/1/5/6/156992E6-F7C7-4E55-833D-249BD2348138/ENU/x64/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="318752832" MD5="cea747bb0e3feb601f0948af87779c2d".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRE

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2014 SP1 x86\MSSQL Express 2014 SP1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1627
      Entropy (8bit):5.5937259675753515
      Encrypted:false
      SSDEEP:
      MD5:D727D08F82C0F599590AF3F5F0D8E06D
      SHA1:E7ACC61DB933D0D2F00846F8F254D0FECC3CA370
      SHA-256:601A4FAA6FB77BE9B50143833D491EE42272A52AA3E83013C0BC524E3332E43E
      SHA-512:B5D84BBCD942255F80DD7C51C34A8ACF4F446F0DD6E69461937BFABFE8CC7ED48DF7AB6F61D4B7F2D806AD45447F2D660526B62F6D27DE855690B3D2D4AA3E7C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C1DEFBF2C648B392CEF9612D01EB69" DisplayName="SQL Server Express 2014 SP1 x86" VersionMin="12.0.4100.1".. SetupFileUrl="http://download.microsoft.com/download/1/5/6/156992E6-F7C7-4E55-833D-249BD2348138/ENU/x86/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="278008584" MD5="3cef695244ad16e241debf7bdfa5eda7".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEng

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2014 SP2 x64\MSSQL Express 2014 SP2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2282
      Entropy (8bit):5.59771990164066
      Encrypted:false
      SSDEEP:
      MD5:E9D0664D13BFACA13506E1BB2EAE6265
      SHA1:AE8D035F469E8ABD9DA22E2402C38248F3008BA7
      SHA-256:59BC45E53B619B1221C7CDA83DFCDD5E67E3C11DDEA55F75D95C12F88B1035DE
      SHA-512:E6EF158DA292D8322BF3B1AEBF2EB3471FB0F0D4A3871A90853AB663E41F6EF2A80BBF1FBF29C5A2251DF22DEFC9362D53F09DD82D395F554B95713EE89D9D9E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="AFB438CA2EA243EC93F2921AB517CF68" DisplayName="SQL Server Express 2014 SP2 x64" VersionMin="12.0.5000.0".. SetupFileUrl="https://download.microsoft.com/download/2/A/5/2A5260C3-4143-47D8-9823-E91BB0121F94/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="326871400" MD5="28140e55d164de752538822eb465b1fe".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2014 SP2 x86\MSSQL Express 2014 SP2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1620
      Entropy (8bit):5.581915285831531
      Encrypted:false
      SSDEEP:
      MD5:B85515B1C62AB756C2D8FA92FE091369
      SHA1:03AF6DC7C8D027705A6867723CE53B51F9CEDE2B
      SHA-256:72C9102BCC4F08BFFFA93A093E924EDD27B3D112809F4EF97E95BDFC959F2E03
      SHA-512:F824803CC58D9F8EBB3C0409D0DA4C1B340A01D323B202BFA48795D61459B464EE584A1A156C0061DAD411188536DF0C4276FE762DA80FAE4F5CD2A76CAB3FE3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CF27E6851E40CF835BF4EED1D02402" DisplayName="SQL Server Express 2014 SP2 x86" VersionMin="12.0.5000.0".. SetupFileUrl="https://download.microsoft.com/download/2/A/5/2A5260C3-4143-47D8-9823-E91BB0121F94/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="287690248" MD5="5f60008e1993d3c2dba0d27ea68f1b10".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /IN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2014 x64\MSSQL Express 2014 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2301
      Entropy (8bit):5.578525940125889
      Encrypted:false
      SSDEEP:
      MD5:F07E06522E77845743FBF8CDD785BCCD
      SHA1:C366404D05B210B893359D82C62708800628BCF3
      SHA-256:5AD49873291C5D09694448AF0EB438D27595CAB5D98DDE70D27D881E614A6A29
      SHA-512:C9CD9F9B46FF2E18FEF8FD104BEFDB7E5A2BA5FCEFB79CFA79AADA68C1D5B9137B031C26027D54A9DDE5D1DD0D29D6681A2B244BE35A7BE0A5709D4F62272615
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E700E1106E345769477D536075F406D" DisplayName="SQL Server Express 2014 x64" VersionMin="12.0".. SetupFileUrl="http://download.microsoft.com/download/E/A/E/EAE6F7FC-767A-4038-A954-49B8B05D04EB/Express%2064BIT/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="206300720" MD5="5e0d8acb75d040489bd93b18b4c5e817".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 x64, Windows Server x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATUR

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2014 x86\MSSQL Express 2014 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1641
      Entropy (8bit):5.557178230092203
      Encrypted:false
      SSDEEP:
      MD5:C989CCAF004917385072D8D0936622F1
      SHA1:6A9402B10C02621F49700D25BC84EE8EBB2B46AA
      SHA-256:CC660825CDE1433EFF007E7B12E0F900F3D88CD442A609CC2FE0C29924BE8823
      SHA-512:9AAFCC56A4639B7E30E2377CCB4028812C9ED73A77297AD273DCF3180ACAEC1C90DDAFF05E81B27BC900F79FB4C2B36EF1596ACABE98C88AE12C66EB02068572
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CAEE447FAA06E8C4909F4208" DisplayName="SQL Server Express 2014 x86" VersionMin="12.0".. SetupFileUrl="http://download.microsoft.com/download/E/A/E/EAE6F7FC-767A-4038-A954-49B8B05D04EB/Express%2032BIT/SQLEXPR_x86_ENU.exe".. Location="1" ExactSize="176626720" MD5="81e11bf4e40bde0ef16ad0b382929a0f".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 10 x64, Windows Server x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLI

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2016 SP1 (web)\MSSQL Express 2016 SP1 (web).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1707
      Entropy (8bit):5.585428400349062
      Encrypted:false
      SSDEEP:
      MD5:C3AFA0E27A552F4CF71C47E2271D94FB
      SHA1:2A35469B619DC78EAE9495E32F2FBC80365BEA2C
      SHA-256:1DAA9442E61DD6913178A2CE2277C116FA246E58B11E37B0A09E555185B37F58
      SHA-512:BE8A5A7ADC40BA881F7FF0D45298400925E80912BDAF2C017B055652524A7B223EB5363ADDA225C4ECF0ED4FABFE9F98D0155DD84EDE7F94A56C962B744FFE40
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A7A1838A273A436989688EC0E1664E3F" DisplayName="SQL Server Express 2016 SP1 (web installer)" VersionMin="13.1".. SetupFileUrl="https://download.microsoft.com/download/B/F/2/BF2EDBB8-004D-47F3-AA2B-FEA897591599/SQLServer2016-SSEI-Expr.exe".. Location="1" ExactSize="5546160" MD5="0ad24adad27b152060758055440ab415".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64".. Operator="1" Options="xy" TargetName="SQL Server Express 2016 SP1"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSe

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2016 SP1\MSSQL Express 2016 SP1.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1887
      Entropy (8bit):5.617989470817977
      Encrypted:false
      SSDEEP:
      MD5:97A7DEE86E4C8AA2E4E314BDE929C53A
      SHA1:0AB3B39A4231C7A6384CE04D49C78F0A9F05571E
      SHA-256:9F39B481325588069F191A0C80887B2218EC2AF3AAACD65E1C3BC17B785DDBD4
      SHA-512:FFA430C0A6DDBB39D9E8E841D604B9A8649B770DBF8905606393E71CBE755B1CC5C3317032B02E2ABC8E5CDD06E85668BCFCD200870405378BE413C2FB7CDA89
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B5C302A8240F2B5C8E7CBB71C69BB" DisplayName="SQL Server Express 2016 SP1" VersionMin="13.1".. SetupFileUrl="https://download.microsoft.com/download/9/0/7/907AD35F-9F9C-43A5-9789-52470555DB90/ENU/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="431397432" MD5="345ea5d3c5fb2b1885e31786bf443171".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /UpdateEnabled=Fals

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2017 (web)\MSSQL Express 2017 (web).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1354
      Entropy (8bit):5.611964434526653
      Encrypted:false
      SSDEEP:
      MD5:A480493A856F8FE61BB5D34ACBDF7E48
      SHA1:77EC2DBFEE5625F0F1C7B07724E4EDCBB848E2BC
      SHA-256:508484DC9F111FC7C16BB60A18C63FB598C1208175A71EF81B24C2CD10FDE84D
      SHA-512:DFA1F89764F93AC8061FFB638ED6285ED4257D9BF7B603ECC4417DCECC8EC3574CEA405C7BDAE853A989DF8FBAD1B19B41269EF71808F39AB1D4791CFE7991A9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.5" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EEB9A3F623AB4F318A43001374C47030" DisplayName="SQL Server Express 2017 (web installer)" VersionMin="14.0".. SetupFileUrl="https://download.microsoft.com/download/5/E/9/5E9B18CC-8FD5-467E-B5BF-BADE39C51F73/SQLServer2017-SSEI-Expr.exe".. Location="1" ExactSize="5325976" MD5="5b232c8bb56935b9e99a09d97d3494ea".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64".. Operator="1" Options="xy" TargetName="SQL Server Express 2017"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComp

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express 2017\MSSQL Express 2017.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1543
      Entropy (8bit):5.611822443874469
      Encrypted:false
      SSDEEP:
      MD5:31FA066CA5D997DB46A8EF4A5541E5D8
      SHA1:BD92D54E83652AD4800F50857313EF62075A0A62
      SHA-256:1ECAFBF1EE33B217C9D95C33113675B1D6E92D344F7DCF2E3E72C6AD1CF91695
      SHA-512:BED5B3961F77C2435E8B24BE1ED45193E3BBB5C4FFFDCD9EC01DD1E6344A0BA06F8737E91F7C345DB130D664C74BFF131ACD79D93D120F3EA3EB3C825E473B75
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.9" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B0C8318EB4B53AF0833C6FFA9CC4B" DisplayName="SQL Server Express 2017" VersionMin="14.0".. SetupFileUrl="https://download.microsoft.com/download/E/F/2/EF23C21D-7860-4F05-88CE-39AA114B014B/SQLEXPR_x64_ENU.exe".. Location="1" ExactSize="289058768" MD5="409d2384684cd6a45c64bdd5414fbf24".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64".. ComLine="/UpdateEnabled=False".. BasicUiComLine="/UpdateEnabled=False".. NoUiComLine="/q /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQLEngine /INSTANCENAME=SQLEXPRESS /UpdateEnabled=False"..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2012 SP1 x64\MSSQL Express LocalDB 2012 SP1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1527
      Entropy (8bit):5.635261131971354
      Encrypted:false
      SSDEEP:
      MD5:5D056CDC825129AE3E80417ACD6B2E2B
      SHA1:6CB939C4D7D7A03F64986BF64AE87767EA11A304
      SHA-256:E86A3B7DE6E777EADB472BD1F7B8E75DAC5022DA46E1E8A73807279D53E18346
      SHA-512:7153B50901435C6A35D5FAB2080ECD2EB791B7DF66AE9140F82BB1134CD41AE57143C3F18D19955C1027146C36E50DF2AD9A3D669EFD16ECDAC908EC2D4C1E6E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B149F960C2884CA9B97D1E727466029F" DisplayName="SQL Server Express LocalDB 2012 SP1 x64" VersionMin="11.1.3000.0".. SetupFileUrl="http://download.microsoft.com/download/5/2/9/529FEF7B-2EFB-439E-A2D1-A1533227CD69/ENU/x64/SqlLocalDB.msi".. Location="1" ExactSize="36458496" MD5="a641cee622ae4c525a4c36d1edcdde2f".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 10 x64, Windows Server x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Express LocalDB 2012 SP1?

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2012 SP1 x86\MSSQL Express LocalDB 2012 SP1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1480
      Entropy (8bit):5.641744124204419
      Encrypted:false
      SSDEEP:
      MD5:896DA7D80D4AA2DAD2574A93872C2457
      SHA1:280C7EF024E5F3755A2813AD736537CD7379539D
      SHA-256:D5A93A0DED115113A793DAC40565954A2DD54BCA44F074006A6AB3F925BDE8A4
      SHA-512:0D90BC37422A891C10DBA064802A6FC2004EF5E8C8EBD1B9B7492F9F798B7902DC094549665A246311AD9BA209AAAAA52B049409AE84E79DC44145A49161332F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EDE6BC5964F148B06EF99CB25BB07" DisplayName="SQL Server Express LocalDB 2012 SP1 x86" VersionMin="11.1.3000.0".. SetupFileUrl="http://download.microsoft.com/download/5/2/9/529FEF7B-2EFB-439E-A2D1-A1533227CD69/ENU/x86/SqlLocalDB.msi".. Location="1" ExactSize="30928896" MD5="e341362489bc42fdc92bdec822f9bd74".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="f" TargetName="SQL Server Express LocalDB 2012 SP1?SqlLocalDB_x86.msi"/>.. <ATTRIBUTE

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2012 SP2 x64\MSSQL Express LocalDB 2012 SP2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1489
      Entropy (8bit):5.661435899850386
      Encrypted:false
      SSDEEP:
      MD5:20332A54225D98890496F82F795B35FB
      SHA1:D911C1BDDA065C5A7BFDF1727344328AE4B44B49
      SHA-256:8B6814886ED1EB35E5B08B4C1A398951B7C603164DCDD48C441D8DA52EB352B9
      SHA-512:18A7401316234F29B8218E0DD641CD17FD21C3F107BD35148AB19F8D4647D0EDC9C8D7C42D69E251663A3C07EFCAD5A4F4BDE262CB1C98FB7A6EDE2D10F1083A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DF7DF8D3C7F4D6DBFC02CA979F79331" DisplayName="SQL Server Express LocalDB 2012 SP2 x64" VersionMin="11.2.5058.0".. SetupFileUrl="http://download.microsoft.com/download/0/1/E/01E0D693-2B4F-4442-9713-27A796B327BD/en-us/x64/SqlLocalDB.msi".. Location="1" ExactSize="36503552" MD5="b991ca7434b38d450b7d83e4f57d7b1a".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Express LocalDB 2012 SP2?SqlLocalDB_x64.msi"/>.. <ATTRIBU

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2012 SP2 x86\MSSQL Express LocalDB 2012 SP2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1478
      Entropy (8bit):5.648019919688727
      Encrypted:false
      SSDEEP:
      MD5:9BDCA4A1CD3CD5743EB5206AFB1E1FF7
      SHA1:072695B1E47154FF299D7903C006374E5377219A
      SHA-256:CE8AD298611E7201E6411517A42D942440E6950AB5796D5F8D0A4EAEDF63E766
      SHA-512:DC6163F39B18A3F891AA7A093473900A5E308DD94EFC8903F4BE0B0A4B9D8EF5BB35A7CFA71C540E9B459177793FD8D2455E9DC1540AC2F585C75F18EA7B54AF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FBF0F628D3364A1782A7D066FE52C390" DisplayName="SQL Server Express LocalDB 2012 SP2 x86" VersionMin="11.2.5058.0".. SetupFileUrl="http://download.microsoft.com/download/0/1/E/01E0D693-2B4F-4442-9713-27A796B327BD/en-us/x86/SqlLocalDB.msi".. Location="1" ExactSize="30916608" MD5="ed4cfccf4f544c5624a4ac603079812a".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="f" TargetName="SQL Server Express LocalDB 2012 SP2?SqlLocalDB_x86.msi"/>.. <ATTRIBUTE name="Group

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2012 SP3 x64\MSSQL Express LocalDB 2012 SP3 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1488
      Entropy (8bit):5.653068765693132
      Encrypted:false
      SSDEEP:
      MD5:04E2090F4B61BD9FB8EB092D4F7FBA85
      SHA1:20272B37EC3E8C3CBE050EB36EC838FA7B4C2D42
      SHA-256:7ADA241D74C0F86589386DC5CE760FE2D956367FF3C91A4767DCB5353E518BEF
      SHA-512:968C970BD9EC87941D5602D56C7EA238E551055FE0AA3CD787796B46A19AA9E86D3877141581DB07C34CCF4FA062CA237410BD0A7E8E7C74F8BD9B12DDD5038A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BD83C72CBE249E4AE22BFBF74F802C5" DisplayName="SQL Server Express LocalDB 2012 SP3 x64" VersionMin="11.3.6020.0".. SetupFileUrl="https://download.microsoft.com/download/F/6/7/F673709C-D371-4A64-8BF9-C1DD73F60990/ENU/x64/SqlLocalDB.msi".. Location="1" ExactSize="36651008" MD5="d36af17d9855f7e2113cfa5909e5db95".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Express LocalDB 2012 SP3?SqlLocalDB_x64.msi"/>.. <ATTRIBUT

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2012 SP3 x86\MSSQL Express LocalDB 2012 SP3 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1477
      Entropy (8bit):5.636340119307968
      Encrypted:false
      SSDEEP:
      MD5:B1B7688EB3A94C4EFA25C8E4D2859C51
      SHA1:1224B123F7440477CF5C5ABD6F579DE085E57818
      SHA-256:52EEB138E2E89C7098120418A2E06C5A577AE856184C7EB5119EFE0230A51D6D
      SHA-512:D2BE414411FB17A2C91740AB15005E2167B254244BA6B8CCA632BFFCDD3DC8A7C7497B030764D7B4B8316D3391D20F7B58399C6C54A21E3CEBAF24B0DD79D073
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="AD1CFE61A27B49BABD6DD1BC7E32D43C" DisplayName="SQL Server Express LocalDB 2012 SP3 x86" VersionMin="11.3.6020.0".. SetupFileUrl="https://download.microsoft.com/download/F/6/7/F673709C-D371-4A64-8BF9-C1DD73F60990/ENU/x86/SqlLocalDB.msi".. Location="1" ExactSize="31039488" MD5="c1f56198ca6f461db701ba4be84aec5d".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="f" TargetName="SQL Server Express LocalDB 2012 SP3?SqlLocalDB_x86.msi"/>.. <ATTRIBUTE name="GroupN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2012 x64\MSSQL Express LocalDB 2012 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1564
      Entropy (8bit):5.640315050670537
      Encrypted:false
      SSDEEP:
      MD5:0E58A75DB42BA3105F26D37796CC28B8
      SHA1:6628120E7D022BEC1F7B7481073D1988D02F12F9
      SHA-256:5E37DD24E7429284E589B635297021326FBB68613F488570D3A3F8DF36CDA7A9
      SHA-512:F46E72DE9F9E3219F192AC41F6C7324B84B163CD934C4B06A6D8D640FBF593A309B72AB14FB6E2130F3F25AE59B0A2C60EE3899FDA7816E837F5040DDB3EF97A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DFC02E4131D046E6A6F1BFD531B38A22" DisplayName="SQL Server Express LocalDB 2012 x64" VersionMin="11.0.2318.0".. SetupFileUrl="http://download.microsoft.com/download/8/D/D/8DD7BDBA-CEF7-4D8E-8C16-D9F69527F909/ENU/x64/SqlLocalDB.msi".. Location="1" ExactSize="34635776" MD5="d2abbf3597f6b32d4470c80408a5480b".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="xf" TargetN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2012 x86\MSSQL Express LocalDB 2012 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1501
      Entropy (8bit):5.635399611683149
      Encrypted:false
      SSDEEP:
      MD5:3F5CEE2B925A95ADAA633F6413846470
      SHA1:CB3FB915D2D5962190653FEB06A5A2EFA6B37664
      SHA-256:44C3FFD4DA8A364D294B8E097832D5BFE7E96B1388CB917E2A7571189A0248C4
      SHA-512:666524542526BCC2D4B10A17D830BFD90E871004BBDF82B578AB23DB1D7A544A8005253A89E70AF00528BCA632ADCEC078E96E5AB5E6584B35308E0720DCD868
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D6E0F66372DC4B269AEC3DFB8C8E46A9" DisplayName="SQL Server Express LocalDB 2012 x86" VersionMin="11.0.2318.0".. SetupFileUrl="http://download.microsoft.com/download/8/D/D/8DD7BDBA-CEF7-4D8E-8C16-D9F69527F909/ENU/x86/SqlLocalDB.msi".. Location="1" ExactSize="29097984" MD5="532aebcec78d0444a12b2eef09816b99".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="f" TargetName="SQL Server Express LocalDB 2012?SqlLocalDB_x86.msi"/>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2014 SP1 x64\MSSQL Express LocalDB 2014 SP1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1480
      Entropy (8bit):5.643036336855125
      Encrypted:false
      SSDEEP:
      MD5:4AF501D3BA2C66ACFED3EFCD56BFCDDE
      SHA1:893F59749FB5FB18A6D3A2C8DC3D40D6CB5583E6
      SHA-256:1C63EDCCEE67CC84314E4477D133A41F15884B883CB5FAFE2144BB768BECE3C9
      SHA-512:F935CBF56658CAA43FC106A51E8D2AAFFD1C7670658CD7FB8FAE230E49F39B34A32F292745ABDA23C6435C439953CA470B953A89A3D270C8C3CE2A3D63BE8FDD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FDF5893EA0A24C40ABAA2954F804851E" DisplayName="SQL Server Express LocalDB 2014 SP1 x64" VersionMin="12.1.4100.1".. SetupFileUrl="http://download.microsoft.com/download/1/5/6/156992E6-F7C7-4E55-833D-249BD2348138/ENU/x64/SqlLocalDB.msi".. Location="1" ExactSize="45318144" MD5="be7f56c047489b0d20a7d49709b8686a".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Express LocalDB 2014 SP1?SqlLocalDB_x64.msi"/>.. <ATTRIBUT

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2014 SP1 x86\MSSQL Express LocalDB 2014 SP1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1465
      Entropy (8bit):5.63137318028514
      Encrypted:false
      SSDEEP:
      MD5:E100D3FA5F6F5F0C2FEFE56DE9999D89
      SHA1:2252E1F7015B11EA2DC04DAECB1CA202F7EA3292
      SHA-256:04C253012B6578CFE3226A111DCF32960E8D0761D941825DDA56DE4F0A2C7B85
      SHA-512:6A9D1F4C3DB40960D5828AA108821B4CC35974CF83BBD8BF29ADC1D4FD8EC70847090382B4A339972AA386548F892C040FDEFDFFB8AFFC1D52FB3CDDC5D43D7E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FA3FCCCA65304049AC3DDAD14D80CA68" DisplayName="SQL Server Express LocalDB 2014 SP1 x86" VersionMin="12.1.4100.1".. SetupFileUrl="http://download.microsoft.com/download/1/5/6/156992E6-F7C7-4E55-833D-249BD2348138/ENU/x86/SqlLocalDB.msi".. Location="1" ExactSize="38490112" MD5="39cb255e36d876293d4f87dcd88a99b1".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="f" TargetName="SQL Server Express LocalDB 2014 SP1?SqlLocalDB_x86.msi"/>.. <ATTRIBUTE name="GroupNa

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2014 SP2 x64\MSSQL Express LocalDB 2014 SP2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1469
      Entropy (8bit):5.639265167085671
      Encrypted:false
      SSDEEP:
      MD5:1649C45B8355953F102A46E2D53A7C77
      SHA1:69FC307516DE50936FDB680070526BEA432FC227
      SHA-256:8438771B84104804ECAAF3194482166FC4A6D153E5CA93B36A6F28FE3F0AC12C
      SHA-512:6215F91110B6288A77EEAF7E35804807C1D3518C3C57632D5B3FF3B11B663AF0E9FE55AE52F7800D2BD837223E0FF483A01D27D3E35BAA1F3670A91E1DC773EB
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DB6233DC348269230095DBAFACBDA" DisplayName="SQL Server Express LocalDB 2014 SP2 x64" VersionMin="12.2.5000.0".. SetupFileUrl="https://download.microsoft.com/download/2/A/5/2A5260C3-4143-47D8-9823-E91BB0121F94/ENU/x64/SqlLocalDB.msi".. Location="1" ExactSize="45563904" MD5="b1a196a5fb30d2ac5d7e6c5e6e8f107f".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Express LocalDB 2014 SP2?SqlLocalDB_x64.msi"/>.. <ATTRIBUTE

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2014 SP2 x86\MSSQL Express LocalDB 2014 SP2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1466
      Entropy (8bit):5.6518297872147825
      Encrypted:false
      SSDEEP:
      MD5:CA636754E2A43F1BCD19C0BFDD94161F
      SHA1:E0DC2A83D6B6786AC60F62B787E89D13E6A8F6B4
      SHA-256:ABF79C7F9109A513DF84DF4513B10D9821DE341D41480E3898691FBA05CC275E
      SHA-512:38AA7283F6804CC20F647E2152AD034E3B16FAC595C6B4D246AFE0EEF0E56CA40E2875E780A5A9F8029C5C9345F754B95432ED3F916929D6BDA06D4DEDCEFAAE
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FF9E79DFBF864DA4B12DE4573DA30A15" DisplayName="SQL Server Express LocalDB 2014 SP2 x86" VersionMin="12.2.5000.0".. SetupFileUrl="https://download.microsoft.com/download/2/A/5/2A5260C3-4143-47D8-9823-E91BB0121F94/ENU/x86/SqlLocalDB.msi".. Location="1" ExactSize="38662144" MD5="6845708f5a2e36c6fa0f549d7562f3d1".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="f" TargetName="SQL Server Express LocalDB 2014 SP2?SqlLocalDB_x86.msi"/>.. <ATTRIBUTE name="GroupN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2014 x64\MSSQL Express LocalDB 2014 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1518
      Entropy (8bit):5.640577599548251
      Encrypted:false
      SSDEEP:
      MD5:DB96913A30A302B66818CA77BCB165AE
      SHA1:DECF0B66E22570B13FC91A41ADE9170A207B1921
      SHA-256:D570F586D8DC3AC44A0A8FA0A2D938DF24783328E82779536BC12AB354C40E3A
      SHA-512:B83EB89DD6C47F7FEB4C88266E872BA8479C0870F98BC38F7038EB32CB30E334792B9F4E7318F935252DFCBA5F930C5CFFF29BE8CFCDF45628DA8AF7802561D9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C41311AEAB9B4748800F75EB55DFB7C0" DisplayName="SQL Server Express LocalDB 2014 x64" VersionMin="12.0.2000.8".. SetupFileUrl="http://download.microsoft.com/download/E/A/E/EAE6F7FC-767A-4038-A954-49B8B05D04EB/LocalDB%2064BIT/SqlLocalDB.msi".. Location="1" ExactSize="45215744" MD5="4e3daa9965ce51deab3a3c4c7812be63".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 10 x64, Windows Server x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Express LocalDB 2014?

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2014 x86\MSSQL Express LocalDB 2014 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1475
      Entropy (8bit):5.648799163111174
      Encrypted:false
      SSDEEP:
      MD5:8DA875825B2104317FEA9A5B172953E8
      SHA1:D6133C90CC936476D99676161D201BBC57A2C072
      SHA-256:8E5A72EDFCF9EAD48698CD05DA581069E645042EB698E3463672129DA78D7AE6
      SHA-512:8A7666E3A832267BC6B5DF68C2BF1C2313C50E1E7178CF58D84543218F0837B40B170F1B7864E8A5B9710ADFC73911484E6D61844C6CF0CC7F690B62F234B78C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CE1A05D86E4DCFAD2938156494FE8F" DisplayName="SQL Server Express LocalDB 2014 x86" VersionMin="12.0.2000.8".. SetupFileUrl="http://download.microsoft.com/download/E/A/E/EAE6F7FC-767A-4038-A954-49B8B05D04EB/LocalDB%2032BIT/SqlLocalDB.msi".. Location="1" ExactSize="38428672" MD5="c97bdfba3f45289c82481fefb1205025".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="f" TargetName="SQL Server Express LocalDB 2014?SqlLocalDB_32BIT.msi"/>.. <ATTRIBU

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2016\MSSQL Express LocalDB 2016.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1483
      Entropy (8bit):5.638398188774607
      Encrypted:false
      SSDEEP:
      MD5:1C6FFB11602364C756A5DF149164D4B7
      SHA1:C5B136365F9BE339999C64946200BF7635FDFBE0
      SHA-256:7C69AB03BCB1470E07E2B95A032F84CBB4D09FFB3073B1EF49F98D41A967B6C2
      SHA-512:A3EE87AABD7BD7CC29704CBAFCD28495636459246DAD0584C9706E8564C1A8BC8DA61315AA74481332CD48FA0488DFEEE0CBA8A3115CF66D6C4E94713ED50215
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.8" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F61FAF981924E638B1AB891D27B8828" DisplayName="SQL Server Express LocalDB 2016" VersionMin="13.1.4001.0".. SetupFileUrl="https://download.microsoft.com/download/9/0/7/907AD35F-9F9C-43A5-9789-52470555DB90/ENU/SqlLocalDB.msi".. Location="1" ExactSize="46563328" MD5="5f9275a5f353f9dd531d4bbda8462108".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Express LocalDB 2016"/>.. <AT

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL Express LocalDB 2017\MSSQL Express LocalDB 2017.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1474
      Entropy (8bit):5.61081770935694
      Encrypted:false
      SSDEEP:
      MD5:E6A9108FF8D05A60405CA6C9CA694AF9
      SHA1:D4FBB4F270786AA12017D41E8E5B7C73953C6C40
      SHA-256:E4AF86714AE428305D16DA5DBFD580CF7DCF7CA358D6112FFB6311CF7D5A053D
      SHA-512:31C823AED0733E23A4CFFAFDA05AB20C8C6D1946FA4987B8ADC7E65B104FEBB6CEED8CFB8314562162E6D409F62DFCF63079B22614CF1D9D9CDCA2CCEA887A9D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.8" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D17D1EE3B5447079AEF0A1CF58498F1" DisplayName="SQL Server Express LocalDB 2017" VersionMin="14.0".. SetupFileUrl="https://download.microsoft.com/download/E/F/2/EF23C21D-7860-4F05-88CE-39AA114B014B/SqlLocalDB.msi".. Location="1" ExactSize="48230400" MD5="d180ae500607f6eae8942eaa285d8a06".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64".. BasicUiComLine="/qb IACCEPTSQLLOCALDBLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLLOCALDBLICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Express LocalDB 2017"/>.. <ATTRIBUTE nam

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL NaClient 2008 x64\MSSQL NaClient 2008 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1315
      Entropy (8bit):5.580616808414269
      Encrypted:false
      SSDEEP:
      MD5:D3C66517438403D5A198ED8112E8F2F3
      SHA1:6263FE79D9E3EF0A594C35686A210E9B0CFFE346
      SHA-256:0B07B45860571AF180EA9306BC664873C1AD5923A4E0192B6B66A4049E119652
      SHA-512:8BF1538EB33C6125D9EC0BE22654EE2B06E7E9997DE191CD3B5B5146E42C8B8F8FE4B6F4541D12A29C417405E75E3B8EBF409F20853E5305AB0224780800D3F6
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F4B9B645EABEB72990F8BF8CDB" DisplayName="SQL Server Native Client 2008 SP4 x64" VersionMin="10.4.6000.29".. SetupFileUrl="http://download.microsoft.com/download/8/D/1/8D13A364-D38E-43C7-B844-64208DFEBC3A/ENU/x64/sqlncli.msi".. Location="1" ExactSize="8167424" MD5="1971d021a93f4c2417370f79d27d5827".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows 10 x64, Windows Server x64".. BasicUiComLine="/qb".. NoUiComLine="/qn".. Operator="1" Options="xf" TargetName="SQL Server Native Client 2008?sqlncli_sp4x64.msi"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="F4

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL NaClient 2008 x86\MSSQL NaClient 2008 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1296
      Entropy (8bit):5.589480606155374
      Encrypted:false
      SSDEEP:
      MD5:EFE244B9E17B4152F9368B51A19022CC
      SHA1:556A08E10583DEB490814D938A5B638E93309B50
      SHA-256:D6607C2162B68F29CD9FE4DBB7CA99A1A8FDD4C5860E66943739603C8D10A143
      SHA-512:3FE7D5B10F4624674DB2395E964372BBD6F1814D9B0C8AB5467B44BBC8F2A4DDCF3591F6BD448B6B1EADA5B555AF084D42B8C88FEFFA2DE4104A75B381374474
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D73E9637FA47E4BC3F6897C5540DEF" DisplayName="SQL Server Native Client 2008 SP4 x86" VersionMin="10.4.6000.29".. SetupFileUrl="http://download.microsoft.com/download/8/D/1/8D13A364-D38E-43C7-B844-64208DFEBC3A/ENU/X86/sqlncli.msi".. Location="1" ExactSize="4685824" MD5="bf5a74d7fdcd3613bc552354b1d7ccc3".. WinNTVersions="Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb".. NoUiComLine="/qn".. Operator="1" Options="f" TargetName="SQL Server Native Client 2008?sqlncli_sp4x86.msi"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="D73E9637FA47E4BC3F6897C5540DEFVer

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL NaClient 2008R2 x64\MSSQL NaClient 2008R2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1399
      Entropy (8bit):5.620481491053951
      Encrypted:false
      SSDEEP:
      MD5:2CE9D19D8A798A48A2E242D851897EA1
      SHA1:1D732F16426379E258C922CB3D2544EC5F7C18DD
      SHA-256:1EF6A4CE53603BABEC02EDE12087AB78B8E3E23DB7353A6D0E80B4714E25F391
      SHA-512:0509202186F84D630F49D2D09958AC39EAAE6454071876FF59522D709F5EF9A10A3C8E162143C117229313AD706D7A85C60018D3E3182D060C0273E02580E5A8
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E366D55F5847FAAC010EB6DA3AFC0D" DisplayName="SQL Server Native Client 2008R2 SP3 x64" VersionMin="10.53.6000.34".. SetupFileUrl="http://download.microsoft.com/download/9/2/7/927B0C39-C3E2-4CFC-B84E-92BC63344C62/ENU/x64/sqlncli.msi".. Location="1" ExactSize="8151040" MD5="9f8dc43f84ee67dd1d50d52ac526028e".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows 10 x64, Windows Server x64".. BasicUiComLine="/qb IACCEPTSQLNCLILICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLNCLILICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Native Client 2008R2?sqlncli_sp3x64.msi"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL NaClient 2008R2 x86\MSSQL NaClient 2008R2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1368
      Entropy (8bit):5.609782668586539
      Encrypted:false
      SSDEEP:
      MD5:83281048DC91F64811D8796A35DFB6C5
      SHA1:92DB1D4AADB6F0978B13DB0C1D69D2B6DF526D18
      SHA-256:09A670D0E7E924F5DE8C21D541C9C2F5AA25D48FBDE5B70AC07B48A1BB1D9FBC
      SHA-512:C7F8FB2BBD5D59669A78D45F9D5E67FFD945E6D2AD1C8DCFC7DA1A03BF13EE73221BC29E585EC68622B9C44701F8FDB4FF5D234C1656A349C2FFB7D3178FCD91
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EC66B4250C4465596CD1C3F399C74A9" DisplayName="SQL Server Native Client 2008R2 SP3 x86" VersionMin="10.53.6000.34".. SetupFileUrl="http://download.microsoft.com/download/9/2/7/927B0C39-C3E2-4CFC-B84E-92BC63344C62/ENU/x86/sqlncli.msi".. Location="1" ExactSize="4747264" MD5="b67b6b5aedac959a1ef39ace804bb671".. WinNTVersions="Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb IACCEPTSQLNCLILICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLNCLILICENSETERMS=YES".. Operator="1" Options="f" TargetName="SQL Server Native Client 2008R2?sqlncli_sp3x86.msi"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSear

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL NaClient 2012 x64\MSSQL NaClient 2012 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1447
      Entropy (8bit):5.615014019418095
      Encrypted:false
      SSDEEP:
      MD5:62F735FF01A342C24C7D6EAF69CD95BE
      SHA1:19E461306451C3A068D27093607FA14145A533AD
      SHA-256:96FE3669FEFC8518B8BD2119AC3D88C1DC7D0D785D56DCBC6851A3A92E980C86
      SHA-512:D80B536FCFAF24DC26F667180D19E9E96B4F9BE03627A1CA708C20731B06BA214C7F58237C6DD29F4FC9F3C1A264F2A1275A8E5D4BEF91BCB932959D6D40246B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FC15D703E46FF87282C8A754238DD" DisplayName="SQL Server Native Client 2012 SP3 x64" VersionMin="11.3.6020.0".. SetupFileUrl="https://download.microsoft.com/download/3/6/1/3610D28C-D02D-4663-A850-CB77A24A5361/ENU/x64/sqlncli.msi".. Location="1" ExactSize="5083136" MD5="85ac06d4505cf58d2970ac139f271ce4".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. BasicUiComLine="/qb IACCEPTSQLNCLILICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLNCLILICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Native Client 2012?sqlncli_sp3x64.msi"/>.. <ATTRIBUTE name="GroupName" v

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL NaClient 2012 x86\MSSQL NaClient 2012 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1444
      Entropy (8bit):5.612876269604802
      Encrypted:false
      SSDEEP:
      MD5:9B2FDB7B1C6B6DDE21924BCE32F3CCF4
      SHA1:394FFD45E0F1B04A4B07EE5D02D63896D0AB5411
      SHA-256:51573C10043E9341285C74DEE516F0AF59A2DB764C2B426FC74171197EADF8EC
      SHA-512:CCC48F4FC333BD1D09846D9E09D0C589DB085A35A04B6025395996C44ADFEF56B3DEB3C363F871AD9E0CB0F61C5F56DE6B8FF034F7EA4DA706A9856CF0CAFC5B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C81A8D58D0AF456FBBE62B1E9B46A77E" DisplayName="SQL Server Native Client 2012 SP3 x86" VersionMin="11.3.6020.0".. SetupFileUrl="https://download.microsoft.com/download/3/6/1/3610D28C-D02D-4663-A850-CB77A24A5361/ENU/x86/sqlncli.msi".. Location="1" ExactSize="3133440" MD5="480ea8126be1aa8dada83aec1f6c3c13".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb IACCEPTSQLNCLILICENSETERMS=YES".. NoUiComLine="/qn IACCEPTSQLNCLILICENSETERMS=YES".. Operator="1" Options="f" TargetName="SQL Server Native Client 2012?sqlncli_sp3x86.msi"/>.. <ATTRIBUTE name="GroupName" value="Databa

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ODBC Driver 11 x64\MSSQL ODBC Driver 11 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1441
      Entropy (8bit):5.622636260294647
      Encrypted:false
      SSDEEP:
      MD5:617B07855DB1CDE43420F0567C3B650C
      SHA1:2ABEA16C1A2337DEB80158DB562BC0D05533021F
      SHA-256:C183C202403DD7501E5DE1531A974701CA83824D3C836702109E005C1368A9EC
      SHA-512:DAE17D71F1417382B2DFFFB8036573A593946E1E74EEC6C9D9825120C684D58BD0CEA9CEF63CBA58B0D64B9FAB22976561168586D613835B52871A67C453A91C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FA19B3B1C4D5DBDE77EB48E40ED90" DisplayName="SQL Server ODBC Driver 11 x64" VersionMin="12.1.4100.1".. SetupFileUrl="http://download.microsoft.com/download/F/E/E/FEE62C90-E5A9-4746-8478-11980609E5C2/ENU/x64/msodbcsql.msi".. Location="1" ExactSize="3854336" MD5="a2934d5837e62c3d5ebb353f42000abe".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64".. BasicUiComLine="/qb IACCEPTMSODBCSQLLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTMSODBCSQLLICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Express 2014 SP1?msodbcsql_x64.msi"/>.. <ATTRIBUTE name="GroupName" value="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ODBC Driver 11 x86\MSSQL ODBC Driver 11 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1438
      Entropy (8bit):5.621101452670264
      Encrypted:false
      SSDEEP:
      MD5:E4516B6D6F2FE21D2CBACEA610BD578A
      SHA1:90F602C6341EEA2BC0D770F31E59DFBA571D0B04
      SHA-256:67D787F935BD0B6AB5970A77A10E09A77D3258734AA585DA3A1E232FFF583919
      SHA-512:BBCD49F3586ED768C2ACE00A10B220C4778C37B666B329E59A90F63955E0A09250FA09E15DFF255A49FF19BD588E75821C0E964C4922F89D6A0A4CCE1118DADF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A8359BB99C8E4D5C97657B40B00B7989" DisplayName="SQL Server ODBC Driver 11 x86" VersionMin="12.1.4100.1".. SetupFileUrl="http://download.microsoft.com/download/F/E/E/FEE62C90-E5A9-4746-8478-11980609E5C2/ENU/x86/msodbcsql.msi".. Location="1" ExactSize="2531328" MD5="1aa7129e18a9eadb4a2ca0ed48f795af".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb IACCEPTMSODBCSQLLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTMSODBCSQLLICENSETERMS=YES".. Operator="1" Options="f" TargetName="SQL Server Express 2014 SP1?msodbcsql_x86.msi"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ODBC Driver 13.1 x64\MSSQL ODBC Driver 13.1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1426
      Entropy (8bit):5.625377061642423
      Encrypted:false
      SSDEEP:
      MD5:ECCB53AEA845561C993484290FC4428E
      SHA1:94DE9D0FE37187ABA82D801DC73E029D34B17ADC
      SHA-256:4096C7B93C4A1EDCCD69DF8A6CDD7C9162C116CE1346A6E8DAD156134A9D5346
      SHA-512:650DA5FC265BED2E6AB72DD66481D921A0A835680648044A1121FA6285FF8CB7F3450DF1C75BABCF35864BABB153CDB6D2F2089C05A60B5E00E72FC7A912A20F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="ADCF91962DDE4ECA9946124ABD740E9E" DisplayName="SQL Server ODBC Driver 13.1 x64" VersionMin="13.1.4414.46".. SetupFileUrl="http://download.microsoft.com/download/D/5/E/D5EEF288-A277-45C8-855B-8E2CB7E25B96/x64/msodbcsql.msi".. Location="1" ExactSize="4157440" MD5="98b04dbc5ac6b67cd2f174f40e42f58f".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64".. BasicUiComLine="/qb IACCEPTMSODBCSQLLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTMSODBCSQLLICENSETERMS=YES".. Operator="1" Options="xf" TargetName="SQL Server Express 2016 SP1?msodbcsql_x64.msi"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONEN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ODBC Driver 13.1 x86\MSSQL ODBC Driver 13.1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1403
      Entropy (8bit):5.618587768549774
      Encrypted:false
      SSDEEP:
      MD5:799D8A3D40196761D7F3397C88ACBD5C
      SHA1:5E394C11BAC5B0CB419663E79239E1C1C6E83DEA
      SHA-256:38AF04F69537EA773BB4D4F001236F4DAA1FC2D5250640D54B9430572F9ACD12
      SHA-512:4A37F973DE9177B5C8C03A285E2C7B5ED8FD71E28F13DF911C10C3A4640FDD2C7C346E9A15CDFA06DE106215CB7597CFD79FDE932A4BB33180D635F492DF329B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B9649F492B4BCCA71F1BF915969910" DisplayName="SQL Server ODBC Driver 13.1 x86" VersionMin="13.1.4414.46".. SetupFileUrl="http://download.microsoft.com/download/D/5/E/D5EEF288-A277-45C8-855B-8E2CB7E25B96/x86/msodbcsql.msi".. Location="1" ExactSize="2678784" MD5="1e9baedc96324e62aa479b8a6ecbff55".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. BasicUiComLine="/qb IACCEPTMSODBCSQLLICENSETERMS=YES".. NoUiComLine="/qn IACCEPTMSODBCSQLLICENSETERMS=YES".. Operator="1" Options="f" TargetName="SQL Server Express 2016 SP1?msodbcsql_x86.msi"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ReportViewer 2012 Runtime\MSSQL ReportViewer 2012 Runtime.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1444
      Entropy (8bit):5.5287936410744205
      Encrypted:false
      SSDEEP:
      MD5:D99A0CB3B5F5AA55B7FC80EB777665F5
      SHA1:EC427858B71F64A3307DFB3CFA08BEA576D6EED5
      SHA-256:069BF9CE1F9364BABF7FEC515D63B2815880D4F51270C0FA46AFD32BA0B6145A
      SHA-512:8D271295C44FEFC7EEAE82AAE16AD43C999B05C5CAE22DBCCB63379B2D0324905449AD3555EC5E7DA90D89F06D6C3EF233F4F8BA43194FB4E12E00C33E15F5AC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CFAB0DFAC0A4A3B89E101F918E4FDC2" DisplayName="Microsoft Report Viewer 2012 Runtime" VersionMin="11.0".. SetupFileUrl="https://download.microsoft.com/download/F/B/7/FB728406-A1EE-4AB5-9C56-74EB8BDDF2FF/ReportViewer.msi".. Location="1" ExactSize="7622656" MD5="7e337dde8aa22139ebc847977a230d04".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. NoUiComLine="/q /norestart".. Operator="1" Options="f" TargetName="Microsoft Report Viewer 2012 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </C

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL ReportViewer 2015 Runtime\MSSQL ReportViewer 2015 Runtime.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1453
      Entropy (8bit):5.531147668470133
      Encrypted:false
      SSDEEP:
      MD5:DFB859C414A137632C8D82D92B24D451
      SHA1:3ACCFE49F140DF51016F96814A1B8E87D8A37B31
      SHA-256:B1CE752EA1AD1DB116CAA1B8BC6940F5F5E7569DCC487B0E44983040A26DD129
      SHA-512:4B4AF0B625CC7411E2669B4BFF25707210F8A742575E2A82E4C2E4B504DC0ADA175025BFC83C2B097509A39475EA629B476EA5920D449A71CC311D4DCE12EDAF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CD4A74EC3515499286E896A4AD01DA85" DisplayName="Microsoft Report Viewer 2015 Runtime" VersionMin="12.0".. SetupFileUrl="https://download.microsoft.com/download/A/1/2/A129F694-233C-4C7C-860F-F73139CF2E01/ENU/x86/ReportViewer.msi".. Location="1" ExactSize="9347072" MD5="a52f235241a570ddc0f7e72f64658d02".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. NoUiComLine="/q /norestart".. Operator="1" Options="f" TargetName="Microsoft Report Viewer 2015 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Database"/>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL SysClrTypes 2012 SP3 x64\MSSQL SysClrTypes 2012 SP3 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1489
      Entropy (8bit):5.583200274927839
      Encrypted:false
      SSDEEP:
      MD5:8BEA9CCDE1C3CF9B52EAACCDB7231FDE
      SHA1:C12265DF93EB2F7EDA5F5CDD8DB58B654277925B
      SHA-256:1A2B31F5E864A60AF9976C4A755C08A1BEBC689648D57992791EE3604A7A60C0
      SHA-512:B772D7B20C0D568FCC1DA6B133C79F6B5E5E092448490A32EAFA4CCBFBEA151A51BC537549B0A3F11A2A2A5A957379C7E4B7225106D39E4458156F1CE6AFAD93
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FB2798DB8076434CB146DC1597758130" DisplayName="Microsoft System CLR Types for SQL Server 2012 SP3 x64" VersionMin="11.3".. SetupFileUrl="https://download.microsoft.com/download/3/6/1/3610D28C-D02D-4663-A850-CB77A24A5361/ENU/x64/SQLSysClrTypes.msi".. Location="1" ExactSize="2531328" MD5="df24325ae8b0b9bce86009502c82ea51".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. NoUiComLine="/q /norestart".. Operator="1" Options="fx" TargetName="Microsoft System CLR Types for SQL Server 2012?SQLSysClrTypes_x64.msi"/>.. <ATTRIBUTE name="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL SysClrTypes 2012 SP3 x86\MSSQL SysClrTypes 2012 SP3 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1507
      Entropy (8bit):5.563707430197581
      Encrypted:false
      SSDEEP:
      MD5:4DDA0B49F83DA6CA5D6E940FAFFBD51A
      SHA1:636612F07DDDAB0FF4E7C3D4E26A29D809E3A2A4
      SHA-256:508ABE26F88487BEEDD7EB4883E90673F017C4ADFDFD20BA50277C394659F070
      SHA-512:90B93DE0C253A1D2AD5739B9DC4A62A19213B93D80DB69920473586142BBA0DA096506DDBF33A1862896DC2F2D5DCEB660EB6F60FFFABFB6301B0050527281D7
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B77470831546DAA133AABD84B00B7D" DisplayName="Microsoft System CLR Types for SQL Server 2012 SP3 x86" VersionMin="11.3".. SetupFileUrl="https://download.microsoft.com/download/3/6/1/3610D28C-D02D-4663-A850-CB77A24A5361/ENU/x86/SQLSysClrTypes.msi".. Location="1" ExactSize="2203648" MD5="3a472fb471bf7a1eb789971c533af843".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. NoUiComLine="/q /norestart".. Operator="1" Options="f" TargetName="Microsoft System CLR Types for SQL Server 2012?SQLSysClrTypes_x86.msi"/

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL SysClrTypes 2014 SP2 x64\MSSQL SysClrTypes 2014 SP2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1483
      Entropy (8bit):5.560477191775853
      Encrypted:false
      SSDEEP:
      MD5:0BFC239413743B0A2D4B5D14207A5106
      SHA1:A150FA9C0DCF0AE3948367BC96B265FE513A2A54
      SHA-256:05EDC2D540FDB7417E50896D91B9DC472655093F982A95B00853DBB88D1FA26C
      SHA-512:A4C19FF34E4A8F5F0E1C13FFBDE78012FE105DCF54EF40607CB7F08C8F95B9EBF708A11BDACB63EA2274801B239B173ED0300881347185CBFB33B43628CACE8E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E8105C7F784AFC87D8FABE546CCBC4" DisplayName="Microsoft System CLR Types for SQL Server 2014 SP2 x64" VersionMin="12.2".. SetupFileUrl="https://download.microsoft.com/download/6/7/8/67858AF1-B1B3-48B1-87C4-4483503E71DC/ENU/x64/SQLSysClrTypes.msi".. Location="1" ExactSize="3244032" MD5="1a026622fc72b94864e3017fc2eed210".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. NoUiComLine="/q /norestart".. Operator="1" Options="fx" TargetName="Microsoft System CLR Types for SQL Server 2014 SP2?SQLSysClrTypes_x64.msi"/>.. <ATTRIBUTE name="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL SysClrTypes 2014 SP2 x86\MSSQL SysClrTypes 2014 SP2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1511
      Entropy (8bit):5.563550318064598
      Encrypted:false
      SSDEEP:
      MD5:824F43E263CD962203C053302B7074ED
      SHA1:72762D75DAA167712723509B7A5975FFA856841B
      SHA-256:6F8A43AFB648055A96EEC18E6C71D68961DF9279C5A8B4718B8B5E801A9A0026
      SHA-512:FE1DDF371751C5EED159040A40E35CF848B87480DB2D15761FBDFD80D8464CAD1A22299BA3DDAF4CBA74F75A2B2D04F60E9F65C707A17F9242390836AEC64AF8
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D95406824934C7FA25C7FC8B476594D" DisplayName="Microsoft System CLR Types for SQL Server 2014 SP2 x86" VersionMin="12.2".. SetupFileUrl="https://download.microsoft.com/download/6/7/8/67858AF1-B1B3-48B1-87C4-4483503E71DC/ENU/x86/SQLSysClrTypes.msi".. Location="1" ExactSize="2330624" MD5="a93f8f971f77db494ea7b1dfd852f456".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. NoUiComLine="/q /norestart".. Operator="1" Options="f" TargetName="Microsoft System CLR Types for SQL Server 2014 SP2?SQLSysClrTypes_x86.msi"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL SysClrTypes 2016 x64\MSSQL SysClrTypes 2016 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1463
      Entropy (8bit):5.586708374500989
      Encrypted:false
      SSDEEP:
      MD5:9292091896E0040FABAAFDD58AB82950
      SHA1:0648CB8F057C38843A94746C08580838513A5819
      SHA-256:74B691962CAA6EBF66E5CADF6B3035138D3D6C47C8E5D5D499ACCD48D98FF559
      SHA-512:B50C9AA83DE15799446643F5DAA946BF2C512BB98F440349EA3E7727311FFE62E49EBD42656615AE21805494EBF633E88F8DD3A3E058A8F77A78807F4B226F68
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.8" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BE25A419F4C2490FD47578347DF93" DisplayName="Microsoft System CLR Types for SQL Server 2016 x64" VersionMin="13.0".. SetupFileUrl="https://download.microsoft.com/download/8/7/2/872BCECA-C849-4B40-8EBE-21D48CDF1456/ENU/x64/SQLSysClrTypes.msi".. Location="1" ExactSize="3731456" MD5="66891ee004bd485a1f97012ad0bbcdfb".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64".. NoUiComLine="/q /norestart".. Operator="1" Options="xf" TargetName="Microsoft System CLR Types for SQL Server 2016?SQLSysClrTypes_x64.msi"/>.. <ATTRIBUTE name="GroupName" value=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSSQL SysClrTypes 2016 x86\MSSQL SysClrTypes 2016 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1495
      Entropy (8bit):5.56112464363138
      Encrypted:false
      SSDEEP:
      MD5:49080C7C4A053B9AAD0E09822DFA6514
      SHA1:D6840B9F0D4018D70383534A733B96D10E4C9421
      SHA-256:CA79C43F23800387447113C8DECB0169258AEB9E0752DFD6E52744B78DF7C648
      SHA-512:65AB791CB7369964D2A147667FC9D2C1577D610CAD0FFA047D8751290E202E310F41FCEA54D5184014937A8F7630AC6095B0BDC9E4CFD77B178E7152E2965BC2
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.8" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A2D5392A7D0D4D72A251E245B7DC61E4" DisplayName="Microsoft System CLR Types for SQL Server 2016 x86" VersionMin="13.0".. SetupFileUrl="https://download.microsoft.com/download/8/7/2/872BCECA-C849-4B40-8EBE-21D48CDF1456/ENU/x86/SQLSysClrTypes.msi".. Location="1" ExactSize="2740224" MD5="92a5b3dd6e04d6f66ba461e28358b63f".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64".. NoUiComLine="/q /norestart".. Operator="1" Options="f" TargetName="Microsoft System CLR Types for SQL Server 2016?SQLSysClrTypes_x86.msi"/>.. <ATTRIBUTE

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSXML 4.0 SP3\MSXML 4.0 SP3.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1124
      Entropy (8bit):5.567990978247517
      Encrypted:false
      SSDEEP:
      MD5:553A132FE68FA54E1CF02ACC610598D0
      SHA1:41CE6EDA908A0068D6665A4E211DE623D7E08D22
      SHA-256:E2074BB7C0D876F67EBD74EB3BC0E0D097B7493D1E45E0FB2718B663E5E002AE
      SHA-512:0AC117F229FC2C7EE6A2703A0A097C2B79C1B459F96FA63922B8B2152F6C90A42F626E671E5FFE4EA498B944A0E01B7BE9C4716BAF4BA9BB6421DA9129BE28F0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D5D54AFFAD641D2B30BF3F03FA9D51C" DisplayName="MSXML 4.0 Parser SP3" VersionMin="4.30".. SetupFileUrl="http://download.microsoft.com/download/A/7/6/A7611FFC-4F68-4FB1-A931-95882EC013FC/msxml4-KB2758694-enu.exe".. Location="1" ExactSize="2066376" MD5="ef7d4f9092dbfe2460e551d7d7428ff9".. ComLine="/l nul".. BasicUiComLine="/qb /l nul".. NoUiComLine="/quiet /l nul".. Operator="1" Options="f" TargetName="MSXML 4.0 Parser SP3"/>.. <ATTRIBUTE name="GroupName" value="Windows Core Libraries"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="D5D54AFFAD641D2B30BF3F03FA9D51CSystemFoldermsxml4.dll" Prereq="D5D54AFFAD641D2B30BF3F03FA9D51C" SearchType="0".. SearchString="[SystemFolder]msxml4.dll" Ve

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSXML 6.0 SP1 x64\MSXML 6.0 SP1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1398
      Entropy (8bit):5.549083902824015
      Encrypted:false
      SSDEEP:
      MD5:C0DA2FCB9C591E783878E78137D8CC7F
      SHA1:833C0127AE80E132CB46FC4B560B2A249E8F9862
      SHA-256:17AD04442986A7EB406A615C2789FB62D7A6EAB16BE74EE25CB673B156C058FC
      SHA-512:39E7E1A13D723C71A6C901ECE300852AA6AB960218BA4276B8585D3B4701A84D32021A4C4296FF908A4DD151593D991BA51CD1241B31EE5FC3D9877D434F6FE9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D70FC7F0D90D4F1A9707F9B1DA48F9B9" DisplayName="MSXML 6.0 Parser SP1 x64" VersionMin="6.10".. SetupFileUrl="http://download.microsoft.com/download/e/a/f/eafb8ee7-667d-4e30-bb39-4694b5b3006f/msxml6_x64.msi".. Location="1" ExactSize="2664960" MD5="13c28b2fe578808a66c975b3c4f9082f".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="MSXML 6.0 Parser SP1"/>.. <ATTRIBUTE name="GroupName" value="Windows Core Librar

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSXML 6.0 SP1 x86\MSXML 6.0 SP1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1282
      Entropy (8bit):5.56818143757852
      Encrypted:false
      SSDEEP:
      MD5:A0FC20C82E3A833ACCADBCA5F9612FF8
      SHA1:AAD92D02A6708B9EE17FF4CF71EA70C5C8A73274
      SHA-256:92D49F4B23CAD44BDC28D4180105F1D117FB8879D349D1D4F3A85664288772B9
      SHA-512:1B391CF0DC8F3C236E4449F819AADFBEA72D7ABEBF31398CEFBE8E5579B07FD95EE43220D08C10088AF44047EB5DC42ADBAE5CCBC012EC8E23D7BD256F3361D6
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B20DEBBD8AE6439C9973156646F28409" DisplayName="MSXML 6.0 Parser SP1 x86" VersionMin="6.10".. SetupFileUrl="http://download.microsoft.com/download/e/a/f/eafb8ee7-667d-4e30-bb39-4694b5b3006f/msxml6_x86.msi".. Location="1" ExactSize="1521152" MD5="85a5571258de322458f288b94ee28cfb".. WinNTVersions="Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="MSXML 6.0 Parser SP1"/>.. <ATTRIBUTE name="GroupName" value="Windows Core Libraries"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B20DE

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSXML 6.0 SP2 Update for WS2003 x86\MSXML 6.0 SP2 Update for WS2003 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1335
      Entropy (8bit):5.56923160914136
      Encrypted:false
      SSDEEP:
      MD5:858DE79F6F109366CA22DBA958D0974E
      SHA1:61E8C1CFC83C0A1CBA598ED5103F58109F8C714A
      SHA-256:D902DF3F9DDAE4DBDE6A6993837B56CB835E67C9A14927A3BDBBE3F31A28D9CF
      SHA-512:D4FE77C00F0D8EA0AB0612ECEB61A7DB2A9BF06CFD9B1F263DD127F226F60C01D2C70B717A102030BC83D2FF95FD677C4A3457C7BF2DC1E7BB507EAADE9C2843
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BAF5AFBD19E4141B708D12AADDCE4AF" DisplayName="MSXML 6.0 SP2 Update for Windows Server 2003 x86" VersionMin="6.20".. SetupFileUrl="http://download.microsoft.com/download/4/3/8/438F6F47-FD29-4489-AB36-918946706858/msxml6-KB2758696-enu-x86.exe".. Location="1" ExactSize="975304" MD5="76e8010e94b42877607811dc01c3d1d3".. WinNTVersions="Windows XP SP3 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="MSXML 6.0 Parser SP2"/>.. <ATTRIBUTE name="GroupName" value="Windows Core Libraries"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.ms

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSXML 6.0 SP2 Update for WinXP x64\MSXML 6.0 SP2 Update for WinXP x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1430
      Entropy (8bit):5.539172371821622
      Encrypted:false
      SSDEEP:
      MD5:279E022F242E7EBC5E4EF3DB3DD96CC6
      SHA1:C9D64199584C7C4380EC53D69B9C1C2ACBEDD27F
      SHA-256:DC1417DBD655D0DFA33B1FB04F3005F843FF485652F88D67D964A7F69F4230DA
      SHA-512:8B2A81A8C680A24D7429897854712DB50DC646D714212FB96F84A99B418371F6D506AEE7060F1980E6533B85BF6AFEBFC7DB4F15635206F8CC99AAEC6274B729
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C9FFF62AC4C40A205483EC3912C15" DisplayName="MSXML 6.0 SP2 Update for Windows XP/Server 2003 x64" VersionMin="6.20".. SetupFileUrl="http://download.microsoft.com/download/5/6/8/568D81AE-D5C8-4D8C-B28E-E9DECA72EC1D/msxml6-KB2758696-enu-amd64.exe".. Location="1" ExactSize="1889752" MD5="c720b03021ba5ef4a6287a8ef412022c".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="MSXML 6.0 Parser SP2" />.. <ATTRIBUTE na

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSXML 6.0 SP2 Update for WinXP x86\MSXML 6.0 SP2 Update for WinXP x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1339
      Entropy (8bit):5.581708357370758
      Encrypted:false
      SSDEEP:
      MD5:E5C53BCAC1A144C077A275577959FFD6
      SHA1:8D7599920BB9CF360CE915729A6037F328781697
      SHA-256:814FBEEE01B78480CF3871A219EAE018B01DDDCB9C74FEF39ECC57E9F4B4AB51
      SHA-512:DC1A7D63AAECC8E73DCD7E8A26E592DCB5B44F652AF1504D356B0D7748E10E11ECA4EAD7ADF8BECF37E97EE394910CFFA72BAE9A7C9BAF8D3D0B1AEF11428216
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A79BB6EA4414EC3AF72643349C8764B" DisplayName="MSXML 6.0 SP2 Update for Windows XP x86" VersionMin="6.20".. SetupFileUrl="http://download.microsoft.com/download/9/5/3/953E9723-67BD-4D49-8D3D-8F8C1156FAD2/WindowsXP-KB2757638-x86-ENU.exe".. Location="1" ExactSize="1265688" MD5="f2982ffb6089bff74d493ed4c1144beb".. WinNTVersions="Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="MSXML 6.0 Parser SP2"/>.. <ATTRIBUTE name="GroupName" value="Windows Core Libraries"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advins

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSXML 6.0 SP2 x64\MSXML 6.0 SP2 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1413
      Entropy (8bit):5.561374908304482
      Encrypted:false
      SSDEEP:
      MD5:6D29ECB378FF53B20D73A4F57267AA25
      SHA1:16D4B68E06C624D8F13313A8344EC75CE3A5C35B
      SHA-256:AF72888352E18F2B05BD659964E4A6EDB89FB9334266B825368437FCD349C64F
      SHA-512:EE74F6D59E1F1446F9852C9341D3CE2C4E0EF0507591703A225D5A73B85EF91533C8957046614799E81B362F584233D8DD20EE3669ECD3828AF5B394FABF324D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CE6A2D55BB654A48ADDB534115E9C322" DisplayName="MSXML 6.0 Parser SP2 x64" VersionMin="6.20".. SetupFileUrl="http://download.microsoft.com/download/2/7/5/2753aabc-24de-41be-a05b-d41fc76f3aad/msxml6-KB954459-enu-amd64.exe".. Location="1" ExactSize="1851912" MD5="2f3f762b499ecb01c7dae0d2a9272f1d".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="MSXML 6.0 Parser SP2"/>.. <ATTRIBUTE name="GroupName" value="Wind

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSXML 6.0 SP2 x86\MSXML 6.0 SP2 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1314
      Entropy (8bit):5.5674918674618095
      Encrypted:false
      SSDEEP:
      MD5:9A3B8428A2A98D4FD5D9A799E2A5FD3D
      SHA1:C7DB18C0B6EDA550FFC5E8CBE14958D268B298E1
      SHA-256:6E257A7F95886E16704E3C158D1FE8DDB8D580081EF4DFC6F695FEA727F53C08
      SHA-512:6ECB72E4E57D7C39547780A9CB96F22B8EB77A5BF73EAFEED18C7482475851E5FAE352FE5029D569480565C07C4D77752D98494A82F34A1A4395775A3A9320CD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C04995A3299245EBA2122CEA2FA525AD" DisplayName="MSXML 6.0 Parser SP2 x86" VersionMin="6.20".. SetupFileUrl="http://download.microsoft.com/download/2/7/5/2753aabc-24de-41be-a05b-d41fc76f3aad/msxml6-KB954459-enu-x86.exe".. Location="1" ExactSize="952840" MD5="44893bc2bd55145c59fcd07cde87af99".. WinNTVersions="Windows XP SP3 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="MSXML 6.0 Parser SP2"/>.. <ATTRIBUTE name="GroupName" value="Windows Core Libraries"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchCompon

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSXML 6.0 x64\MSXML 6.0 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1399
      Entropy (8bit):5.5460833044294295
      Encrypted:false
      SSDEEP:
      MD5:E0242BF3D155B2C6C6AA5E667ACA3874
      SHA1:20E641C665C9CBB3176BC17857E6AC3A06BA8B03
      SHA-256:AB7D44CC469D1CFCD746D5036FA880520E8B3BC0C1321E59C0D02AFCC26DC625
      SHA-512:E8C532F4BBD7484FC94EC704C240587C8B5BE903C706B078114137F3C15D5128DE0BB8B77B8A510B7A534B534DC3359E011FD5D7312D5C26ED4469BB4E21D960
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D879F1AD2A741529FA181428CD99C1F" DisplayName="MSXML 6.0 Parser x64" VersionMin="6.0".. SetupFileUrl="http://download.microsoft.com/download/4/8/5/485407a8-bb8e-436e-9142-822e404c2cf5/msxml6-KB927977-enu-amd64.exe".. Location="1" ExactSize="1833216" MD5="2d1ae6cfa315ad688bb6af018379f9e1".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="MSXML 6.0 Parser"/>.. <ATTRIBUTE name="GroupName" value="Windows Core L

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MSXML 6.0 x86\MSXML 6.0 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1300
      Entropy (8bit):5.578116966544206
      Encrypted:false
      SSDEEP:
      MD5:8BD6381155E9504B2D2913143AE6454D
      SHA1:F434227CCDCAC2F519521264F904A124234ACC0B
      SHA-256:84064ADF4300FE10A168B970961CE99EF458057E6E744076BEC737A15A1AA248
      SHA-512:5115233707BCCF4A49CC5D1F531C408C04FE58FBEB4EB109D25A5961B7C7808453B22E4879D0E3EBD7BB81C161508B67BEED7D9ABEEE803632DF087FE24C21E5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FB4753F5_94E0_44EE_9243_809FCB016678" DisplayName="MSXML 6.0 Parser x86" VersionMin="6.0".. SetupFileUrl="http://download.microsoft.com/download/4/8/5/485407a8-bb8e-436e-9142-822e404c2cf5/msxml6-KB927977-enu-x86.exe".. Location="1" ExactSize="910080" MD5="ecf7b649bc6a5794621c78bbce88159a".. WinNTVersions="Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="MSXML 6.0 Parser"/>.. <ATTRIBUTE name="GroupName" value="Windows Core Libraries"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MySQL Server 5.5 x64\MySQL Server 5.5 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1121
      Entropy (8bit):5.598205975475257
      Encrypted:false
      SSDEEP:
      MD5:CFBFDD6E90AB76C1A6E4351C8F9F6411
      SHA1:F4AD69AA3C991EC76B1F02C6B68A2A6FB84D5D2F
      SHA-256:0AA2686B9708FDABD2CB2BF6BDAA5A296C9842182DC7393FDA68EB61B38D0D46
      SHA-512:33C760683619CFC47ECC6FD276626EE1DFA880AE62A44AA07A515BDE74E784D4B6003A9CFA238BE18966A8398250582AB025A13AA1EE017C2BE376EF89F0881E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.5" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C336E79AD677477E883D144C3A643178" DisplayName="MySQL Server 5.5.53 x64" VersionMin="5.5".. SetupFileUrl="http://dev.mysql.com/get/Downloads/MySQL-5.5/mysql-5.5.53-winx64.msi".. Location="1" ExactSize="43225088" MD5="e3fef81b95ba40f98f1353bc013bcd5d".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="MySQL Server 5.5"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="C336E79AD677477E883D144C3A643178Version" Prereq="C336E79AD677477E883D144C3A643178" SearchType="2".. SearchString="HKLM\SOFTWARE\MySQL AB\MySQL Server 5.5\Version" V

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\MySQL Server 5.5 x86\MySQL Server 5.5 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1096
      Entropy (8bit):5.585765949189832
      Encrypted:false
      SSDEEP:
      MD5:CAC04C1EAA96F0BF315CAF59A6EB61E0
      SHA1:261BADA22BD7A9C0C24807303E0DDBD87767D2D4
      SHA-256:E98F1BC344585FBB3B38E8880649EFDD8942E0D4F7C06C9019175B83081BD849
      SHA-512:E8BF7B5EA45C7FB0A13C152E027C8DC7F71638DA99AA81371C159926B6353CE6B57BFBD9A2DD631A2D108ED39615990CD1DAEF53FB1731A29F70AF3A602F2551
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.5" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B98C99972403D961902A9E323C4B9" DisplayName="MySQL Server 5.5.53 x86" VersionMin="5.5".. SetupFileUrl="http://dev.mysql.com/get/Downloads/MySQL-5.5/mysql-5.5.53-win32.msi".. Location="1" ExactSize="41164800" MD5="1e24d0f1b29219045ae05df100e0c07e".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="MySQL Server 5.5"/>.. <ATTRIBUTE name="GroupName" value="Database"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B98C99972403D961902A9E323C4B9Version" Prereq="B98C99972403D961902A9E323C4B9" SearchType="2".. SearchString="HKLM\SOFTWARE\MySQL AB\MySQL Server 5.5\Version" VerMin="5.5.53"..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\NVIDIA PhysX\NVIDIA PhysX.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1008
      Entropy (8bit):5.617243718159173
      Encrypted:false
      SSDEEP:
      MD5:2E8634B97DB9D632E200DEE9AC92CAAF
      SHA1:C86B786A5C7E9FD3DA1519A53ABF5A68CCEF5D77
      SHA-256:FD4881AB74779D05A0C0EC5635AE38FA30BA09ACF6A17A9A691A49FCC8285889
      SHA-512:659592D65B761AC14C19161641350FA2C8BA17548CA653F964D973CF5DE14CCBD360F5ECC8FE4CFF04C56B0E8B7253DD22542090A827158EA47010FE641735FE
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C5DC01FD7DD4B1C82606DDF094DDB60" DisplayName="NVIDIA PhysX 9.15" VersionMin="9.15.0428".. SetupFileUrl="http://us.download.nvidia.com/Windows/9.15.0428/PhysX-9.15.0428-SystemSoftware.exe".. Location="1" ExactSize="23577376" MD5="1868b5900ba593264adcbc9960aab7d0".. Operator="1" Options="xf" TargetName="NVIDIA PhysX"/>.. <ATTRIBUTE name="GroupName" value="Windows Drivers"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="C5DC01FD7DD4B1C82606DDF094DDB60PhysXVersion" Prereq="C5DC01FD7DD4B1C82606DDF094DDB60" SearchType="9".. SearchString="HKLM\SOFTWARE\AGEIA Technologies\PhysX Version" RefContent="G9150427".. Order="1" Property="PreReqSearch_C5DC01FD7DD4B1C82606DDF094DDB60"/>.. </COMPONENT>..</FRA

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Office 2003 PIA\Office 2003 PIA.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1152
      Entropy (8bit):5.567430565287998
      Encrypted:false
      SSDEEP:
      MD5:24021B25E07CE19B9A02282CE208F693
      SHA1:4B2FBA9E81E5FB4401D64CC541CFA201B16CA764
      SHA-256:6FA672C7DDF6A6F51209DBDD9BF4F180039D631F14D4BF695BF1EF398F72205A
      SHA-512:D75C791B8A6A81353CBDE2671E1D26508CAE1B469363A26E266A41F21564874CBEFDFDDF58655699C3A96E17FF1FDB49AAA2281A8D4F7849B9241F624FA0480A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BE67510_E45F_4FDC_9305_99FB6F87FDC8" DisplayName="Office 2003 Primary Interop Assemblies" VersionMin="11.0".. SetupFileUrl="http://www.microsoft.com/en-us/download/details.aspx?id=20923".. Location="2" ExactSize="0".. WinNTVersions="Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. Operator="1" Options="y"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="BE67510_E45F_4FDC_9305_99FB6F87FDC8UpgradeCode" Prereq="BE67510_E45F_4FDC_9305_99FB6F87FDC8" SearchType="4".. SearchString="{01490000-6000-11D

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Office 2007 PIA\Office 2007 PIA.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):920
      Entropy (8bit):5.5511887802663145
      Encrypted:false
      SSDEEP:
      MD5:02F5656D44BEE99ABB18EE9ACAAFF704
      SHA1:4D698DAE5AC71A45136369CA708448C11C8C7AC1
      SHA-256:52CEE6CC624BDB8ABEA699E13B09C7A8745185EF1C52E95C1525FA666C8379A8
      SHA-512:54AF254A219AD77386BC466115C7AE3FB87129FD17919428FBA9D4BBE3ACE0DAB5EAB1550A9071ED45EB280A21B1E52A3BC91C7975DD997CE13C33C50B2B08D7
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EB_E91B_44D2_85F3_F588989EFE79" DisplayName="Office 2007 Primary Interop Assemblies" VersionMin="12.0".. SetupFileUrl="http://www.microsoft.com/en-us/download/details.aspx?id=18346".. Location="2" ExactSize="0".. Operator="1" Options="y"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="EB_E91B_44D2_85F3_F588989EFE79UpgradeCode" Prereq="EB_E91B_44D2_85F3_F588989EFE79" SearchType="4".. SearchString="{00120000-1105-0000-0000-0000000FF1CE}" VerMin="12.0.4518.1014".. Order="1" Property="PreReqSearch_EB_E91B_44D2_85F3_F588989EFE79"/>.. </COMPONENT>..</FRAGMENT>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Office 2010 PIA\Office 2010 PIA.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1084
      Entropy (8bit):5.552671248546055
      Encrypted:false
      SSDEEP:
      MD5:4C853611E95A73B6748831673474B265
      SHA1:8D946099DE5F2959257AF8EAC0FDEBE2A270304A
      SHA-256:C828932E6DBE2B96E810BC59EED7923BA0D927067793D75CE16FA9A1993A71A7
      SHA-512:3BD2D944C882128418EF30DF315B455EB815A1EAA0480A49ACA40A024A4A66BF673405ABBEE063FEB6765A5AAEF3C4D2C931AF8E5BD95CEABEB303767D95D9FC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F3A1EB1B_A24D_45E4_83E1_5F1E38127DCA" DisplayName="Office 2010 Primary Interop Assemblies" VersionMin="14.0".. SetupFileUrl="http://www.microsoft.com/en-us/download/details.aspx?id=3508".. Location="2" ExactSize="0".. WinNTVersions="Windows Vista RTM x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64".. Operator="1" Options="y"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Office"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="F3A1EB1B_A24D_45E4_83E1_5F1E38127DCAUpgradeCode" Prereq="F3A1EB1B_A24D_45E4_83E1_5F1E38127DCA" SearchType="4".. SearchString="{00140000-1146-0000-0000-0000000FF1CE}" VerMin="14.0.4763.1150".. Order="1" Property=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 1.0 for Vista x64\PowerShell 1.0 for Vista x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1462
      Entropy (8bit):5.530930794264098
      Encrypted:false
      SSDEEP:
      MD5:D25DC24C22995AE461C7DECB1B99D171
      SHA1:7251ABC0C6ECE13C6833E128614CE91EB3B23EA4
      SHA-256:77BDA1AEA00E0532377E26F1971AED59D512E7D0384D1CA81138205C810701B8
      SHA-512:39945AEA39A5233F7B762919A8BD57EB55B3E96BDB56947BEA5E16D8EEA87402805E941D4C6BC7F08D7B3E019B2D21045A7B3DAA962DBF95A5E43725DE447817
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A6C599440F80C71E08910A4E9F" DisplayName="PowerShell 1.0 for Windows Vista x64" VersionMin="1.0".. SetupFileUrl="http://download.microsoft.com/download/c/d/f/cdfb3b08-f9bc-48c2-92fa-214b5e684cff/Windows6.0-KB928439-x64.msu".. Location="1" ExactSize="5422373" MD5="e6d6411876c255ac75e41dd96774c554".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="PowerShell 1.0"/>.. <ATTRIBUTE n

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 1.0 for Vista x86\PowerShell 1.0 for Vista x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1370
      Entropy (8bit):5.572896075876789
      Encrypted:false
      SSDEEP:
      MD5:19E90D458232BE3EAB68EEEC0EE21FC1
      SHA1:9CA25D3C6605E8703B96FE1B2EAA894E352B8855
      SHA-256:F5C1C67CB0291070DA98416F3215D5EB5DDC3C80FB3248D97578B27FF75FBC70
      SHA-512:0BB1901FBD9269281C3D2160E9A40A64B6A4CAFC90B069EAC6ED8AE467A9EEA69CE16CC1BA3F6931BBE7A747F93F78FF37CBA6278B51779F7643ED58E529BE64
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D8B1B3CC4E0D4893BB5BB0E745BEC70B" DisplayName="PowerShell 1.0 for Windows Vista x86" VersionMin="1.0".. SetupFileUrl="http://download.microsoft.com/download/4/b/8/4b8e4fac-bf73-49d0-8b98-ce1f58ba26b8/Windows6.0-KB928439-x86.msu".. Location="1" ExactSize="5279681" MD5="d22a9b83676761fe407586827e1fc195".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="PowerShell 1.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msic

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 1.0 for WS2003 x64\PowerShell 1.0 for WS2003 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1485
      Entropy (8bit):5.553936824600983
      Encrypted:false
      SSDEEP:
      MD5:8160EF99668E55967B44D015E3DC0110
      SHA1:3E865A3CB7541798998125146ED8B22E197C6928
      SHA-256:89E2EE8C214B2A03520233C8396ABE98E66149466396E79C526F79473396D3BA
      SHA-512:24F2033C94647482F9410FA6C2210DF365B92F87C6C08AE4CAEF6DFEB423D33674E5B5BC60891E2C7BF2EB7DA26C9B620E07AD2A8CE378A94937A221DEE07A2B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A73C32B4BBB46F6AF22A8400081AD6A" DisplayName="PowerShell 1.0 for Windows XP/Server 2003 x64" VersionMin="1.0".. SetupFileUrl="http://download.microsoft.com/download/c/3/0/c30e0a7f-fe2c-466e-81a8-f01f906c372a/WindowsServer2003.WindowsXP-KB926139-v2-x64-ENU.exe".. Location="1" ExactSize="2297392" MD5="dee3a6d32772c5bcb15beb0747338c3b".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="PowerShell 1.0"/>.. <ATT

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 1.0 for WS2003 x86\PowerShell 1.0 for WS2003 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1356
      Entropy (8bit):5.579225360242455
      Encrypted:false
      SSDEEP:
      MD5:70093E28E58E669AC1C5DF3DEFF5EBBD
      SHA1:3EBC51490E9B0FEFD015987B2872A091726EAF27
      SHA-256:2FEB4687FDA96443C33E818061C742F3DEF3A2609259A6B15EF960BFCD9D2F88
      SHA-512:BA2F9D7233DCC37A4933FC50BAD576B1C3A5C669BE3F97D28A5EFDFB8C6AD1B2E09A6754E209EBC92DE4285A7FC5670D19442CF75BBBA55D78EBD2415E342F99
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B4A79A4F4BAAC39FD93ADCEFE1" DisplayName="PowerShell 1.0 for Windows Server 2003 x86" VersionMin="1.0".. SetupFileUrl="http://download.microsoft.com/download/d/e/7/de7cb629-73a3-49cc-b796-50dfaaf1b833/WindowsServer2003-KB926139-v2-x86-ENU.exe".. Location="1" ExactSize="1691696" MD5="dba9b24ee58f211b741bfe35b54e98c5".. WinNTVersions="Windows XP SP3 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="PowerShell 1.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 2.0 for Vista x64\PowerShell 2.0 for Vista x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1497
      Entropy (8bit):5.5535290084543165
      Encrypted:false
      SSDEEP:
      MD5:3022D11601379CBFB2EE247177D8EF33
      SHA1:387D68DB69DB65592753977DDFED769FF50832D4
      SHA-256:6A8C429F23BB71263DD9A94715627A0AB536D7BB1B900B3BA181665D286B9984
      SHA-512:35DE40AA0C7717F7757FB673B4EAA62DB76A4FCACC482311332E72921678E11726E54F91AA5ABC83372517DF54055188E5F5E9C2993DBEE77530B06788B2C611
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A7CCC7B0711D497CA1E9D6BDA6144FBA" DisplayName="PowerShell 2.0 for Windows Vista/Server 2008 x64" VersionMin="2.0".. SetupFileUrl="http://download.microsoft.com/download/3/C/8/3C8CF51E-1D9D-4DAA-AAEA-5C48D1CD055C/Windows6.0-KB968930-x64.msu".. Location="1" ExactSize="35922892" MD5="76721ddccf7ed1d5ed4ae3d222f68e4d".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="PowerShell 2.0"/>.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 2.0 for Vista x86\PowerShell 2.0 for Vista x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1381
      Entropy (8bit):5.589738886641945
      Encrypted:false
      SSDEEP:
      MD5:3B2215B3EC3976E0BCC1AEB569BBC52F
      SHA1:57135502383F118CB19304D40C07F2C3AB11D128
      SHA-256:B5F5F9EE289AD02C7990E49CCF8B81DD97A477BD50A76B1AED8E7830CFC80BB5
      SHA-512:E7D8EDB5389C964DA33BAED834D5B349FCAB7F3E83776CD6BC36A4EB449DD8F1DA829B23395B72D36C17E8267B18DCF7B375E9338F5EA3A49F00FAB7A809034C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DB3404B73D7F4F23908DB8C18DF39944" DisplayName="PowerShell 2.0 for Windows Vista/Server 2008 x86" VersionMin="2.0".. SetupFileUrl="http://download.microsoft.com/download/A/7/5/A75BC017-63CE-47D6-8FA4-AFB5C21BAC54/Windows6.0-KB968930-x86.msu".. Location="1" ExactSize="34059625" MD5="80a19b7788747efb04bae146115b450b".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="PowerShell 2.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.a

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 2.0 for WS2003 x64\PowerShell 2.0 for WS2003 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1477
      Entropy (8bit):5.563905467928852
      Encrypted:false
      SSDEEP:
      MD5:24C9AD1622262030B44C16E775EA1EDF
      SHA1:6415B11A83DE29CA2505E4BE066B1647186DAE90
      SHA-256:F475DEA29EAF8273F36B0EB171CF5DC4DCE28032425BD297943AF908B8DD552C
      SHA-512:28B80B6D2CC87D1DC5BBB7EF3C7FCEA2427D0305D371A18BA05487EC77AD668DF51BBA2B9B3AF68FB632689B4F82D49B15F45A25D54F712D202BE2DD68374913
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C0F523B656404EAA86670978B1AF3B87" DisplayName="PowerShell 2.0 for Windows XP/Server 2003 x64" VersionMin="2.0".. SetupFileUrl="http://download.microsoft.com/download/B/D/9/BD9BB1FF-6609-4B10-9334-6D0C58066AA7/WindowsServer2003-KB968930-x64-ENG.exe".. Location="1" ExactSize="10334496" MD5="01dddf73c260b550809736cd3b662935".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="PowerShell 2.0"/>.. <ATTRIBUTE name

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 2.0 for WS2003 x86\PowerShell 2.0 for WS2003 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1373
      Entropy (8bit):5.552655719666976
      Encrypted:false
      SSDEEP:
      MD5:F5DB66958E468FE1303F377F6E9AF72A
      SHA1:6FFBCBE2AAA0946D97937CEAC33AE79EBD4DA12B
      SHA-256:B6DA0928135FAC092A136F633C13E29FEE4CD01A69B8C360803DF49415A680D4
      SHA-512:570380B54B46C5A2F58A9C57E36D625F05F69593C38FA16572BA2851C038E8FB63F843EE40EB6CC57E047E655603C5598BE6A8743E9A7F9B2C8833530DD3B012
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B61ACBEA333426092CE20E2678EC423" DisplayName="PowerShell 2.0 for Windows Server 2003 x86" VersionMin="2.0".. SetupFileUrl="http://download.microsoft.com/download/1/1/7/117FB25C-BB2D-41E1-B01E-0FEB0BC72C30/WindowsServer2003-KB968930-x86-ENG.exe".. Location="1" ExactSize="6300960" MD5="6daec2be77c20817705348cd4097dbf1".. WinNTVersions="Windows XP SP3 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="PowerShell 2.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advins

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 2.0 for XP x86\PowerShell 2.0 for XP x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1365
      Entropy (8bit):5.577288915430727
      Encrypted:false
      SSDEEP:
      MD5:782FA83C7A07C0159F5AFA7E3C586B5E
      SHA1:2786344F9555B02C13AD35E14757B95823B42303
      SHA-256:19D10138DA1F786939C581F5C68AA93D147B5666C5A4AEBD79224261F6EFADBD
      SHA-512:CC9B5C70EEE1B78557A761341D929A1B707CA774ECB044F99058B6635267F4CDF955B174DC53ADCCA0F9C52EDDEE21AF9FDE7D3E8DB1F12F6705D28A304B1A42
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B925D2B554F4D6A9193CC54C8C63261" DisplayName="PowerShell 2.0 for Windows XP x86" VersionMin="2.0".. SetupFileUrl="http://download.microsoft.com/download/E/C/E/ECE99583-2003-455D-B681-68DB610B44A4/WindowsXP-KB968930-x86-ENG.exe".. Location="1" ExactSize="6156064" MD5="9859a26d5e72bbb0685af813b409d99d".. WinNTVersions="Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="PowerShell 2.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicom

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 3.0 for W7 x64\PowerShell 3.0 for W7 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1525
      Entropy (8bit):5.565666788051826
      Encrypted:false
      SSDEEP:
      MD5:C936089415EEB33275E32AAAFB750707
      SHA1:995CD34A52EEA85FD54C20C4DCBA8CDDCAEA3AAD
      SHA-256:8AE5A2E56B21A2CB68A40156C6DC3D92DC0FE2CA4048A775C0758B42C1F81C3E
      SHA-512:A386A3852E484BC26F32F693D7D7AB6D215FB3DF2B3963CFDE5ECEBA9D3AC9775FC724686A5DE3A2DEB271C1A02994B6F59467C16471BF06E981D890C2996C02
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FC8A69B9375D471BB59479161A6A10D5" DisplayName="PowerShell 3.0 for Windows 7/Server 2008R2 x64" VersionMin="3.0".. SetupFileUrl="http://download.microsoft.com/download/E/7/6/E76850B8-DA6E-4FF5-8CCE-A24FC513FD16/Windows6.1-KB2506143-x64.msu".. Location="1" ExactSize="16558542" MD5="f23ae6f6e02b97e4914cbd044411c054".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" Ta

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 3.0 for W7 x86\PowerShell 3.0 for W7 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1391
      Entropy (8bit):5.572482557448864
      Encrypted:false
      SSDEEP:
      MD5:862B426042F9FB1E1F6FB032AC13242C
      SHA1:10207A5FDB98F81BFA7A34C92611C415E67232BB
      SHA-256:3F0B9C38CC1C13998ABB09EDA0DD46C9AA220C4395645F3B2C644B0A389105DD
      SHA-512:EA156B07ABC8ECDFCF61E8030A9B375B5E48B00C381EF8F7190C86A7AC0787F05131E5345BE500BF4BF491C2FA12149A0F0358DB4EE3EA329ABE53EE0E42E6ED
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DC0AAE4CA50D4629B61120156EAE235A" DisplayName="PowerShell 3.0 for Windows 7 x86" VersionMin="3.0".. SetupFileUrl="http://download.microsoft.com/download/E/7/6/E76850B8-DA6E-4FF5-8CCE-A24FC513FD16/Windows6.1-KB2506143-x86.msu".. Location="1" ExactSize="12292093" MD5="daca827fa4eb9bc0e8ed17bb151cf6f0".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="PowerShell 3.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>.. </COMPONENT>.. <COMPONENT cid=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 3.0 for WS2008 x64\PowerShell 3.0 for WS2008 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1488
      Entropy (8bit):5.553425710754258
      Encrypted:false
      SSDEEP:
      MD5:1DB3AA964CCE8F8F7B616989427B5377
      SHA1:D68BC990980F326623FEF4073BF130526FCD3262
      SHA-256:875E68161740BF6A5BA3ADA8ACFC5F83B56EB5BA97ACACA3DB1C7CE3474AE440
      SHA-512:84A82E19E48B0D1DC1A2F2478356EC8D91CF4988692A63C66AD2099E360C76FFFF945031BBDEB8406C7D697FE5D9E378399599F8241440D4D1A6FD834B4B6484
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FB7092656950417CA932676792875A31" DisplayName="PowerShell 3.0 for Windows Server 2008 x64" VersionMin="3.0".. SetupFileUrl="http://download.microsoft.com/download/E/7/6/E76850B8-DA6E-4FF5-8CCE-A24FC513FD16/Windows6.0-KB2506146-x64.msu".. Location="1" ExactSize="15058915" MD5="8240036522df409fa5535ca568adf01f".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="PowerShell 3.0"/>.. <ATT

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 3.0 for WS2008 x86\PowerShell 3.0 for WS2008 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1368
      Entropy (8bit):5.56177242008231
      Encrypted:false
      SSDEEP:
      MD5:154BA1EDF6D250B8C5B733D8CB4B6953
      SHA1:4D33D2483D21FA3F9F2ADEEF7CC47991484A3DFB
      SHA-256:49D2BBE4ACCEDBC721501051E09126881C8DC43DCD49DFD61DCA86E19E6BC441
      SHA-512:0B5E7897DEBC8D37549B7C05E1B979D982B7729462387046C0D65C703B0FB542EF15DD1AD4C7E9A2C6033186C3BB41040D1A1C87C97151FFF24937C9754CB600
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="AF4755C6372416881FCE2D18C70F6EC" DisplayName="PowerShell 3.0 for Windows Server 2008 x86" VersionMin="3.0".. SetupFileUrl="http://download.microsoft.com/download/E/7/6/E76850B8-DA6E-4FF5-8CCE-A24FC513FD16/Windows6.0-KB2506146-x86.msu".. Location="1" ExactSize="10993379" MD5="3caf67362b223e2152275b61df8c4847".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="PowerShell 3.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msi

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 4.0 for W7 x64\PowerShell 4.0 for W7 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1530
      Entropy (8bit):5.570181543572803
      Encrypted:false
      SSDEEP:
      MD5:902EE8ED401F314F9FED6AF6A95C38DA
      SHA1:5DBDDBE1297F1EA8C7CFF1FFFD32422DC32B2C6F
      SHA-256:807B8355E61D07E80409301D146445A02D6BAF53A1E88A4F64467D3C4026F9E5
      SHA-512:8CC2A0F043E0E65C269BAE48909AEC81925D807FFC582A26F708AC74BB6A53D8C1B1C34154BEA4D4179D35FEE6C3B62EED28CDD9B53867EFCA675F82D83527FB
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A0E3DBF15C34BAFB43FFCAB5FFAAA49" DisplayName="PowerShell 4.0 for Windows 7/Server 2008R2 x64" VersionMin="4.0".. SetupFileUrl="http://download.microsoft.com/download/3/D/6/3D61D262-8549-4769-A660-230B67E15B25/Windows6.1-KB2819745-x64-MultiPkg.msu".. Location="1" ExactSize="19304283" MD5="84497bdd99690c50a8e67db19b0aa2ad".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 4.0 for W7 x86\PowerShell 4.0 for W7 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1380
      Entropy (8bit):5.571032467730069
      Encrypted:false
      SSDEEP:
      MD5:E3C7E8470B4E05169F45BB5AEB55500D
      SHA1:325189A7F9DF44E9ADD28E12FF08F9D743022C60
      SHA-256:0D0B62F8578F26471F0171EE373B820078F076A6ACE9FD51E29736F54F881E57
      SHA-512:3389CA2B9C7DABC0188D4999183579818CB03F67EB336645B607981567BB4A932A5C31D692A5FD7E326645C6D15A1A22B5C2A7C5843874926F3E14D81E8CBE4F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="ECAE0BA4172918D571118A0CD2F" DisplayName="PowerShell 4.0 for Windows 7 x86" VersionMin="4.0".. SetupFileUrl="http://download.microsoft.com/download/3/D/6/3D61D262-8549-4769-A660-230B67E15B25/Windows6.1-KB2819745-x86-MultiPkg.msu".. Location="1" ExactSize="14736102" MD5="680a8b76da952df2308335ed128e2bbe".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="PowerShell 4.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>.. </COMPONENT>.. <COMPONENT

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 4.0 for WS2012 x64\PowerShell 4.0 for WS2012 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1477
      Entropy (8bit):5.524944177242279
      Encrypted:false
      SSDEEP:
      MD5:5605CC9B81D0F723DF3E33FCFB53F8BC
      SHA1:7DA6DEF88B6CCE98BFEF34893D80446528A48DCC
      SHA-256:A21F14CB3E751172928F2545F21537B1A3CBE876E40958DDF81796AB1A0DF8E5
      SHA-512:8F5F03A8B0E4E0AADEEF21D0258B0D7CBAFEE434868F30E00132C08C91FC70EA5E13F1A99C5BEEDF76FB331527916A37D65E98C10EBBA8E740945686EC90060F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C27E206784161A83DE02253C17E05" DisplayName="PowerShell 4.0 for Windows Server 2012 x64" VersionMin="4.0".. SetupFileUrl="http://download.microsoft.com/download/3/D/6/3D61D262-8549-4769-A660-230B67E15B25/Windows8-RT-KB2799888-x64.msu".. Location="1" ExactSize="18310215" MD5="ea433f7327d76e04020506e6a693ee9e".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="PowerShell 4.0"/>.. <ATTRI

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 5.0 for W7 x64\PowerShell 5.0 for W7 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1505
      Entropy (8bit):5.560748748643366
      Encrypted:false
      SSDEEP:
      MD5:7F86F1F490C332F5F96DC320A6357931
      SHA1:6F5666DFFFCE6BF78B74AD6BAD6D2C3E067E3743
      SHA-256:D2047B4B425E742DA6F79403EDF6E094104B0A96DF2CCF73E393FE14B0E0B196
      SHA-512:313E88D920061F86786FE74984399CDE10653990086BECEDF4BFA77BB81999575F9C5B8901A85637E6D497BB0321A38F485CAAFB295B640CCD89FCFBFECA1049
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C68B784DC58493FED3B930E42B" DisplayName="PowerShell 5.0 for Windows 7/Server 2008R2 x64" VersionMin="5.0".. SetupFileUrl="https://download.microsoft.com/download/2/C/6/2C6E1B4A-EBE5-48A6-B225-2D2058A9CEFB/Win7AndW2K8R2-KB3134760-x64.msu".. Location="1" ExactSize="21779572" MD5="e290bb51dd66e63331bb6ba0a1a0c8c9".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" Targ

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 5.0 for W7 x86\PowerShell 5.0 for W7 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1386
      Entropy (8bit):5.579905526989322
      Encrypted:false
      SSDEEP:
      MD5:A589C437FE1ED0B7144CCD76818C1FC5
      SHA1:40120B48E6EA3C7EC62AD0FA23E7D70949A817CF
      SHA-256:B949363D2BC7BC8A99C40A106E0D435DA1AF1454D0A887221D245C544B5A904F
      SHA-512:87D6353E0CDC8C7EF7E48058A5C5C6F62DFBF77F514EA3F9BE03443AAF9350A9FAEA31265BEC3207853E161AD9C819A4962757CDB00E372AAD07352DCECBE8A2
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B968E42028384B959AE7E3A6E53F127C" DisplayName="PowerShell 5.0 for Windows 7 x86" VersionMin="5.0".. SetupFileUrl="https://download.microsoft.com/download/2/C/6/2C6E1B4A-EBE5-48A6-B225-2D2058A9CEFB/Win7-KB3134760-x86.msu".. Location="1" ExactSize="16961221" MD5="91f21491bb6e553454e29990c33b5f16".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 RTM x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="PowerShell 5.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>.. </COMPONENT>.. <COMPONENT cid="caph

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 5.0 for W8.1 x64\PowerShell 5.0 for W8.1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1481
      Entropy (8bit):5.579181667740965
      Encrypted:false
      SSDEEP:
      MD5:03C982BE19E0C7B811EA233AEB2C7B97
      SHA1:58B311830999057AAA4304EA45D8EBFEF3A6605B
      SHA-256:AC4F52F94F83A03C6E64785A74AE3D1C101410583806698FCB868A0978E39F51
      SHA-512:5318F0640FDB97274D20E192AB9C352DE4BBF47650720658A6FD242E8538568F85ED00C2AC8D4906A843AAE6CD89A090C3F8885D13B48779E526CCF0B21DDC46
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B467AE9894134312A9993D40B82F830D" DisplayName="PowerShell 5.0 for Windows 8.1/Server 2012R2 x64" VersionMin="5.0".. SetupFileUrl="https://download.microsoft.com/download/2/C/6/2C6E1B4A-EBE5-48A6-B225-2D2058A9CEFB/Win8.1AndW2K12R2-KB3134758-x64.msu".. Location="1" ExactSize="19764832" MD5="a3255cb51f1bad3d78a0a0f777952823".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="PowerShell 5.0"/>.. <ATTRIBUTE

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 5.0 for W8.1 x86\PowerShell 5.0 for W8.1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1365
      Entropy (8bit):5.551752955461591
      Encrypted:false
      SSDEEP:
      MD5:76D71FCDFE1897E1B34540D113958636
      SHA1:11C3663B1CC7397EA7B7187B4F1DF046B64CE0EA
      SHA-256:D4DBA339BDEA01973FD4F9ADF2B2D8339FF244736E0D32160DFBE67528D29A86
      SHA-512:FB0FC391D556FD687FFF5381EC23141131BE29C649B117A91A65EC7C51452816E67C8A4512B3E37860943D932335D1537204A75E840839D58E81760EDC132885
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C623A1322B6458486530E40461562F3" DisplayName="PowerShell 5.0 for Windows 8.1 x86" VersionMin="5.0".. SetupFileUrl="https://download.microsoft.com/download/2/C/6/2C6E1B4A-EBE5-48A6-B225-2D2058A9CEFB/Win8.1-KB3134758-x86.msu".. Location="1" ExactSize="15059790" MD5="2990082e7af06b41a3438d470f100288".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="PowerShell 5.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicom

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\PowerShell 5.0 for WS2012 x64\PowerShell 5.0 for WS2012 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1464
      Entropy (8bit):5.562097784189845
      Encrypted:false
      SSDEEP:
      MD5:3F73A938C27FDA71A3EFFA2C37D1E377
      SHA1:6A98F3BBEEA4E484E8E975F649FE4499BCCD11E7
      SHA-256:5792CA08236C59822C7ADF5FC99708E0985FF166E7656659308D90F5A7B5535C
      SHA-512:A223286AA7E514AFFAB1CF9C0E3FE328A6855AF5284CCCF6613E2A57D58ED1B90EB8444246395BDB6D3588B19FA2A8D98D7BEDF59D47BC16095790F4DF85B0CB
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D3F96894254B904C326D91FDD6F" DisplayName="PowerShell 5.0 for Windows Server 2012 x64" VersionMin="5.0".. SetupFileUrl="https://download.microsoft.com/download/2/C/6/2C6E1B4A-EBE5-48A6-B225-2D2058A9CEFB/W2K12-KB3134759-x64.msu".. Location="1" ExactSize="21540661" MD5="5eb7d8a18782de05b23dfa91a9fb5b3f".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="PowerShell 5.0"/>.. <ATTRIBUTE na

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\RSAT for W7 x64\RSAT for W7 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1478
      Entropy (8bit):5.546761824477849
      Encrypted:false
      SSDEEP:
      MD5:87AC07BB618EA7DA255744DD43DDF3C3
      SHA1:52805C5A2BA49005AD9F105703E090C2F7997258
      SHA-256:2F352A8F226DB7E5DBC6818BD20036EBCD3A344FC30A57FAAE3BB5A75AE8B091
      SHA-512:F26D5FB50751156D2A179809F3576D20D3980E57D17FD1B7D042086605F9EDCBBE36B8C8906A16606739F2A0E3CFBFB133A27700EFB5131E9C35292D15343D63
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="E0AD1537A3D64D9CA79EA537CEE88E79" DisplayName="Remote Server Administration Tools for Windows 7 x64" VersionMin="6.1".. SetupFileUrl="http://download.microsoft.com/download/4/F/7/4F71806A-1C56-4EF2-9B4F-9870C4CFD2EE/Windows6.1-KB958830-x64-RefreshPkg.msu".. Location="1" ExactSize="251170997" MD5="f1457c27e63a23cdbec93d4558666314".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetNa

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\RSAT for W7 x86\RSAT for W7 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1354
      Entropy (8bit):5.550534052045497
      Encrypted:false
      SSDEEP:
      MD5:A1237D8C5D0A87851D5A22788778C281
      SHA1:554085AC1D8156074608D7036D5447EBDC178E32
      SHA-256:AD1803D816871E08292B0F8997DD2F6A35FEFAE38C4F18D337E1FE52ED5B1D38
      SHA-512:395C4AB91F12609DF1C3565304EFC2B939847AC5F1206D06A40E5523E1913F6B12C059F5A08FA55B61F2BDE9621D88922EFC981CA40A0EC26F35F3558B811450
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BE264A62754D82839F5E995C15DA49" DisplayName="Remote Server Administration Tools for Windows 7 x86" VersionMin="6.1".. SetupFileUrl="http://download.microsoft.com/download/4/F/7/4F71806A-1C56-4EF2-9B4F-9870C4CFD2EE/Windows6.1-KB958830-x86-RefreshPkg.msu".. Location="1" ExactSize="241162581" MD5="ea16e4b42c8227eac0a99d5912d8f66d".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="RSAT for W7"/>.. <ATTRIBUTE name="GroupName" value="Windows Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\RSAT for W8 x64\RSAT for W8 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1468
      Entropy (8bit):5.513194646308932
      Encrypted:false
      SSDEEP:
      MD5:924C4960791DE0A3B4F09576F6430F80
      SHA1:D525B306DD6FD73032B6F2DE5838ACB3B25D91C8
      SHA-256:347DB4F10B2E4EF833A28491D126A3D97EEC48BE36F8EBA4731D181DBF72ECAD
      SHA-512:B42D5BC2A6A05E6F4BB2D5795CFB410F7EBD362FE5CEB0BD559B9A2E75723F9382317C7A06F8D123B685544EB85DC88F81AF1622BB6F72F4227402E7DB5BC3B5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EF6F9EC2FF6B4662AE5FF3CE6FD868A7" DisplayName="Remote Server Administration Tools for Windows 8 x64" VersionMin="6.2".. SetupFileUrl="http://download.microsoft.com/download/4/3/F/43FAC524-F605-426E-A2AE-EAD03D264FDE/Windows6.2-KB2693643-x64.msu".. Location="1" ExactSize="107034814" MD5="b32703695236f56f2f20c2e317933e88".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="RSAT f

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\RSAT for W8 x86\RSAT for W8 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1351
      Entropy (8bit):5.550671012790727
      Encrypted:false
      SSDEEP:
      MD5:C75BAFE0199CA6546266CD2CF89B74BB
      SHA1:3F83BC4CFA8BEE27969A131D5FB41E2A732B977E
      SHA-256:330EACE4729A3D8662E85FEF014335BFEF3A6E7BF726CCDF72D3BC925671D223
      SHA-512:4B680157729FA002A73C9B5D932CBCCCB152A79D4AD1789723DC00768491766F812C123FD31564D1080053A188B4B762B6DE943941D4701BB17619F27FDEB18A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="AA73854101B5473D9281F69E06AA111B" DisplayName="Remote Server Administration Tools for Windows 8 x86" VersionMin="6.2".. SetupFileUrl="http://download.microsoft.com/download/4/3/F/43FAC524-F605-426E-A2AE-EAD03D264FDE/Windows6.2-KB2693643-x86.msu".. Location="1" ExactSize="99918668" MD5="6a0bb309006180fff7af1522752f436e".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="RSAT for W8"/>.. <ATTRIBUTE name="GroupName" value="Windows Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\RSAT for W8.1 x64\RSAT for W8.1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1457
      Entropy (8bit):5.506712745156347
      Encrypted:false
      SSDEEP:
      MD5:54F5E4624DCBFA9D3FA86245C87FA8EE
      SHA1:264945269EF747DA6E0D631DF8BAC59609A9696C
      SHA-256:95C07905003ED4D31A6317A900DD1EC568A14CB9E5D8BF075E1B8D002FDBB8FE
      SHA-512:90C67CE6BC9A70EB08ED67CF8472D42BC680D46314BE96C9750A085F253EC0E3DED028D49EB52287FCDD8D95E7D509795D988FBD204CF5CAAB9A8CAC3661A4C3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F6CA30D0E4ECD9712E526F442C100" DisplayName="Remote Server Administration Tools for Windows 8.1 x64" VersionMin="6.3".. SetupFileUrl="http://download.microsoft.com/download/1/8/E/18EA4843-C596-4542-9236-DE46F780806E/Windows8.1-KB2693643-x64.msu".. Location="1" ExactSize="70872826" MD5="c2b1e3c97627adae934adeec556886db".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="RSAT for W

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\RSAT for W8.1 x86\RSAT for W8.1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1353
      Entropy (8bit):5.537541803236573
      Encrypted:false
      SSDEEP:
      MD5:FD7AF4CE55C96D026B0C0EF8988B1225
      SHA1:907B2BD7FF5C0EB18B2F9D75686B91E38D33AB0F
      SHA-256:685573899F5475EE0FE826983B423DAD079460393E12709CA04D9FF364EAB23D
      SHA-512:74DB1E36434A20BEC18836EA8B4C9B80BC9889138654F85B296DA54618B39F401C02D2A83A4E407EEAA57EC4BD77475DA3F76775218B225A5858717FC7FEAE93
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CC5BB50976764E55850623D34EC29066" DisplayName="Remote Server Administration Tools for Windows 8.1 x86" VersionMin="6.3".. SetupFileUrl="http://download.microsoft.com/download/1/8/E/18EA4843-C596-4542-9236-DE46F780806E/Windows8.1-KB2693643-x86.msu".. Location="1" ExactSize="63152345" MD5="6ba08fcd69e43b84ed1b98f5acbaf840".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="RSAT for W8.1"/>.. <ATTRIBUTE name="GroupName" value="Windows Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advins

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Silverlight 3\Silverlight 3.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1055
      Entropy (8bit):5.596212143157146
      Encrypted:false
      SSDEEP:
      MD5:E4D78C850D8A2774B812845E5BDE862E
      SHA1:4BE1AD333198268BDC92A24034B5A7D127B91ADA
      SHA-256:909EEF38224F07AF51A30A858C6FCA6A2E731B5CE00264DCE1839BA36A19B604
      SHA-512:C547F1CCCD9222A8C2B041EC698E519595F5F8F52A21A2D2FA7FF99359DCDD6ED6253EB249FD5695F876DD771D0A11AC0CDC22448EB4B246A3D78D8617FDB9D1
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BC07791E875348AF8E0C87EA5AEB7FEF" DisplayName="Silverlight 3" VersionMin="3.0".. SetupFileUrl="http://download.microsoft.com/download/0/C/4/0C490C52-D317-4BAF-967A-321D58E2670A/runtime/Silverlight.3.0.exe".. Location="1" ExactSize="4937608" MD5="6f9297dd7f6feb0289bb2641f0740402".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="Silverlight 3"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="BC07791E875348AF8E0C87EA5AEB7FEFVersion" Prereq="BC07791E875348AF8E0C87EA5AEB7FEF" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\Silverlight\Version" VerMin="3.0.50611.0".. Order="1" Property="PreReqSearch_BC07791E875

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Silverlight 4\Silverlight 4.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1056
      Entropy (8bit):5.608232721942143
      Encrypted:false
      SSDEEP:
      MD5:2F461DC8CB6600FD36E42A064DC01256
      SHA1:62379F766B4CAFA75791A8F5721CE8CD2B1AFCDC
      SHA-256:79BC4695F274341CAA2C89A015782B013695DB3EFF1F8DF6483A5DDFF85BF52B
      SHA-512:6F4603C7BB3C10737CC2F04A13434A77DCCBB1E9A399DEFB918772AE43D928862A778778F95C2FC7B65C59FF36F14C9DA2A15F9CAC3817599E8BF83B3924BFD7
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C772EBBF393477BBB88159B26FCE04D" DisplayName="Silverlight 4" VersionMin="4.1".. SetupFileUrl="http://download.microsoft.com/download/6/A/1/6A13C54D-3F35-4082-977A-27F30ECE0F34/10329.00/runtime/Silverlight.exe".. Location="1" ExactSize="6286448" MD5="30dafa3816b53b576436d841d163f8dc".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="Silverlight 4"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="C772EBBF393477BBB88159B26FCE04DVersion" Prereq="C772EBBF393477BBB88159B26FCE04D" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\Silverlight\Version" VerMin="4.1.10329.0".. Order="1" Property="PreReqSearch_C772EBBF3

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Silverlight 5 x64\Silverlight 5 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1307
      Entropy (8bit):5.592936157983097
      Encrypted:false
      SSDEEP:
      MD5:AFF93DD47C517E871D9D2C03FCA670DC
      SHA1:767D33A51B0023A8A93B5ACE00BFB4D382A63197
      SHA-256:8D7213531D65156FC63E2F1507CC87FE2CDDCE791091183BEDCA585578F486C1
      SHA-512:DB1CBB99EF7A7683FF9B90790AF770A9125F774DBD3FBA5FF79E7EF4FEF9EAC8FFD86823538ADC0E35A18F92CDD34592E700C7ABB10BF1BD99B0DFB8144CF16B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B9444674E341D79D1ECE143514B4BF" DisplayName="Silverlight 5 x64" VersionMin="5.1".. SetupFileUrl="http://download.microsoft.com/download/F/8/C/F8C0EACB-92D0-4722-9B18-965DD2A681E9/30514.00/Silverlight_x64.exe".. Location="1" ExactSize="13087456" MD5="2ede6612b7042d8582819cab084e6883".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista x64, Windows Server 2008 x64".. NoUiComLine="/q".. Operator="1" Options="xf" TargetName="Silverlight 5?Silverlight~r30514_x64.exe"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\Silverlight 5 x86\Silverlight 5 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1083
      Entropy (8bit):5.612168196073381
      Encrypted:false
      SSDEEP:
      MD5:2D15A8D5497BAA5B2A6ED38B0F4AA675
      SHA1:36A0D1F900F237AE1FFD5B4183D22C2CF1A8F1AA
      SHA-256:BD0D97FD082C6457FA69998616D1CE4CFDEDBA48D46BBF00CC59E361F9500FE7
      SHA-512:DDCEAF06C69D44CE3839E13926C0D8101B1FB1FB20D21C1C071D260DE70C53B81370D04571EA200E285F2E2931749A2B1F1941510B1EC05B1C275D9EA755A275
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C080161E76984B298BA3B196E308F50E" DisplayName="Silverlight 5 x86" VersionMin="5.1".. SetupFileUrl="http://download.microsoft.com/download/F/8/C/F8C0EACB-92D0-4722-9B18-965DD2A681E9/30514.00/Silverlight.exe".. Location="1" ExactSize="6958304" MD5="729cdab7188f18358f6610bec517ef04".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="Silverlight 5?Silverlight~r30514_x86.exe"/>.. <ATTRIBUTE name="GroupName" value="Flash, Java and other Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="C080161E76984B298BA3B196E308F50EVersion" Prereq="C080161E76984B298BA3B196E308F50E" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\Silverlight\Version" VerMin="5.1.30514.0".. Order="1" Proper

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\UWS Pro 2.0\UWS Pro 2.0.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1036
      Entropy (8bit):5.55987415817191
      Encrypted:false
      SSDEEP:
      MD5:AC4C480DCD9506DDAA4249EDE96AF19F
      SHA1:D0895C37593C79F61F5C7AC1DCA290FD6C2A3FDD
      SHA-256:9EDD5C531E4106E5D3E8E854614EAA16C04C2C258272BBC60601F364CA9257B0
      SHA-512:C321DA27DE39FD5A4222A5C628618E82DF3E40A49BFE8F228F5D053E725F23082A6B3F490448AA4D371DF13C228DC46835E68A7B2FE45945271D6B80086628A4
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C5632EF2411E864CF5A6D6479310" DisplayName="UltiDev Web Server Pro" VersionMin="2.0".. SetupFileUrl="http://download.ultidev.com/Products/Cassini/Pro/Build21/UltiDev.WebServer.msi".. Location="1" ExactSize="2402816" MD5="f1f32f86aa10a35017271e4824b1cc94".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="UltiDev Web Server Pro?UltiDev.WebServer~2.0.21.msi"/>.. <ATTRIBUTE name="GroupName" value="Web Server"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="C5632EF2411E864CF5A6D6479310UpgradeCode" Prereq="C5632EF2411E864CF5A6D6479310" SearchType="4".. SearchString="{F9943FF4-9257-4EAD-8B11-B92B2CD468D0}" VerMin="2.0.21".. Order="1" Property="PreReqSearch_C5632EF2411E864CF5A6D64793

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2005 SP1 x64 (MFC)\VC++ 2005 SP1 x64 (MFC).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1512
      Entropy (8bit):5.661734635339085
      Encrypted:false
      SSDEEP:
      MD5:35FAF6E77686215E97BEB0EF51FDBC5A
      SHA1:962168145A29FF9080FD9A6244764D554761C9A7
      SHA-256:76BAAE1D3BB8F08648AFF5A0D6EB239EED94866DCA6BC76E48CA83FBB0959304
      SHA-512:23B4CB61C3616B3E50325D9160C2B70F309DCEA0CD0E73B086AD0EFC4EDAD4C1F22BB6A19722344C07A5EE0D609C1CB54CB8DC4EAAD2E486936314663C01A081
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D2BCE474_49DC_4169_8EFD_7CAB0921B614" DisplayName="Visual C++ 2005 SP1 x64 (MFC Security Update)" VersionMin="8.0".. SetupFileUrl="http://download.microsoft.com/download/8/B/4/8B42259F-5D70-43F4-AC2E-4B208FD8D66A/vcredist_x64.exe".. Location="1" ExactSize="3175832" MD5="56eaf4e1237c974f6984edc93972c123".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. NoUiComLine="/q".. Operator="0" Options="xf" TargetName="Visual C++ 2005 SP1"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="D2BCE474_49DC_4169_8EFD_7CAB0921B614Install" Prereq="D2BCE474_49DC_4169_8EFD_7CAB0921B614" SearchType="9"..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2005 SP1 x86 (MFC)\VC++ 2005 SP1 x86 (MFC).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1395
      Entropy (8bit):5.652886670996488
      Encrypted:false
      SSDEEP:
      MD5:6BDF41A0F872975F1076DE242D47EA80
      SHA1:3373CF2B1A741B33322F6258561F7F03EB61C5D5
      SHA-256:BFEB3473677D78D3894C14FBD6E2E0990D951A34881A16A4D5A9859592727427
      SHA-512:BF726160AFD414D8A487C45947E4049FB73BA360EC9B962AAF0DEB835FA11E31C45F9C166E7FD57300C2E5FCC131E570E9130344B4B7222E905F22FAEF61763B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F477261_82C3_4613_8028_BC4B6AA8AD37" DisplayName="Visual C++ 2005 SP1 x86 (MFC Security Update)" VersionMin="8.0".. SetupFileUrl="http://download.microsoft.com/download/8/B/4/8B42259F-5D70-43F4-AC2E-4B208FD8D66A/vcredist_x86.exe".. Location="1" ExactSize="2707352" MD5="ce2922f83fb4b170affce0ea448b107b".. NoUiComLine="/q".. Operator="0" Options="f" TargetName="Visual C++ 2005 SP1"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="F477261_82C3_4613_8028_BC4B6AA8AD37Install" Prereq="F477261_82C3_4613_8028_BC4B6AA8AD37" SearchType="9".. SearchString="HKLM\SOFTWARE\Microsoft\DevDiv\VC\Servicing\8.0\RED\1033\Install" RefContent="M1".. Order=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2005 x64\VC++ 2005 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1164
      Entropy (8bit):5.622295783721608
      Encrypted:false
      SSDEEP:
      MD5:41AB3D75E3690DB9B2DD64AEE539A10A
      SHA1:AB7C0038E9194031BEC244DCDF94A4F60536968D
      SHA-256:2C530721A028E80DCC3229A2A05CC2198690D618F1876E68B1A6C33A5B85BE80
      SHA-512:E6880EA9BBD43F95A99AA25339949718E85C7D9A24C850935D01F2080AAFFB01704FFF45E7FFB7AB14BC028F39139D170B8C60BBAF111240B6A492DB58875530
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D340485F164D422688F7F84480CBA514" DisplayName="Visual C++ 2005 x64" VersionMin="8.0".. SetupFileUrl="http://download.microsoft.com/download/9/1/4/914851c6-9141-443b-bdb4-8bad3a57bea9/vcredist_x64.exe".. Location="1" ExactSize="4286744" MD5="524da2fb61a1361e77704e9466bcd74e".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. NoUiComLine="/q".. Operator="1" Options="xf" TargetName="Visual C++ 2005"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="D340485F164D422688F7F84480CBA514Install" Prereq="D340485F164D422688F7F84480CBA514" SearchType="9".. SearchString="HKLM\SOFTWARE\Microsoft\

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2005 x86\VC++ 2005 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1070
      Entropy (8bit):5.646324505266476
      Encrypted:false
      SSDEEP:
      MD5:30FDDC9B9947446BF2394E36CD00EFB0
      SHA1:5A8A28220C879DDADD2F6B22A3A28A5ADC705ACB
      SHA-256:A809123B252CB1C3AA2925AE7A25D08129F80C3C86DA094481095AE1483338A9
      SHA-512:0B3FADDB420AE23E4A5585732BC6DE3F0C9C102DCAFCD97BF21D530DC5E287CD0C31A8718F3B626E97DA556FE3511F48552FFF1AFA3ECF6142FFBA20F19010F4
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F996CBB7_473A_43A8_9384_647FF5FBAB04" DisplayName="Visual C++ 2005 x86" VersionMin="8.0".. SetupFileUrl="http://download.microsoft.com/download/d/3/4/d342efa6-3266-4157-a2ec-5174867be706/vcredist_x86.exe".. Location="1" ExactSize="2686232" MD5="4e33c98627ea50d3e44cd62d323345d6".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="Visual C++ 2005"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="F996CBB7_473A_43A8_9384_647FF5FBAB04Install" Prereq="F996CBB7_473A_43A8_9384_647FF5FBAB04" SearchType="9".. SearchString="HKLM\SOFTWARE\Microsoft\DevDiv\VC\Servicing\8.0\RED\1033\Install" RefContent="M1".. Order="1" Property="PreReqSearch_

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2008 SP1 x64 (MFC)\VC++ 2008 SP1 x64 (MFC).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1190
      Entropy (8bit):5.625420231847289
      Encrypted:false
      SSDEEP:
      MD5:BFC785A84E864858F3D7646D41C13115
      SHA1:98208D74EBB647B5D4BFE6284CAAD68FDF94C2E5
      SHA-256:809FCC15C7B659452559E9D014B929C3C747D6486C2DB8A092C8DD43185093D6
      SHA-512:593C060775EA4416D80CFF8D0DF8F1D433594B1469238EAD97589182588A1ACE62CD472AB71618123C400DF0798AD97CAF8717304554FDA8D8C1DF2C906B3D8C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FEDCDA5E724321BEC04988E1E74CE9" DisplayName="Visual C++ 2008 SP1 x64 (MFC Security Update)" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/5/D/8/5D8C65CB-C849-4025-8E95-C3966CAFD8AE/vcredist_x64.exe".. Location="1" ExactSize="5207896" MD5="e2ada570911edaaae7d1b3c979345fce".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. NoUiComLine="/q".. Operator="1" Options="xf" TargetName="Visual C++ 2008 SP1"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="FEDCDA5E724321BEC04988E1E74CE9Version" Prereq="FEDCDA5E724321BEC04988E1E74CE9" SearchType="2".. SearchString="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2008 SP1 x86 (MFC)\VC++ 2008 SP1 x86 (MFC).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1100
      Entropy (8bit):5.6511524865823715
      Encrypted:false
      SSDEEP:
      MD5:4CA3002881BB7B2E8E3795D4E3238E71
      SHA1:9EDAEDA53C119A3944AEBA0D6E8D7CF04468254D
      SHA-256:EBF02F241AEE296CF86CAD1D7184EA05767E4295B455CEC10D7D13A768BD0B79
      SHA-512:EA5C3272CFA5D94C96818A815515B9F956DF83E147CD1DF36A7C79B2061AD46DFBCDA66E28561BA278D886D2755BB98E1228947E36CFAD319CD815EB68AF8E4F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="ADCDB4C_AFEB_4F3D_A1D0_2B0D48C0458C" DisplayName="Visual C++ 2008 SP1 x86 (MFC Security Update)" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/5/D/8/5D8C65CB-C849-4025-8E95-C3966CAFD8AE/vcredist_x86.exe".. Location="1" ExactSize="4479832" MD5="35da2bf2befd998980a495b6f4f55e60".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="Visual C++ 2008 SP1"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="ADCDB4C_AFEB_4F3D_A1D0_2B0D48C0458CVersion" Prereq="ADCDB4C_AFEB_4F3D_A1D0_2B0D48C0458C" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\DevDiv\VC\Servicing\9.0\RED\1033\Version" VerMin="30729.6161".. Or

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2008 x64\VC++ 2008 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1156
      Entropy (8bit):5.642425827542422
      Encrypted:false
      SSDEEP:
      MD5:664D1015CCC08569AC97D46186351054
      SHA1:1C1D3E2DAEAC9EAAB226ED8424A62BF2B8F47939
      SHA-256:6E7575B65D6BC896CD17C1399F22435C1D6E3938A302690B7B8DD4C84ED1A52F
      SHA-512:8CDEEC16ED25B4AC8B72152258E2EC5A16D18530BA483D9B00ED216FFBD41B2738CEAC49D0E4D04BC52347F5F630177D5EF1AA1F5FFE0A14DA3E3D6366BA9889
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B3D618FCD640C1BB6D035D907A7F98" DisplayName="Visual C++ 2008 x64" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/1/9/0/190da410-d595-4342-ba2f-2422e78bc84d/vcredist_x64.exe".. Location="1" ExactSize="4941832" MD5="de553c686243a4d7d01397354100591e".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. NoUiComLine="/q".. Operator="1" Options="xf" TargetName="Visual C++ 2008"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B3D618FCD640C1BB6D035D907A7F98Install" Prereq="B3D618FCD640C1BB6D035D907A7F98" SearchType="9".. SearchString="HKLM\SOFTWARE\Microsoft\DevDiv

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2008 x86\VC++ 2008 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1050
      Entropy (8bit):5.631042392383382
      Encrypted:false
      SSDEEP:
      MD5:49E7F5D848CEB486F54FF69513180252
      SHA1:61BFB8A5ABF3414ED5A38503BF364D2495FE13E6
      SHA-256:A13E7F719F99DCBDA86B92DE0A5D9F4BE349D27F146A136795843605EA66385D
      SHA-512:C90B636196DE1B7094896393937BF6E9013CBFA31388821569522F7CC3029AC3573DABA6F10D18D1E901FD06D148645B57DFA0D5734413E3E0D800B41B8FB957
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C49_E141_464F_BA06_579198CB3688" DisplayName="Visual C++ 2008 x86" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/d/1/0/d10d210e-e0ad-4010-b547-bc5e395ef691/vcredist_x86.exe".. Location="1" ExactSize="4209160" MD5="c0622ed3b105ac0e4c99e45db43f9589".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="Visual C++ 2008"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="C49_E141_464F_BA06_579198CB3688Install" Prereq="C49_E141_464F_BA06_579198CB3688" SearchType="9".. SearchString="HKLM\SOFTWARE\Microsoft\DevDiv\VC\Servicing\9.0\RED\1033\Install" RefContent="M1".. Order="1" Property="PreReqSearch_C49_E141_464F_B

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2010 SP1 x64 (MFC)\VC++ 2010 SP1 x64 (MFC).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1196
      Entropy (8bit):5.626044387652473
      Encrypted:false
      SSDEEP:
      MD5:CFC7774F285D40DAE7A448228E3AC9FC
      SHA1:517AD95217005877AE466927218C3E50CDF799C0
      SHA-256:FC51B08E905C12E462B09C907318295AB0DF758E3CBF407B83EA88CF98A042DC
      SHA-512:A70534C309F3F318FB46F3DB167179EFA567CA300F0683719613AC3D6721110417F6B7822D9C090A7C6D08CBC4866F458A76F7D2D4F821C27D28C3E0DBAA1EEF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B63_41B8_9CB7_8C5E07C0FC18_" DisplayName="Visual C++ 2010 SP1 x64 (MFC Security Update)" VersionMin="10.0".. SetupFileUrl="http://download.microsoft.com/download/1/6/5/165255E7-1014-4D0A-B094-B6A430A6BFFC/vcredist_x64.exe".. Location="1" ExactSize="10274136" MD5="c9d9eebccef20d637f193490cec05e79".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. NoUiComLine="/q /norestart".. Operator="1" Options="f" TargetName="Visual C++ 2010 SP1"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="B63_41B8_9CB7_8C5E07C0FC18_Version" Prereq="B63_41B8_9CB7_8C5E07C0FC18_" SearchType="2".. SearchStrin

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2010 SP1 x86 (MFC)\VC++ 2010 SP1 x86 (MFC).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1124
      Entropy (8bit):5.662674872179915
      Encrypted:false
      SSDEEP:
      MD5:C546F9F9AB21CA13AB91AEC3B7B01497
      SHA1:216BC5FF8A03E95F61D30F59BCF9DAE34711E8B2
      SHA-256:E814B8EC6EFF2D90E08B456732C31BFDEC53D42DEB7042C974FE9B901D763812
      SHA-512:C81274A5BBA35A74B2AA426823A1AF876489334724388094D712818756BDC71D82F382393A68151AE691AF01903E675C6AFCFD245C9DCB83675BF0882A2AE4EE
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CB585686_DAA3_4384_BDDF_08ABA631E9F3_" DisplayName="Visual C++ 2010 SP1 x86 (MFC Security Update)" VersionMin="10.0".. SetupFileUrl="http://download.microsoft.com/download/1/6/5/165255E7-1014-4D0A-B094-B6A430A6BFFC/vcredist_x86.exe".. Location="1" ExactSize="8990552" MD5="1801436936e64598bab5b87b37dc7f87".. NoUiComLine="/q /norestart".. Operator="1" Options="f" TargetName="Visual C++ 2010 SP1"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="CB585686_DAA3_4384_BDDF_08ABA631E9F3_Version" Prereq="CB585686_DAA3_4384_BDDF_08ABA631E9F3_" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\DevDiv\VC\Servicing\10.0\red\x86\1033\Version" VerMin

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2010 x64 (MFC)\VC++ 2010 x64 (MFC).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1216
      Entropy (8bit):5.658406158671432
      Encrypted:false
      SSDEEP:
      MD5:DA0C57772C520E46DDB5CD8BD26A8F9C
      SHA1:FCC26845677F35730192A2752A522892CB6742B4
      SHA-256:398CC1A9447A29E9308A7800A5BBC1443E7A450DCD7039ADB915AA7F67CE3592
      SHA-512:763AAF08A34FC7713A2C89AFA0BB4152C35A9E32DE6949DD28D5EEECE7A8076F2D11D3961F16212B941DF196F057CF95DAB4E4A92BA09FE9A4DCB34CEC6FE818
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A9B3CC_B8E4_4F03_B719_D9E76675954E" DisplayName="Visual C++ 2010 x64 (MFC Security Update)" VersionMin="10.0".. SetupFileUrl="http://download.microsoft.com/download/4/D/0/4D00D6C0-09FC-446C-AE9C-C923AF2DF29A/vcredist_x64.exe".. Location="1" ExactSize="10276696" MD5="2fdf0c01ac6677522a98040e8737b39a".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. NoUiComLine="/q /norestart".. Operator="1" Options="f" TargetName="Visual C++ 2010"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="A9B3CC_B8E4_4F03_B719_D9E76675954EVersion" Prereq="A9B3CC_B8E4_4F03_B719_D9E76675954E" SearchType="2"..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2010 x86 (MFC)\VC++ 2010 x86 (MFC).aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1092
      Entropy (8bit):5.626536275816517
      Encrypted:false
      SSDEEP:
      MD5:B99D92A3664DD04150EE305F62F2033E
      SHA1:3A63F7C029B6C53AD9EC2DB12BCA0BC18CAEB158
      SHA-256:AE6AAE28A76CEFA900836BA004FCCD094DE80BF0F54B49F36EBAAC59E1CAADE9
      SHA-512:16D038EF58B14BB6BC07FE3D1A6CE301889D670AB8F1159AC40E67E5ACC2EF613B541E7BAABEF1C67B6EC9F0DE662E023CA31B6F7AF4214FBC6E4B9E6C4CAE95
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FAA_5658_49AA_A41D_71074C8A5006" DisplayName="Visual C++ 2010 x86 (MFC Security Update)" VersionMin="10.0".. SetupFileUrl="http://download.microsoft.com/download/4/D/0/4D00D6C0-09FC-446C-AE9C-C923AF2DF29A/vcredist_x86.exe".. Location="1" ExactSize="9034584" MD5="8a405667aebc011b3fc434744a5b536f".. NoUiComLine="/q /norestart".. Operator="1" Options="f" TargetName="Visual C++ 2010"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="FAA_5658_49AA_A41D_71074C8A5006Version" Prereq="FAA_5658_49AA_A41D_71074C8A5006" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\DevDiv\VC\Servicing\10.0\red\x86\1033\Version" VerMin="30319.415".. Order=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2012 x64\VC++ 2012 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1262
      Entropy (8bit):5.625423937372124
      Encrypted:false
      SSDEEP:
      MD5:038CD1D12E146CCDC9B18F0804B6ADE7
      SHA1:5CBDF57FC76AB8E9CE03772BE73367BFC464CEA4
      SHA-256:8B70C2F3C7551CBB712E28C5770E7CB54AB147316669AE7B6A04201EA2A8155F
      SHA-512:998EB372BEC09B8E0BD878C42E2A81FBAEE417CCED4A4F5E48C26460680DC2ED2CFAB1B894EBDF1D5DD7A0A20B349C6AD6EAD6DECEFB9BD5998BA1BE5D4DB478
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="EF36CDD6CE40CFA978040EA5CBA799" DisplayName="Visual C++ Redistributable for Visual Studio 2012 Update 4 x64" VersionMin="11.0".. SetupFileUrl="http://download.microsoft.com/download/1/6/B/16B06F60-3B20-4FF2-B699-5E9B7962F9AE/VSU_4/vcredist_x64.exe".. Location="1" ExactSize="7186992" MD5="3c03562b5af9ed347614053d459d7778".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. NoUiComLine="/q /norestart".. Operator="1" Options="xf" TargetName="Visual C++ Redistributable for Visual Studio 2012"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="EF36CDD6CE40CFA978040EA5CBA799Version" Prereq="EF3

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2012 x86\VC++ 2012 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1160
      Entropy (8bit):5.620533069854063
      Encrypted:false
      SSDEEP:
      MD5:72202CBAFE3145B531AE08B3474969C0
      SHA1:B436B1977DBDE52EB58BA68E1903B4D1D44094C6
      SHA-256:1E3315A8C734AF9FD25F7881C756334433CD4BBA4EDB22B3C7CC3C7644C44657
      SHA-512:8BA4D1CBFE0176ED00413ECA1A1DF5E5E6A826441AA20331F6C485C499D9E8D147BCE3F4C7E8E9D6A14A2DF687CA6791BC0BC14E8A6D843205653272F5132AD2
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C67108D39D05435F9BE6B977F2CCED25" DisplayName="Visual C++ Redistributable for Visual Studio 2012 Update 4 x86" VersionMin="11.0".. SetupFileUrl="http://download.microsoft.com/download/1/6/B/16B06F60-3B20-4FF2-B699-5E9B7962F9AE/VSU_4/vcredist_x86.exe".. Location="1" ExactSize="6554576" MD5="7f52a19ecaf7db3c163dd164be3e592e".. NoUiComLine="/q /norestart".. Operator="1" Options="f" TargetName="Visual C++ Redistributable for Visual Studio 2012"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="C67108D39D05435F9BE6B977F2CCED25Version" Prereq="C67108D39D05435F9BE6B977F2CCED25" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\DevDiv\VC\Servi

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2013 x64\VC++ 2013 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1288
      Entropy (8bit):5.633798421523116
      Encrypted:false
      SSDEEP:
      MD5:2833C2C2DEBAFD6139E2A22177144854
      SHA1:2CC04F04F123068D12F553BA6BA0600394ECF61C
      SHA-256:EF83CF56BC0AA38BC4404046D5684E204A02F02C47912635606945E3351DFBDF
      SHA-512:3B284D9B3758CF2B8B2241C138B687333DCE3A0A24AC09DF3FE6B5FB415A052D622A3AF904DCD7C9D236A5F47EA542D7D918E4A16A77E194698A4C54FF1C298D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CA62D813A4E74FA2AAE86A7D7B7B1493" DisplayName="Visual C++ Redistributable for Visual Studio 2013 Update 5 x64" VersionMin="12.0".. SetupFileUrl="http://download.microsoft.com/download/C/C/2/CC2DF5F8-4454-44B4-802D-5EA68D086676/vcredist_x64.exe".. Location="1" ExactSize="7201056" MD5="b364dd867258dfc79342e00d57c81bb5".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. NoUiComLine="/q /norestart".. Operator="1" Options="xf" TargetName="Visual C++ Redistributable for Visual Studio 2013?vcredist_2013u5_x64.exe"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="CA62D813A4E74FA2AAE86A7D7B7B14

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2013 x86\VC++ 2013 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1748
      Entropy (8bit):5.598085229680837
      Encrypted:false
      SSDEEP:
      MD5:28F69E65C9ED37E3C7159F85765A7AF2
      SHA1:7104CE0833281E51AAAAF7E3CE574AF251ADDC50
      SHA-256:2381F1683F5FD691EF92446618248CA73377F316756E2742A148F5AE901ACD51
      SHA-512:F38CEC9EBBF9042D7E684589F16E5C286FFD23E517FFE7E868743F4A220FF8A0FD11B68BF86A4C538437018C78D582A721DFFA16EBC0A14E48B29C3DACA7C5FF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D564007E3BBE4F85950A09B470A7CA65" DisplayName="Visual C++ Redistributable for Visual Studio 2013 Update 5 x86" VersionMin="12.0".. SetupFileUrl="http://download.microsoft.com/download/C/C/2/CC2DF5F8-4454-44B4-802D-5EA68D086676/vcredist_x86.exe".. Location="1" ExactSize="6510272" MD5="6a3a1760342ea699d5e6df1f2a1c7707".. NoUiComLine="/q /norestart".. Operator="0" Options="f" TargetName="Visual C++ Redistributable for Visual Studio 2013?vcredist_2013u5_x86.exe"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="D564007E3BBE4F85950A09B470A7CA65Version" Prereq="D564007E3BBE4F85950A09B470A7CA65" SearchType="2".. SearchString="HKLM\SOFTWARE\Microso

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2015 x64\VC++ 2015 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1403
      Entropy (8bit):5.601917486420435
      Encrypted:false
      SSDEEP:
      MD5:A24449363687A44F9CE0ED91885E90AC
      SHA1:EB60D95D08F906D411DBEF53339DA11FC501C1B7
      SHA-256:BDA6957C4C56AAA52AD89394591399154E529C0AB93435B8A90F62064198242B
      SHA-512:23E27482EDF458E668A190E9B3E3093AD3AC8B1C83236109732867F833FB6AB62FE6D9955FB3BCDECF72B2D2261E0F4D9A655EED5D5436CBE542E53FB1C70698
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B5158184F44A6981C5919229A6AEBE" DisplayName="Visual C++ Redistributable for Visual Studio 2015 Update 3 x64" VersionMin="14.0".. SetupFileUrl="http://download.microsoft.com/download/6/D/F/6DF3FF94-F7F9-4F0B-838C-A328D1A7D0EE/vc_redist.x64.exe".. Location="1" ExactSize="15302984" MD5="2397cb0a7d4f611b521a23e8e3b22424".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. NoUiComLine="/q /norestart".. Operator="1" Options="xf" TargetName="Visual C++ Redistributable for Visual Studio 2015?vc2015u3_redist_x64.exe"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONEN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2015 x86\VC++ 2015 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1932
      Entropy (8bit):5.56549124790942
      Encrypted:false
      SSDEEP:
      MD5:F1C73C36847B0D3F6723860004A17F2B
      SHA1:E958E92DC17B0E4D4CBEC6FBCD4197DE6B80FD4F
      SHA-256:CE774E78ED40E725F761E7A2B74CE71B556AE2F74EA3CD96FAFAE823B4D7B78F
      SHA-512:852AD060F8AD20E2F11FE337C72270984124D566B48E8A0F915FE7B50BEF9AAECDB0406060E5BB840A657A440373110AB9B733F1728418E7D95C9FB02692989D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D7E473DF14F3E98497864847195F2" DisplayName="Visual C++ Redistributable for Visual Studio 2015 Update 3 x86" VersionMin="14.0".. SetupFileUrl="http://download.microsoft.com/download/6/D/F/6DF3FF94-F7F9-4F0B-838C-A328D1A7D0EE/vc_redist.x86.exe".. Location="1" ExactSize="14458272" MD5="1b3d24a3e9c99e63391a53b9e5be5356".. WinNTVersions="Windows Vista RTM x86, Windows Vista SP1 x86, Windows 7 RTM x86".. WinNT64Versions="Windows Vista RTM x64, Windows Vista SP1 x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. NoUiComLine="/q /norestart".. Operator="0" Options="f" TargetName="Visual C++ Redistributable for Visual Studio 2015?vc2015u3_redist_x86.exe"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="ca

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2017 x64\VC++ 2017 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1452
      Entropy (8bit):5.584178026436766
      Encrypted:false
      SSDEEP:
      MD5:7827A7EB7CD2F1D9CC690850F71A677D
      SHA1:C469E62CEF8D9C4820F4725442D01FAF1ED09C20
      SHA-256:36A0050F61ACE635E075E52CB29076E8EDA9A6CA1CED221F0C2F0F7808A15E53
      SHA-512:FE957DF5B42FDFB16E7D22B787F89EBAEC204D7186BFA688C279A1EC034460B6D5F689FA3DCA7CB8AE4966DFD59A5E810B0557F14BD9CACE1847BF3F76671C44
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.6" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D36C9FE0826D4D2B9C2DDCCE2C83E860" DisplayName="Visual C++ Redistributable for Visual Studio 2017 x64" VersionMin="14.16".. SetupFileUrl="http://download.visualstudio.microsoft.com/download/pr/9fbed7c7-7012-4cc0-a0a3-a541f51981b5/e7eec15278b4473e26d7e32cef53a34c/vc_redist.x64.exe".. Location="1" ExactSize="15329280" MD5="1e3131468ede03f788716a56dc3e2703".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista RTM x64, Windows Vista SP1 x64, Windows Server 2008 RTM x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. NoUiComLine="/q /norestart".. Operator="1" Options="xf" TargetName="Visual C++ Redistributable for Visual Studio 2017"/>.. <ATTRIBUTE name="GroupN

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VC++ 2017 x86\VC++ 2017 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1743
      Entropy (8bit):5.6052067318344125
      Encrypted:false
      SSDEEP:
      MD5:9CF551F3B33B4AF45B94FF9FB624271A
      SHA1:42579FD91D3541B5B3DDBC4CE62EFF44B544948E
      SHA-256:2AF9E61099F8F7495F53F891810C576ED46178AF19CA18B0C6BA16140DA8E0CA
      SHA-512:C40DDDF6FBCDDA088AE7459CDD9748CA6030AE17C35C8C65681CFE4A2FE11C396EC909599612C841FF2DA376F15C6066C4056392B959E14621C2A335CF5BB744
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.6" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B35B3203FEB4CFFA576A27CB835D3E6" DisplayName="Visual C++ Redistributable for Visual Studio 2017 x86" VersionMin="14.16".. SetupFileUrl="http://download.visualstudio.microsoft.com/download/pr/d0b808a8-aa78-4250-8e54-49b8c23f7328/9c5e6532055786367ee61aafb3313c95/vc_redist.x86.exe".. Location="1" ExactSize="14649704" MD5="e8e0bb4f12ec984cce63665b4a4f3f09".. WinNTVersions="Windows Vista RTM x86, Windows Vista SP1 x86, Windows Server 2008 RTM x86, Windows 7 RTM x86".. WinNT64Versions="Windows Vista RTM x64, Windows Vista SP1 x64, Windows Server 2008 RTM x64, Windows 7 RTM x64, Windows Server 2008 R2 RTM x64".. NoUiComLine="/q /norestart".. Operator="0" Options="f" TargetName="Visual C++ Redistributable for Visual Studio 2017"/>.. <ATTRIBUTE name="G

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VF# 2.0 Runtime SP1\VF# 2.0 Runtime SP1.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1391
      Entropy (8bit):5.618621556864746
      Encrypted:false
      SSDEEP:
      MD5:11B6540943B772787350A1D3BDDA33AA
      SHA1:83A16576EBE16FD39E75BBB60A0799C1AA038F3B
      SHA-256:4D2B146DE48ACFDCF38AD1AD873B2BE92B62C53871C0EC900C9DD224C9072317
      SHA-512:436059F7459BE90376F8E27E2A403C3C0F7427AE99FBC0E42C84E4508AA93F1B77D2A74CE1DBFAE47295F00A543D5F21E7786F277253F6933168D20BB6D3A869
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DDF6AE495A4511855F149F9C7327C8" DisplayName="Visual F# 2.0 SP1 Runtime" VersionMin="2.0".. SetupFileUrl="http://download.microsoft.com/download/A/7/1/A7186F15-D846-44F1-A8E1-84A290994C3B/fsharp_redist.exe".. Location="1" ExactSize="1214808" MD5="16e3299b9f475ff6f8f297e5e3344333".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="Visual F# 2.0 SP1 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="DDF6AE495A4511855F149F9C7327C8InstallSuccess" Prereq="DDF6AE495A4511855F149F9C7327C8" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\FSharp\2.0\Runtime\v2.0\Install\InstallSuccess" VerMin="4.0.40219".. Order="1" Property

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VF# 2.0 Runtime\VF# 2.0 Runtime.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1376
      Entropy (8bit):5.640936700826836
      Encrypted:false
      SSDEEP:
      MD5:54FF2A8AB80E3597B0AAA3AED44187E3
      SHA1:AA8195492AF291F2DF5D95CA8143215853F36381
      SHA-256:5BC3C6BCEC80A7A2B4BADF7FA1880657F090D377C1557FC8EE01D72F3793DC0C
      SHA-512:578C5AE99C1189B4E87A2C419C43F93DE9055D1D92A57787830B784F5857998A2082AA8AC0D795C7F4EDF56847160DD161DD669774FC1179819A51D6C4FED09B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D_C44B_4D0A_9373_815AF02776C1" DisplayName="Visual F# 2.0 Runtime" VersionMin="2.0".. SetupFileUrl="http://download.microsoft.com/download/4/B/7/4B782102-D510-4B74-A89A-01B0DA3D153B/fsharp_redist.exe".. Location="1" ExactSize="1209688" MD5="43772d8fb6faf135d7a6dcd1909f5a07".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="Visual F# 2.0 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="D_C44B_4D0A_9373_815AF02776C1InstallSuccess" Prereq="D_C44B_4D0A_9373_815AF02776C1" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\FSharp\2.0\Runtime\v2.0\Install\InstallSuccess" VerMin="4.0.30319".. Order="1" Property="PreReqSea

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VSTO 2.0 Runtime\VSTO 2.0 Runtime.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1606
      Entropy (8bit):5.609402047278938
      Encrypted:false
      SSDEEP:
      MD5:3641BF0DBE57909DB899C6FD77FB3AC5
      SHA1:C26A3DD26D33B6DD9162068A9432A8887137ABF7
      SHA-256:E17BAB18792B3EEACF5AD3FF8E56833C49C027F6CCD5606C9CFB1344990E54A7
      SHA-512:47101CA31EA4BC53BE6A6512476E2C0D786B3AA0753B7A8BB6CA2A4E5D616B660FEE6AB08750BEB689EEFA65225C02C10BB70195E9B417C55D14B3499C978FF8
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D8446AF6_A84B_40ED_93E6_8FEA95829A1E" DisplayName="Visual Studio Tools for Office 2.0 Runtime" VersionMin="8.0".. SetupFileUrl="http://download.microsoft.com/download/c/2/1/c21c3b6b-0f45-42fb-91e1-f064d1d5f659/vstor.exe".. Location="1" ExactSize="1352184" MD5="91310591171e16c07e3cd07c09da2a59".. WinNTVersions="Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/q".. Operator="0" Options="f" TargetName="VSTO 2.0 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="D8446AF6_A84B_40E

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VSTO 3.0 Runtime SP1\VSTO 3.0 Runtime SP1.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1090
      Entropy (8bit):5.606343224814554
      Encrypted:false
      SSDEEP:
      MD5:402CF2BB65AC31957C54D04C4B8568EC
      SHA1:56E17C8065E65A282C8721C61844EBACF396D3F1
      SHA-256:E266D13302F754E63093B54D154F125B78C33A0CD9E2C4CFFA3C929298FF5897
      SHA-512:2408E3570505355A0FCBCB3AC8DEBB985F35210ACEBDD0CE6214F2803BCAA8B4FB193453D255101212BD2C1E217C5D91D882B69FD775CC47FFC7E3E9FED319CB
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C59F900F94574F218486A9326FD78DE3" DisplayName="Visual Studio Tools for Office 3.0 Runtime SP1" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/0/c/4/0c4c5bd1-c27d-4ee0-8466-4a3ea487263f/vstor30sp1-KB949258-x86.exe".. Location="1" ExactSize="1365024" MD5="5db75ede56f23675405605bee2cab7c0".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="VSTO 3.0 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="C59F900F94574F218486A9326FD78DE3Install" Prereq="C59F900F94574F218486A9326FD78DE3" SearchType="9".. SearchString="HKLM\SOFTWARE\Microsoft\VSTO Runtime Setup\v9.0.30729\Install" RefContent="M1".. Order="1"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VSTO 3.0 Runtime\VSTO 3.0 Runtime.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1050
      Entropy (8bit):5.5792985967660575
      Encrypted:false
      SSDEEP:
      MD5:57728082AD9C90335E526F423F94B3BD
      SHA1:36197E5C9022AAAE3E30197B5F269695187FEF01
      SHA-256:2C137C1738AD4409FE6FB66143C17C1563D16209ADA0C049F576BEBB71C2658C
      SHA-512:9F930E29AEEAB289CA94A6B545E00DC4995AAAA167859398D6BE33EE7DBB0BBCA6097467C2EFF1F88426C02A13184E1E637CC6F108CF80A528A7D3A04152B8F0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A2A0_44B8_BA6B_24BAE1501A54" DisplayName="Visual Studio Tools for Office 3.0 Runtime" VersionMin="9.0".. SetupFileUrl="http://download.microsoft.com/download/c/9/3/c93c2e15-4f0d-4482-99a1-37d096a399a2/vstor30.exe".. Location="1" ExactSize="1988096" MD5="234e1b5cc23959f6fd4b018cf5ca0337".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="VSTO 3.0 Runtime"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="A2A0_44B8_BA6B_24BAE1501A54Install" Prereq="A2A0_44B8_BA6B_24BAE1501A54" SearchType="9".. SearchString="HKLM\SOFTWARE\Microsoft\VSTO Runtime Setup\v9.0.21022\Install" RefContent="M1".. Order="1" Property="PreReqSearch_A2A0_44B8_B

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\VSTO 4.0 Runtime\VSTO 4.0 Runtime.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1236
      Entropy (8bit):5.570810603515831
      Encrypted:false
      SSDEEP:
      MD5:08A9DFF80A3BC901280CD5CFD0BC462C
      SHA1:F829EC3EFECCF88602CA213CF5CA850240A8DF66
      SHA-256:4A478472DEFF35868DBAF4A8FBA992619B5D4EE95BA24F7BEC90691DD3486828
      SHA-512:6B5F6E4EBB023CBC774CB8552AEA40D870B957B12F6F436B342D7ED157B754108C5130F8F460F6A61F129FDF8B062B0072CBF10F585F7A7D023D505D24809198
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="ABA121137E454F6C815A1647D0B2CF14" DisplayName="Visual Studio Tools for Office 4.0 Runtime" VersionMin="10.0".. SetupFileUrl="http://download.microsoft.com/download/7/A/F/7AFA5695-2B52-44AA-9A2D-FC431C231EDC/vstor_redist.exe".. Location="1" ExactSize="40102072" MD5="a4b529647945755ca27c3560cfb96d86".. WinNTVersions="Windows Vista RTM x86, Windows Vista SP1 x86".. WinNT64Versions="Windows Vista RTM x64, Windows Vista SP1 x64".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="VSTO 4.0 Runtime?vstor_redist~r60724.exe"/>.. <ATTRIBUTE name="GroupName" value="Visual Studio"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="ABA121137E454F6C815A1647D0B2CF14Version" Prereq="ABA121137E454F6C

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WI 4.5 for Vista x64\WI 4.5 for Vista x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1473
      Entropy (8bit):5.55093181872459
      Encrypted:false
      SSDEEP:
      MD5:1BC7ABA60B77A3280155FE27D6EA6B4A
      SHA1:4BBA5B745BD5D325B59BE3A995C605C9FF9D0271
      SHA-256:D5FF209F050EDCE84BD5492CB701FCFA66B6592EA36B6DB7520E0AA1BC355A66
      SHA-512:A4A3ECF91F395AD9BE32399E8D4FF61322C1E4AD21B8ECAFC1AF5595EA886C13D4AC74A0E74F6D2EBDD6EF3778AF74E333ED4665A321F769FF90C8742CB8B954
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="DEA59E_3721_47EC_B210_ECE91E508519" DisplayName="Windows Installer 4.5 for Windows Vista/Server 2008 x64" VersionMin="4.5".. SetupFileUrl="http://download.microsoft.com/download/2/6/1/261fca42-22c0-4f91-9451-0e0f2e08356d/Windows6.0-KB942288-v2-x64.msu".. Location="1" ExactSize="3086960" MD5="8a6bbae35c9a95f8b5ad66a620b32b28".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista SP2 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="Windows

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WI 4.5 for Vista x86\WI 4.5 for Vista x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1365
      Entropy (8bit):5.571835037809743
      Encrypted:false
      SSDEEP:
      MD5:76FA860627E4C3D9263A34BCC3400AD5
      SHA1:C959CC5B02CB1ED9E92DE5AC4EAE8EF9DF82DABC
      SHA-256:143677F189FCD133AFDB8487989A5B322751B234D57A222F296BD0BB26587700
      SHA-512:6299B80A4A2483DAE0B47770698C26A89BC7ECC2B107D74CAA2A94037A349F151CC1B0BE87560B599C91906739408FBBB5FB2A38EE2AB60ACFF46732232D7E15
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D5ACF1DA_E9F5_4D0B_BE2E_BA8866896750" DisplayName="Windows Installer 4.5 for Windows Vista/Server 2008 x86" VersionMin="4.5".. SetupFileUrl="http://download.microsoft.com/download/2/6/1/261fca42-22c0-4f91-9451-0e0f2e08356d/Windows6.0-KB942288-v2-x86.msu".. Location="1" ExactSize="1768236" MD5="2a6c8620d69880e2cfdcd41f58643620".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista SP2 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Windows Installer 4.5"/>.. <ATTRIBUTE name="GroupName" value="Windows Installer"/>.. </COMPONENT>.. <COMPONENT cid="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WI 4.5 for WS2003 x64\WI 4.5 for WS2003 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1453
      Entropy (8bit):5.538148913251
      Encrypted:false
      SSDEEP:
      MD5:D0EC1668949B0982866904B206669502
      SHA1:84CD60E6267BA75DB8E602042000D167148BA6B8
      SHA-256:C1CE59B5EAFEB05E12CDBBF926E27279C70D42C2EABDBC8829F3FDAEFA3A52DE
      SHA-512:AF5F4E974FD52C4306BEDB9AF2358BAB79A17BA1E06BE5CE3EB975B329ABFABEC65C3FB915E9C135355B82936F663418F7CE286CBBD41EBE479C308BB5425B2E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="A7D22C1_72D9_45A0_A1C8_55E9B0200810" DisplayName="Windows Installer 4.5 for Windows XP/Server 2003 x64" VersionMin="4.5".. SetupFileUrl="http://download.microsoft.com/download/2/6/1/261fca42-22c0-4f91-9451-0e0f2e08356d/WindowsServer2003-KB942288-v4-x64.exe".. Location="1" ExactSize="4691480" MD5="2464cd74a533d80e87d9cfc88702c938".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="Windows Installer 4.5"/>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WI 4.5 for WS2003 x86\WI 4.5 for WS2003 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1358
      Entropy (8bit):5.572873473304892
      Encrypted:false
      SSDEEP:
      MD5:6B9B11BDD0D997F4F5A275581F7CBAE8
      SHA1:F0F9CFAF0C22BB73283F8FA989ACB5630ED85060
      SHA-256:0184DD23EEE88A6CC64B69859E1EEF393AE90C99B9B71CC37CBE6E7A042867A9
      SHA-512:AC11273E9620C8099D600086FDCD5E8AB1CF7ED85EABA666B7C65FF162CC5488F5BC1712C2E4C409C0237BB8D04FDDEFE4723F9B46E4C4848B42B1B9305056F1
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BF783963_A874_42CF_9591_57A2F86C3B27" DisplayName="Windows Installer 4.5 for Windows Server 2003 x86" VersionMin="4.5".. SetupFileUrl="http://download.microsoft.com/download/2/6/1/261fca42-22c0-4f91-9451-0e0f2e08356d/WindowsServer2003-KB942288-v4-x86.exe".. Location="1" ExactSize="3071512" MD5="4cf13a65c32e5b9495fc16847e2a4e56".. WinNTVersions="Windows XP SP3 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Windows Installer 4.5"/>.. <ATTRIBUTE name="GroupName" value="Windows Installer"/>.. </COMPONENT>.. <COMPONENT cid="caphyon

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WI 4.5 for XP x86\WI 4.5 for XP x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1346
      Entropy (8bit):5.588743198125528
      Encrypted:false
      SSDEEP:
      MD5:AFA28889A87B6F8A738986F1AA571106
      SHA1:854F99848F460FF6FF9F50908E79D25D94389DAF
      SHA-256:B76FDD60F50A3686B59AC1D68015E6046C8F5883648B57E611B95D27DC399D55
      SHA-512:7F781431C9520114DC9E89D32FE515839C41E4A48A870771DF866BCC3F230E398A5BD55EA24B0143FB76A831C2C5F6034EA6F723FF436716FB6463156BA53EE2
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="F97561F_A63C_45DD_BAA2_75B33EC51871" DisplayName="Windows Installer 4.5 for Windows XP x86" VersionMin="4.5".. SetupFileUrl="http://download.microsoft.com/download/2/6/1/261fca42-22c0-4f91-9451-0e0f2e08356d/WindowsXP-KB942288-v3-x86.exe".. Location="1" ExactSize="3327000" MD5="448447e0ba4560cd558eddb5f5b0809e".. WinNTVersions="Windows Server 2003 SP2 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Windows Installer 4.5"/>.. <ATTRIBUTE name="GroupName" value="Windows Installer"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WIC for WinXP x64\WIC for WinXP x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1439
      Entropy (8bit):5.5370912976491375
      Encrypted:false
      SSDEEP:
      MD5:A63BA6D4A732450EDF8A06EC0AEC16E8
      SHA1:2447B149821653BFFAEC9B6769064E88433E11DE
      SHA-256:8306E7831E35EDABDF6B80151495887FBF41D7A844BA79DE1AA1F65FBC6AF8E9
      SHA-512:98FA345DFD27ADC69FBE400C6F9DA53E9173436239C4CB403E99D0904EC0BF95EEBB0A7455B311A6A2FEBFEA69777BCAEF7A6325034334CE3247F70DAF5623FB
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="BA57544483D4039A1BF076986D819F0" DisplayName="Windows Imaging Component for Windows XP/Server 2003 x64" VersionMin="6.0".. SetupFileUrl="http://download.microsoft.com/download/6/4/5/645FED5F-A6E7-44D9-9D10-FE83348796B0/wic_x64_enu.exe".. Location="1" ExactSize="1911592" MD5="2eb787be1deb373efc259d1f42146419".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="Windows Imaging Component"/>.. <ATTRIBUTE name="G

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WIC for WinXP x86\WIC for WinXP x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1327
      Entropy (8bit):5.547499096165917
      Encrypted:false
      SSDEEP:
      MD5:8E8C201141B9483B71AABE228A2D247F
      SHA1:81C128342D5DB5F5545C31EB6E77F0306079598C
      SHA-256:D5B7A5BA7AF27EC9143FFDF729ACC31B0B01CF00EA82048E093B34F04CD100C0
      SHA-512:A2B9D1014174F1C70EE1AE54ECFDDFD9B31D0A2D4FF111A6049835CD6492BC5AE73C22A0AE10D403BEB20F40C5A6478C99E4ACC2CC623E71CA1A991678BD4C00
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CDC1B3F037CE43ADBEA0E865BCA7B848" DisplayName="Windows Imaging Component for Windows XP/Server 2003 x86" VersionMin="6.0".. SetupFileUrl="http://download.microsoft.com/download/f/f/1/ff178bb1-da91-48ed-89e5-478a99387d4f/wic_x86_enu.exe".. Location="1" ExactSize="1227048" MD5="53f5ccbe5fe06c3b40cc9e34ac909df7".. WinNTVersions="Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="Windows Imaging Component"/>.. <ATTRIBUTE name="GroupName" value="Windows Tools"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WM ActiveSync 4.5\WM ActiveSync 4.5.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1394
      Entropy (8bit):5.545208629019828
      Encrypted:false
      SSDEEP:
      MD5:8D287698623A50BABE5EC98794CEABF3
      SHA1:9D4873829A2490A813A1E819400C83ACACDF5DE4
      SHA-256:6F238614844CB61D7FD78D433727B6108FB4C62AC28615A1E9A6FD4A3286E6C5
      SHA-512:B6FFCB2026A7E60405F8F70C47CB159E74320D8C88F9E8D99CD5D363C6B6DE59987DC1511229EB10CA2DF5668038AFC9F61E49BADB68E23A2AA5B8CACB833130
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B138911_7CF9_468E_94C5_726DA3FA01EF" DisplayName="ActiveSync 4.5" VersionMin="4.5".. SetupFileUrl="http://download.microsoft.com/download/5/4/6/5467c040-a935-4987-aa30-5dcbc36a57db/setup.msi".. Location="1" ExactSize="7886336" MD5="2650ecd7e231c0149fb4821136b5bb98".. WinNTVersions="Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xf" TargetName="ActiveSync 4.5"/>.. <ATTRIBUTE name="GroupName" value="Windows Drivers"/>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WM Device Center 6.1 x64\WM Device Center 6.1 x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1238
      Entropy (8bit):5.513259360754463
      Encrypted:false
      SSDEEP:
      MD5:FA4E46D29FE255D86855657058EB6280
      SHA1:54EBA04E4BCD60AF8A2CF6E5692A0523E257BAB3
      SHA-256:ABA4A91A85F7A2EA6A21434DEEE2A3B3047911FF9625A45C41FB1105566DA563
      SHA-512:A010463FB36F3C2655DD9C5813F8C399FF7A8CE157AEFDA28B713ECA04BBEE5159EC6C253D9C10A8D91ADB61DA1CB89329D14A2DB46A4A726F3AD97F0EFA0CD4
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="AA6A423064816AA10786CF10F1148" DisplayName="Windows Mobile Device Center 6.1 x64" VersionMin="6.1".. SetupFileUrl="http://download.microsoft.com/download/0/4/3/0432540e-2d1a-415d-9c9d-a9963e43503e/drvupdate-amd64.exe".. Location="1" ExactSize="13054856" MD5="d412865db372ff51f4237c496025639b".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64".. NoUiComLine="/q".. Operator="1" Options="xf" TargetName="Windows Mobile Device Center 6.1"/>.. <ATTRIBUTE name="GroupName" value="Windows Drivers"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="AA6A423064816AA10786CF10F1148Syst

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WM Device Center 6.1 x86\WM Device Center 6.1 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1245
      Entropy (8bit):5.570069584680832
      Encrypted:false
      SSDEEP:
      MD5:FB8A3AE5C3BB21A9ECE2D53D0508C5FE
      SHA1:C9D8F46C89CED267EA4EFDCA3B4DA340008FE453
      SHA-256:23B7D55B955178AB18AA705B5CBE9670289E7D658F75D3E412FC4D1698A7D19F
      SHA-512:F8DE2C910C8F1AB471A96CFB8853C4A4FD74A19F625A17B7C744EB6324FCA34B8202EC880B758C891834F47945D6994BC5F0449BE278C77B7BBCFAD487CD8C7F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="FB43752_578B_4EF0_91F8_9FD4E8B33423" DisplayName="Windows Mobile Device Center 6.1 x86" VersionMin="6.1".. SetupFileUrl="http://download.microsoft.com/download/7/3/5/735ec6ea-7607-4e56-a5f0-f7672443727e/drvupdate-x86.exe".. Location="1" ExactSize="12644232" MD5="5aadb2fa66c318fab8525f574575fbe1".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/q".. Operator="1" Options="f" TargetName="Windows Mobile Device Center 6.1"/>.. <ATTRIBUTE name="GroupName" value="Windows Drivers"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="FB43752_578B_4EF0_91F8_9FD4E8B33423SystemFol

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WMF BITS 2.0 for WS2003 x86\WMF BITS 2.0 for WS2003 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1637
      Entropy (8bit):5.577484212498497
      Encrypted:false
      SSDEEP:
      MD5:A6779A7B0E8BC7942E6391D3BD8AFAEF
      SHA1:90A33F0874080A6E2C6886C32ADCD725BBE7F01A
      SHA-256:80E6C9CCF45D90035514013B1BD580657B2BB5B41CFD8B0C70C5E36E781444C7
      SHA-512:3B756E0ACCE02CD2434268294CD6CF2E8ABDFADC12B00EE1ADA6F071F840D19929CE6E36D8DF17B77A620A82FA1B1C413B1284DC1FCF6757C79C80C709C01CE1
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="CB5C615EC734473C935D2F8F6349EBE6" DisplayName="Windows Management Framework BITS 2.0 for Windows Server 2003 x86" VersionMin="2.0".. SetupFileUrl="http://download.microsoft.com/download/1/d/e/1dec9a84-78b3-46d0-82cc-68f43202f0d6/WindowsServer2003-KB842773-x86-enu.exe".. Location="1" ExactSize="721136" MD5="1ba053e87079d7f4a9d31d6158686371".. WinNTVersions="Windows XP SP3 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Windows Management Framework BITS 2.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WMF BITS 2.5 for WS2003 x86\WMF BITS 2.5 for WS2003 x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1637
      Entropy (8bit):5.591737499077225
      Encrypted:false
      SSDEEP:
      MD5:D174D9652E02C164A0875AE2C67A6A62
      SHA1:E738232F13E04A5798A6D0AA8945E67AC2E0DB07
      SHA-256:48A7C848AAE719F05F2F71C14BF5E1C0B3389247F037A3105AC4492D1666E9EC
      SHA-512:ABE9B4B14B6BBC694F1AC2D907992644DC35350F07CE40717B531F79EC9CA32720D2F2A1901B744F577B128C3A587F32F2875A021303DF92B25DE33F734EE0C4
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="B2EC5560985F4D4CABA74A47E562C0BD" DisplayName="Windows Management Framework BITS 2.5 for Windows Server 2003 x86" VersionMin="2.5".. SetupFileUrl="http://download.microsoft.com/download/7/9/2/792779ad-9274-4044-a13a-175686694345/WindowsServer2003-KB923845-x86-ENU.exe".. Location="1" ExactSize="670600" MD5="d2973db817722e6c425568bf21b770cd".. WinNTVersions="Windows XP SP3 x86, Windows Vista x86, Windows Server 2008 x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Windows Management Framework BITS 2.5"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WMF BITS 2.5 for XP x64\WMF BITS 2.5 for XP x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1705
      Entropy (8bit):5.5566126661390784
      Encrypted:false
      SSDEEP:
      MD5:8486409AD7714B052F257DAB59437AD5
      SHA1:4B18695A0D598B347F0C6683D54A91758471A016
      SHA-256:94DEEF76BBFE4D3857DB7CCA69EA43AB0DFF306E5FCEF055574C46AC88438A5D
      SHA-512:FB14AE11C72EC4F49E13C678909DF5AA3F8072B4CC9361D0DF8C4A4C02C9200621A85D9CB2FB074657A84BAE7E62C529F1CDAB3A7781FEFC4E5ADDDE3BE2DD81
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D93D354F61838D67D6D6B85B76" DisplayName="Windows Management Framework BITS 2.5 for Windows XP/Server 2003 x64" VersionMin="2.5".. SetupFileUrl="http://download.microsoft.com/download/b/1/3/b1331fee-a1a8-49af-b6da-fbdc6eb787bf/WindowsServer2003.WindowsXP-KB923845-x64-ENU.exe".. Location="1" ExactSize="1128840" MD5="be39c35c237636f45d6bb7e68276c20c".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetName="Windows Mana

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WMF BITS 4.0 for Vista x64\WMF BITS 4.0 for Vista x64.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1757
      Entropy (8bit):5.579218169323356
      Encrypted:false
      SSDEEP:
      MD5:3978BAF29D887B7C1280A0B56BF450A6
      SHA1:2E1D811E618A3D3FC5C14FC878A3CF3BCFAAD242
      SHA-256:3F1153AB643CF51DAB4FF9B38BB1CDCC77072777E12C789E2D5471D96BD760DD
      SHA-512:1A188BF5E755CBF804A032AA54F57998955864282E21EB1E8108BA413A9FD70352B854480EFD4FA0CBF7954DC1D466CA6B1FE8B3A7630D9262B61C96790B9114
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="15.7" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="AE804FBA156243D8A51B39AFA2F90E80" DisplayName="Windows Management Framework BITS 4.0 for Windows Vista/Server 2008 x64" VersionMin="4.0".. SetupFileUrl="http://download.microsoft.com/download/D/D/3/DD3CECA2-0866-4DFB-9873-16B5F354EB9F/Windows6.0-KB960568-x64.msu".. Location="1" ExactSize="2024778" MD5="450056d35ff4ddd88db92c97f25076e9".. WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86".. WinNT64Versions="Windows XP SP2 x64, Windows Server 2003 SP2 x64, Windows Vista RTM x64, Windows 7 x64, Windows Server 2008 R2 x64, Windows 8 x64, Windows Server 2012 x64, Windows 8.1 x64, Windows Server 2012 R2 x64, Windows 10 x64, Windows Server x64".. NoUiComLine="/quiet".. Operator="1" Options="xy" TargetNa

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\WMF BITS 4.0 for Vista x86\WMF BITS 4.0 for Vista x86.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1627
      Entropy (8bit):5.596254434231342
      Encrypted:false
      SSDEEP:
      MD5:3070852E1B97E36EE1324CF3EB96BCF0
      SHA1:6EB8A30F4625B659BD305A56B34897EEBDAE34E0
      SHA-256:7A2E56F4AA1C1AE897BBC86922AE0709767AE4A43459DFBC050245B248869BCD
      SHA-512:D8306AA300078F8CA613BB62A304ACFA7EA520B0FDCB60F85B096EBA1D762E9CCFC846B4D92559010D6E0E4207BAF92519B9E9B3E3D7BD113953942D531E1AE4
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="14.1" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="C2B1543C2B4EDAA5743B9AAC93133D" DisplayName="Windows Management Framework BITS 4.0 for Windows Vista/Server 2008 x86" VersionMin="4.0".. SetupFileUrl="http://download.microsoft.com/download/8/F/9/8F917766-5CBA-4B9A-81FB-10A97E851392/Windows6.0-KB960568-x86.msu".. Location="1" ExactSize="1543745" MD5="324474fba6170f0419930cc485a041f1".. WinNTVersions="Windows XP SP3 x86, Windows Server 2003 SP2 x86, Windows Vista RTM x86, Windows 7 x86, Windows 8 x86, Windows 8.1 x86, Windows 10 x86".. WinNT64Versions="Windows XP/Vista/Windows 7/Windows 8 x64/Windows 8.1 x64/Windows 10 x64".. NoUiComLine="/quiet".. Operator="1" Options="y" TargetName="Windows Management Framework BITS 4.0"/>.. <ATTRIBUTE name="GroupName" value="Windows Management Framework"/>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\XNA Framework 3.1\XNA Framework 3.1.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1083
      Entropy (8bit):5.645986789215295
      Encrypted:false
      SSDEEP:
      MD5:4CCAC8ACCC52E02A32B4E415827B6FA7
      SHA1:2173A524C6C70FEACECC06D796B7309CB24EE921
      SHA-256:2D824EDD46289C3C55B74A4437C568AF77BE239FA5EEFEAAA83EB837C917FB8E
      SHA-512:6B3997F0F5CAAEF335185C5873C56826168CC530EF1DAFE4798BE141C05A0BFBE04B3C7132B3B68664A9D17F2B21C0F4685020BD19499145A531A68C13048367
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="AD1B210E_3B82_4BF7_8949_544FC6EA5471" DisplayName="XNA Framework 3.1" VersionMin="3.1".. SetupFileUrl="http://download.microsoft.com/download/5/9/1/5912526C-B950-4662-99B6-119A83E60E5C/xnafx31_redist.msi".. Location="1" ExactSize="7671808" MD5="52873853e4981d5b9147c93472bb4ee7".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="XNA Framework 3.1"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Games"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="AD1B210E_3B82_4BF7_8949_544FC6EA5471ProductVersion" Prereq="AD1B210E_3B82_4BF7_8949_544FC6EA5471" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\XNA\Framework\v3.1\ProductVersion" VerMin="3.1.10527.0".. Order="1" Property="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\fragments\prerequisites\XNA Framework 4.0\XNA Framework 4.0.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1083
      Entropy (8bit):5.63558275444986
      Encrypted:false
      SSDEEP:
      MD5:99CB59E8E6953CA02407F964546F558F
      SHA1:D3620FD958D7940B9F7AF5D9267F3872C2E47A63
      SHA-256:264918BB3120E384EA7B2208A28AE02CB314071354AEDAE5785DF13B838AE0A3
      SHA-512:9433F075C57690F33F7EADDAE56281813B8A690EC46C42ECE86D12F03F8A5008AF3094B206C42E1FF522C455F1B4F282FA1F59E073D850DAD0771CD4DF5EA2CA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="13.2" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqComponent">.. <ROW PrereqKey="D3622AD6_F352_447D_8FBB_300448C7B465" DisplayName="XNA Framework 4.0" VersionMin="4.0".. SetupFileUrl="http://download.microsoft.com/download/5/3/A/53A804C8-EC78-43CD-A0F0-2FB4D45603D3/xnafx40_redist.msi".. Location="1" ExactSize="7060992" MD5="f949909f4cfe27a17e6ca047fb8d4a46".. NoUiComLine="/quiet".. Operator="1" Options="f" TargetName="XNA Framework 4.0"/>.. <ATTRIBUTE name="GroupName" value="Microsoft Games"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.PreReqSearchComponent">.. <ROW SearchKey="D3622AD6_F352_447D_8FBB_300448C7B465ProductVersion" Prereq="D3622AD6_F352_447D_8FBB_300448C7B465" SearchType="2".. SearchString="HKLM\SOFTWARE\Microsoft\XNA\Framework\v4.0\ProductVersion" VerMin="4.0.30901.0".. Order="1" Property="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\license.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):20920
      Entropy (8bit):4.979010052471284
      Encrypted:false
      SSDEEP:
      MD5:7BCE3E23E77EB7E1EDFC72D54D75E9FC
      SHA1:4513CC413C63ABE89FE117B7EAD3317C44BCA419
      SHA-256:CFC1B81595DBE37BED0212BB30B714ABA79A770C52C95546B1A34F1F8A1A71E4
      SHA-512:9F1054D9B5128C9DFA1FB12009E80753FA1F97AE0491F76A72EE6B1B517AB5397DC2BCD6166EB60A8176C412C9B917B5D58AC00065C6EF73DA5E3E500BEABB82
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\nouicompat\deflang1033{\fonttbl{\f0\fswiss\fprq2\fcharset0 Verdana;}}..{\colortbl ;\red197\green0\blue11;\red0\green69\blue134;\red0\green0\blue255;\red0\green132\blue209;}..{\*\generator Riched20 10.0.16299}\viewkind4\uc1 ..\pard\b\f0\fs24 END USER LICENSE AGREEMENT\b0\fs20\par..\par..\cf1\b THIS SOFTWARE END USER LICENSE AGREEMENT ("EULA") IS A LEGAL AGREEMENT BETWEEN YOU (EITHER AN INDIVIDUAL OR, IF PURCHASED OR ACQUIRED BY OR FOR AN ENTITY, AN ENTITY) AND CAPHYON. IT PROVIDES A LICENSE TO USE THIS SOFTWARE AND CONTAINS WARRANTY INFORMATION AND LIABILITY DISCLAIMERS. BY DOWNLOADING, INSTALLING OR USING THE SOFTWARE YOU ARE INDICATING YOUR ASSENT TO THE TERMS OF THIS LICENSE. IF YOU DO NOT AGREE TO ALL OF THE FOLLOWING TERMS, DO NOT DOWNLOAD OR INSTALL THE SOFTWARE, DISCONTINUE ITS USE IMMEDIATELY AND DESTROY ALL COPIES IN YOUR POSSESION.\b0\par..\par..\cf2\b\fs22 1. DEFINITIONS\cf0\b0\fs20\par..\par..\i a)\i0 "Caphyon" means Caphyon SRL.\par..\par..\i

      C:\Users\user\AppData\Local\Temp\Advanced Installer\osprovision\autoprovisioning\image.ima

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:DOS/MBR boot sector, code offset 0x3c+2, OEM-ID "MSDOS5.0", root entries 224, sectors 2880 (volumes <=32 MB), sectors/FAT 9, sectors/track 18, serial number 0x70140065, unlabeled, FAT (12 bit), followed by FAT
      Category:dropped
      Size (bytes):1474560
      Entropy (8bit):0.007645124626297023
      Encrypted:false
      SSDEEP:
      MD5:CBD4EB3F6784AD7A9885D10D35BAEB6F
      SHA1:28E4ACF276F98F9ADF03D1165CE8A1CD110DB6A3
      SHA-256:997C1D162E7EF3F9FC5B7D8D2A1AD831835B82BE385ED80AE1AC81E9F0CD17FA
      SHA-512:EB7412F9AED6FCCC9C81743FB528A737B626364E168C56743FD0E72AC72D7263508E70A88DB0F8C2F13A150ACF7B4F41EBE0F300C01E3AF393BE26D744293B92
      Malicious:false
      Reputation:low
      Preview:.<.MSDOS5.0........@..................)e..pNO NAME FAT12 ................................................................................................................................................................................................................................................................................................................................................................................................................................................................U.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\osprovision\autoprovisioning\osprovision.cmd

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:DOS batch file, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):215
      Entropy (8bit):4.957690619052233
      Encrypted:false
      SSDEEP:
      MD5:E05D4E7E114A84A8FF9287D056846EDE
      SHA1:E71AF6E6D0F119F7C8D3510FF71AF994FC28DAAF
      SHA-256:03143393247E0488B583A8A6985403B62803ACDEABFAEE363DFC987C61AD1DAE
      SHA-512:AE30A3443549270917FB2E4B1B7AE498B068C7158EBFC43FD38573B93FFE677B6668FA5C0B4F39B3E301B64C7CC7D0E6514B6B2EEF922AFC2F136E340C16C7A0
      Malicious:false
      Reputation:low
      Preview:@echo off....:: search for installation media..FOR %%i IN (C D E F G H I J K L N M O P Q R S T U V W X Y Z) DO IF EXIST %%i:\osprovision.exe set DVDDrive=%%i:....start /wait %DVDDrive%\osprovision.exe /quiet....exit

      C:\Users\user\AppData\Local\Temp\Advanced Installer\osprovision\autoprovisioning\platformtools.cmd

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:DOS batch file, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):295
      Entropy (8bit):5.287857829498203
      Encrypted:false
      SSDEEP:
      MD5:76CEF2E4E63E63262ACA614558C8B719
      SHA1:44723644DEE21CB9E14EF9ACA2F04CA26461C903
      SHA-256:510C6258D5D99C8A4A99F26AC1A19393CADFAD310423825EBBF9830A34A6E135
      SHA-512:04BDF9C13A8221C26A87BB407F022681C2BEE24FED6C42BFEB44F71266317683DF3F916858DE4573D6417CB4C7D868F2CE0ADBCE2F6AB8449285E56F5BFD2D02
      Malicious:false
      Reputation:low
      Preview:@echo off....:: search for installation media..FOR %%i IN (C D E F G H I J K L N M O P Q R S T U V W X Y Z) DO IF EXIST %%i:\osprovision.exe set DVDDrive=%%i:....if "%PROCESSOR_ARCHITECTURE%"=="AMD64" goto 64BIT....$PLATFORM_TOOLS_X86$....goto END..:64BIT....$PLATFORM_TOOLS_X64$....:END....exit

      C:\Users\user\AppData\Local\Temp\Advanced Installer\osprovision\autoprovisioning\vista_plus\bios\Autounattend.xml

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text
      Category:dropped
      Size (bytes):10384
      Entropy (8bit):5.067293270184074
      Encrypted:false
      SSDEEP:
      MD5:50FD22056EDB9F7EC83D217B95A8DED2
      SHA1:2034D96476283E03459266DD3A59C6A5F0EDA992
      SHA-256:98DC17DAFDDF67FF764735CFB56FD516E73564EF87C053992198B2B6368BA8E1
      SHA-512:E99C776F48FB5FF71C5FB440985D36FEB5EB9ABD0CB088CC6F0DBC7271B9AF7F71F19E0088B70DC3FEC42F6C08E9EDC21DBA6C87D429AECD8BF807F345669C35
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="utf-8"?>.<unattend xmlns="urn:schemas-microsoft-com:unattend">. <settings pass="windowsPE">. <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">. <SetupUILanguage>. <UILanguage>en-US</UILanguage>. </SetupUILanguage>. <InputLocale>en-us</InputLocale>. <SystemLocale>en-us</SystemLocale>. <UILanguage>en-us</UILanguage>. <UserLocale>en-us</UserLocale>. </component>. <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">. <SetupUILanguage>. <UILanguage>en

      C:\Users\user\AppData\Local\Temp\Advanced Installer\osprovision\autoprovisioning\vista_plus\uefi\Autounattend.xml

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text
      Category:dropped
      Size (bytes):11124
      Entropy (8bit):5.015541995036244
      Encrypted:false
      SSDEEP:
      MD5:D85591B6FAC63F614D4D834313343071
      SHA1:1A2B3EF1B6660090469C03CE4634580FE5F8CC57
      SHA-256:7E2826DDFB79137DD14DA6BADC5412DFC7754A486B5101B9FC7834CF9FA25012
      SHA-512:985376159466EEE05D29349E100390151749EA4E1A6DF7CD3FF5991D35A66E34B4927886CADAF27FEB0860E4E8244ADC260A77E112307BBDEFFBF6BB88F7A27C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="utf-8"?>.<unattend xmlns="urn:schemas-microsoft-com:unattend">. <settings pass="windowsPE">. <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">. <SetupUILanguage>. <UILanguage>en-US</UILanguage>. </SetupUILanguage>. <InputLocale>en-us</InputLocale>. <SystemLocale>en-us</SystemLocale>. <UILanguage>en-us</UILanguage>. <UserLocale>en-us</UserLocale>. </component>. <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">. <SetupUILanguage>. <UILanguage>en

      C:\Users\user\AppData\Local\Temp\Advanced Installer\osprovision\autoprovisioning\xp\WINNT.SIF

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Generic INItialization configuration [Unattended]
      Category:dropped
      Size (bytes):913
      Entropy (8bit):5.16923509914063
      Encrypted:false
      SSDEEP:
      MD5:196542219126B10F6D95BD783DAE406A
      SHA1:6EB516278ED0B0F0AEB642F00FD4332106BB7152
      SHA-256:F23F2B59278E554452E9165BA751D947135E795297DF637FBB3A8F88F41E29DF
      SHA-512:1104939D9A75BCD11EE11C764F77F3DF2EF760B943BA8C23D5E7272D98FF860CCD823DB367F9528A3804318DC5DD2B858C8EFC4F36F84A6B20991CD86DCDFBB6
      Malicious:false
      Reputation:low
      Preview:;SetupMgrTag..[Data].. AutoPartition=1.. MsDosInitiated="0".. UnattendedInstall="Yes".. AutomaticUpdates=yes....[Unattended].. UnattendMode=FullUnattended.. OemSkipEula=Yes.. OemPreinstall=Yes.. TargetPath=\WINDOWS.. Repartition=Yes.. UnattendSwitch="yes".. WaitForReboot="No".. KeyboardLayout="US"....[GuiUnattended].. AdminPassword=$ADMIN_PASS$.. EncryptedAdminPassword=NO.. AutoLogon=Yes.. AutoLogonCount=99.. OEMSkipRegional=1.. OemSkipWelcome=1.. TimeZone=85....[UserData].. ProductKey=$SERIAL_KEY$.. FullName="Caphyon".. OrgName="Caphyon".. ComputerName=$COMPUTER_NAME$....[Identification].. JoinWorkgroup=WORKGROUP....[Networking].. InstallDefaultComponents=Yes....[Components].. msmsgs=off.. msnexplr=off.. freecell=off.. hearts=off.. minesweeper=off.. pinball=off.. solitaire=off.. spider=off.. zonegames=off....[GuiRunOnce].. a:\platformtools.cmd.. a:\osprovision.cmd

      C:\Users\user\AppData\Local\Temp\Advanced Installer\packeg.msi

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Dec 11 11:47:44 2009, Security: 0, Code page: 1252, Name of Creating Application: Advanced Installer 15.9 build cba2c02e, Number of Pages: 200, Title: Advanced Installer 15.9, Subject: Russian Edition, Author: Loginvovchyk, Keywords: 2019 Loginvovchyk, Comments: http://loginvovchyk.ru, Template: ;1049, Revision Number: {1019FDC9-D963-4486-B7FC-95EAD3D51506}, Last Saved By: diakov.net, Last Printed: Thu May 2 09:48:44 2019, Number of Words: 4
      Category:dropped
      Size (bytes):5246976
      Entropy (8bit):6.478322062891484
      Encrypted:false
      SSDEEP:
      MD5:BB3DF6028F4945DBE71AC53B12BCCB1C
      SHA1:D065DE447D9BEBE4C836B4049663E9B771C22E63
      SHA-256:782870927FA3AD690E5E4B917B7559EE7ED4E0B4D14EE84B807C57648E862B86
      SHA-512:99476A73686B07AE7CEF47CC176F5F8FE2D2410F6197A07079E53B131D144823C2D9B20FBEBC798CB4BD178A35EBBBA19A71084077B597DA3791627E96A96B5A
      Malicious:false
      Reputation:low
      Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\profiles\repackager\default.cfg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1570
      Entropy (8bit):4.96650873490221
      Encrypted:false
      SSDEEP:
      MD5:B8A3E78AD79C819343B1D0A4BA2ED2D4
      SHA1:C0F0649471E469B9B69D04CA119412479C446397
      SHA-256:ABC74770AB445E36B570F54E95F414DA97A657CE8C0D08B7945C23C8C7D9E89E
      SHA-512:644734EE624F4303EB58346DB47AED82B83B9B4081C3978784D329D92D9C2E4FDF6C3782097741C326A520EAC5F210D0952E0B1609392A51612FC7710CF9E686
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<CONFIG Name="Default" CreateVersion="1.0" Version="1.0" Type="ReadOnly">.. <OPTION type="single" name="ParseINIFiles">.. <PARAM value="true"/>.. </OPTION>.. <OPTION type="single" name="ParseXMLFiles">.. <PARAM value="false"/>.. </OPTION>.. <OPTION type="single" name="DetectMsm">.. <PARAM value="true"/>.. </OPTION>.. <OPTION type="single" name="ExtractLinkInfo">.. <PARAM value="true"/>.. </OPTION>.. <OPTION type="single" name="AdvertisedShortcuts">.. <PARAM value="true"/>.. </OPTION>.. <OPTION type="single" name="ExtractVersionInfo">.. <PARAM value="false"/>.. </OPTION>.. <OPTION type="single" name="ProcessServices">.. <PARAM value="true"/>.. </OPTION>.. <OPTION type="single" name="ProcessDrivers">.. <PARAM value="true"/>.. </OPTION>.. <OPTION type="single" name="ProcessFileAssociations">.. <PARAM value="true"/>.. </OPTION>.. <OPTION type="single" name="ProcessEnvironmentVariables">

      C:\Users\user\AppData\Local\Temp\Advanced Installer\profiles\repackager\default.flt

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):25585
      Entropy (8bit):5.384579198346269
      Encrypted:false
      SSDEEP:
      MD5:E83298D83AC310FCC442011DFA06E04A
      SHA1:83368DF827570CE4E31718767C77AB81F51C7CF4
      SHA-256:55575D6A19E22D8062164A2B14A85D2C2831F5F3473E2D41445D452D8129B873
      SHA-512:979D50A892FCD9F914A61E3912B336A769A7B6CAD5663339F4F1FF3985B368D3ACE54FE0E7F468F05AF3C7168ADE72AA04C133B7BF28A6166FF1749FBA107BA9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<REPACKAGER-FILTERS Profile="Default" CreateVersion="1.0" Version="1.0" Type="ReadOnly">.. <FILE-INCLUDE>.. <FILE path="WindowsVolume"/>.. </FILE-INCLUDE>.. <FILE-EXCLUDE>.. <FILE path="AppDataFolder\Caphyon"/>.. <FILE path="AppDataFolder\Microsoft\HTML Help"/>.. <FILE path="AppDataFolder\Microsoft\Windows\Recent"/>.. <FILE path="AppDataFolder\Microsoft\Search"/>.. <FILE path="AppDataFolder\Microsoft\Crypto"/>.. <FILE path="AppDataFolder\Microsoft\Installer"/>.. <FILE path="CommonAppDataFolder\Caphyon"/>.. <FILE path="CommonAppDataFolder\Microsoft\PRICache"/>.. <FILE path="CommonAppDataFolder\Microsoft\Crypto"/>.. <FILE path="CommonAppDataFolder\Microsoft\Search"/>.. <FILE path="CommonAppDataFolder\Microsoft\HTML Help"/>.. <FILE path="CommonAppDataFolder\Microsoft\RAC"/>.. <FILE path="CommonAppDataFolder\Microsoft\Windows\DeviceMetadataStore"/>.. <FILE path="CommonAppDataFolder\Micr

      C:\Users\user\AppData\Local\Temp\Advanced Installer\profiles\sccm\application_default.cfg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
      Category:dropped
      Size (bytes):245
      Entropy (8bit):5.143617039270526
      Encrypted:false
      SSDEEP:
      MD5:EB08B0C65ED8B67E640C3F61B20D1710
      SHA1:A38C2527E8D80D091E6961621E5E8A462B5DF319
      SHA-256:D2A87D7129A166D9363A03D3AA13C90496D5ECABD7FFD1AABBE87ED10A34CA14
      SHA-512:CD2FAC0E5CE54C9DF69FC905A353758F89729F677127002508942BCDA6F5AB92D590E0F61ABE030E8E5345C61B35FF48483452B0395940E99CC043F672ED0D87
      Malicious:false
      Reputation:low
      Preview:.<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<Application>.. <Name>[|ProductName]</Name>.. <Version>[|ProductVersion]</Version>.. <Publisher>[|Manufacturer]</Publisher>.. <Language>[|ProductLanguage]</Language>..</Application>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\profiles\sccm\appv_4.x_application_default.cfg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
      Category:dropped
      Size (bytes):297
      Entropy (8bit):5.219619307417001
      Encrypted:false
      SSDEEP:
      MD5:00EA0269CABB9CA400E50E1B55F3BD49
      SHA1:5223DC9C943BCEC355DF4478C37065F1BAE85ECC
      SHA-256:66E3EE309CE7A4E8872D1A6DA7E08678CDA0A7A3A20235A8DA426C5728320A3C
      SHA-512:7A30C69C59C6B6F92576563CEB7124C879FE793F7724644646B834F7F5B8322ECA7A87A7C9C9E00707E36F80CB70FFC40CBC4E324FA1B03261DE45382EE2FE61
      Malicious:false
      Reputation:low
      Preview:.<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<Application Type="ReadOnly" Name="AppV 4.x Application Default">.. <Name>[|ProductName]</Name>.. <Version>[|ProductVersion]</Version>.. <Publisher>[|Manufacturer]</Publisher>.. <Language>[|ProductLanguage]</Language>..</Application>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\profiles\sccm\appv_4.x_package_default.cfg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
      Category:dropped
      Size (bytes):870
      Entropy (8bit):5.179219115258647
      Encrypted:false
      SSDEEP:
      MD5:C503E7A23410B1EA83E2F57655519776
      SHA1:6AC1F2226BCA02CB89879A2928AAF408B450E6EB
      SHA-256:3A16F1DCE3F8AEA35D7B14620CE6CC2A818406F707CDA57F89E8BDB80F0524E5
      SHA-512:504C98C952AFB057403DC2F790BFC4B064BAA2F576C1488055599FCE5019A2F2AAD6D8D1D0CD366C04A54BC25E9C92A9E3B9BB7DF510397411750DD301762CB2
      Malicious:false
      Reputation:low
      Preview:.<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<PackageDefinition PdfVersion="2.0" Type="ReadOnly" Name="AppV 4.x Package Default">.. <Name>[|ProductName]</Name>.. <Version>[|ProductVersion]</Version>.. <Publisher>[|Manufacturer]</Publisher>.. <Language>[|ProductLanguage]</Language>.. <Program>.. <Name>[Virtual application]</Name>.. <CommandLine>L"PkgGUID = [|PackageGUID]:VersionGUID = [|PackageVersionGUID]"</CommandLine>.. <CanRunWhen>AnyUserStatus</CanRunWhen>.. <UserInputRequired>False</UserInputRequired>.. <AdminRightsRequired>True</AdminRightsRequired>.. <UseInstallAccount>False</UseInstallAccount>.. <DriveLetterConnection>False</DriveLetterConnection>.. <ReconnectDriveAtLogon>False</ReconnectDriveAtLogon>.. <Assignment>FirstUser</Assignment>.. <Disabled>False</Disabled>.. </Program>..</PackageDefinition>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\profiles\sccm\appv_5.x_application_default.cfg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
      Category:dropped
      Size (bytes):297
      Entropy (8bit):5.219619307417001
      Encrypted:false
      SSDEEP:
      MD5:2352AA156680694C3319B571245D3EC6
      SHA1:B65B31E41D1FDBF4CF0472DF80C78D9001CFDDC2
      SHA-256:2FC96C3F91A05F493BB4DDB106CEE10D1D2C342BC7B8C672B1E78D57231FFB66
      SHA-512:537C3988331254EFB14D455028ABCE2CFC45B729F5E8FAB29D1156DF7B3F29B494721D88BBAC188336029ADBC45D890E2E9D98B499EC3EA6714A4620CD773434
      Malicious:false
      Reputation:low
      Preview:.<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<Application Type="ReadOnly" Name="AppV 5.x Application Default">.. <Name>[|ProductName]</Name>.. <Version>[|ProductVersion]</Version>.. <Publisher>[|Manufacturer]</Publisher>.. <Language>[|ProductLanguage]</Language>..</Application>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\profiles\sccm\appx_application_default.cfg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
      Category:dropped
      Size (bytes):293
      Entropy (8bit):5.195493745168769
      Encrypted:false
      SSDEEP:
      MD5:9714CB54955B978F11133E369D22141D
      SHA1:806F9D7640B9BC86C016B1FF238C6D0F3FC115F3
      SHA-256:FFBDDDF3A599351EB7FB151674D4BCCD07E425B864782FF4DBDB58E1659E54B5
      SHA-512:A39A4E30B377C3B1DE48A7951F46AA42A4630B3D420E67B6BA231983F874FB277A1B5203B81D9D33C125D40C4F15A7D66A66A015DEE2E4442A6A8001E743848C
      Malicious:false
      Reputation:low
      Preview:.<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<Application Type="ReadOnly" Name="Appx Application Default">.. <Name>[|ProductName]</Name>.. <Version>[|ProductVersion]</Version>.. <Publisher>[|Manufacturer]</Publisher>.. <Language>[|ProductLanguage]</Language>..</Application>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\profiles\sccm\msi_application_default.cfg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
      Category:dropped
      Size (bytes):292
      Entropy (8bit):5.22180696314421
      Encrypted:false
      SSDEEP:
      MD5:0BA8760B99BFA5274D89C6971BB731F2
      SHA1:146C061C512839B733E28E3434DE9174608BD86A
      SHA-256:31019F2AB23901E5F5F3898878F6EE3D39D9749E35FE1B3BB321F90CAEA716BA
      SHA-512:096F0ACCE675A672817396C5DEDC428BB693699594C6AF62C6D61CD2972FB1ABA64D4A7B92C3CA3577A8CFF8840EF3CC16A02797EAA8D0E3A9B468D250BC497F
      Malicious:false
      Reputation:low
      Preview:.<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<Application Type="ReadOnly" Name="MSI Application Default">.. <Name>[|ProductName]</Name>.. <Version>[|ProductVersion]</Version>.. <Publisher>[|Manufacturer]</Publisher>.. <Language>[|ProductLanguage]</Language>..</Application>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\profiles\sccm\msi_exe_package_default.cfg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
      Category:dropped
      Size (bytes):3459
      Entropy (8bit):4.979349374996077
      Encrypted:false
      SSDEEP:
      MD5:0E52F50E19E7B63DE26F8317B4AB5C0C
      SHA1:E1A1F0EC0F502FE5D137389EC231450509633B19
      SHA-256:97D306EB8D15ED6465EEA6A23BE450B7C956D4ACDA888524EA26A0E7E5D912C6
      SHA-512:4CD140E7F07E64F8B3C2F83964F88793F76F5F20A60DD88611BFE46590F3ACF0AD787F205BAB41EACCFD48B4A6E8BAF688B9F38E2B2080425E8B87F83227A1A3
      Malicious:false
      Reputation:low
      Preview:.<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<PackageDefinition PdfVersion="2.0" Type="ReadOnly" Name="EXE Package Default ( Advanced Installer )">.. <Name>[|ProductName]</Name>.. <Version>[|ProductVersion]</Version>.. <Publisher>[|Manufacturer]</Publisher>.. <Language>[|ProductLanguage]</Language>.. <Program>.. <Name>Per-User Attended</Name>.. <CommandLine>"[|SetupFileName]" ALLUSERS=""</CommandLine>.. <CanRunWhen>UserLoggedOn</CanRunWhen>.. <UserInputRequired>True</UserInputRequired>.. <AdminRightsRequired>False</AdminRightsRequired>.. <UseInstallAccount>False</UseInstallAccount>.. <DriveLetterConnection>False</DriveLetterConnection>.. <ReconnectDriveAtLogon>False</ReconnectDriveAtLogon>.. <Assignment>FirstUser</Assignment>.. <Disabled>False</Disabled>.. </Program>.. <Program>.. <Name>Per-User Unattended</Name>.. <CommandLine>"[|SetupFileName]" /exenoui /q ALLUSERS=""</CommandLine>.. <CanRunWhen>UserLoggedOn</CanRunWhen>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\profiles\sccm\msi_package_default.cfg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
      Category:dropped
      Size (bytes):3445
      Entropy (8bit):4.97110715134261
      Encrypted:false
      SSDEEP:
      MD5:65DF85D330E7D827967BB653F137128B
      SHA1:1E7C88D524DC5A58C9A7557F843E72C71B7B183F
      SHA-256:4C67B97A455D5050007DEE4C0BDB8219FD91C8F9609749EC1D41587AD13BEC60
      SHA-512:3CEB865ED18679EC507CE831B9F55C5915D66D4C0CF1FDFB947C44494434503A21092917E67CBCD585B02F4A7FD851E5D3E9DC2087A7367CBEA64D3AC22AD925
      Malicious:false
      Reputation:low
      Preview:.<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<PackageDefinition PdfVersion="2.0" Type="ReadOnly" Name="MSI Package Default">.. <Name>[|ProductName]</Name>.. <Version>[|ProductVersion]</Version>.. <Publisher>[|Manufacturer]</Publisher>.. <Language>[|ProductLanguage]</Language>.. <Program>.. <Name>Per-User Attended</Name>.. <CommandLine>msiexec ALLUSERS="" /i "[|SetupFileName]"</CommandLine>.. <CanRunWhen>UserLoggedOn</CanRunWhen>.. <UserInputRequired>True</UserInputRequired>.. <AdminRightsRequired>False</AdminRightsRequired>.. <UseInstallAccount>False</UseInstallAccount>.. <DriveLetterConnection>False</DriveLetterConnection>.. <ReconnectDriveAtLogon>False</ReconnectDriveAtLogon>.. <Assignment>FirstUser</Assignment>.. <Disabled>False</Disabled>.. </Program>.. <Program>.. <Name>Per-User Unattended</Name>.. <CommandLine>msiexec /q ALLUSERS="" /i "[|SetupFileName]"</CommandLine>.. <CanRunWhen>UserLoggedOn</CanRunWhen>.. <UserIn

      C:\Users\user\AppData\Local\Temp\Advanced Installer\profiles\sccm\package_default.cfg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
      Category:dropped
      Size (bytes):772
      Entropy (8bit):5.0771364842253845
      Encrypted:false
      SSDEEP:
      MD5:949B06406336E804B7501D2D3ACFFA18
      SHA1:B84486765CCB3DC3EFF08E23D031A7D124336073
      SHA-256:4A7A0D6B19A9631FF977EF920AA1D4B9637D747CD2396772110653C538E89B99
      SHA-512:976EA5C5D8170308E7659CCD235E8270E942CF97774ED2BF4389514A9D0B9E81A5183AB2C2334CD8CE41DE308C945A22525584EB730851334024587002E775A8
      Malicious:false
      Reputation:low
      Preview:.<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<PackageDefinition PdfVersion="2.0">.. <Name>[|ProductName]</Name>.. <Version>[|ProductVersion]</Version>.. <Publisher>[|Manufacturer]</Publisher>.. <Language>[|ProductLanguage]</Language>.. <Program>.. <Name>Your Application</Name>.. <CommandLine>YourApplication.exe</CommandLine>.. <CanRunWhen>UserLoggedOn</CanRunWhen>.. <UserInputRequired>True</UserInputRequired>.. <AdminRightsRequired>False</AdminRightsRequired>.. <UseInstallAccount>False</UseInstallAccount>.. <DriveLetterConnection>False</DriveLetterConnection>.. <ReconnectDriveAtLogon>False</ReconnectDriveAtLogon>.. <Assignment>FirstUser</Assignment>.. <Disabled>False</Disabled>.. </Program>..</PackageDefinition>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\IconPickerNoIcon.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):768
      Entropy (8bit):7.625003557716144
      Encrypted:false
      SSDEEP:
      MD5:62B2B58E196CB4B6B87F73A55E9020CE
      SHA1:D2C04451C3EB9B37DE50CDBAAB51441257E8C0E3
      SHA-256:5B84F899BF4CA859942ABBA2C08EDED07D8EB0320FDEB6DA20291B6E1834A88A
      SHA-512:A5A50F77BCA934091BCA0A21A1122E0510DF87457D634BA9714923F43F3D1A0B3A43F703E756A02CADCDD4FD14F74344AADD1CCA6D90CF941CF063CBE2C5BE4C
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Y.K.P..I.4.AFd.!8.BA. .Et............c.....A..D/^e......c.A/..M.5..oI..H.&}.../y<^......J..a.,*.q..$.I`.EK.._O.$....'.z..>.N.....@....iEQX...v..m.*..Z..@....J.N.....]3M..u.iZ...m..{Z...b....Clo"........q`..b.`2.x?.yMvu.X....L...4.'cc......"o4......2..`.D...i,..-.e6..x.k..,..!....H.5.^....9.O.a...B p<>n/....u,.@)A'....C.i.P..(..!..Q.w.L.......|.>.mx.....Jv.C8Y.....BE.|.,..[.o...}.....v.9i7.......3.....$7. n....Yh......=py....1r.,.4J.....+....../.A.B7......%....fV.7.,..s..eu.M'.WD..x.|..%.....l...Y=..n.B.H.>........:..z4Z..f......H.yM......OlBk".....D#..#........w-...'Q....V.....x!..........s`b.A..;&...B..$ ..%.j...%k.(..bI@...$.{M.Z...i}.A..O}....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\IconPickerNormal.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):343
      Entropy (8bit):6.834485828663839
      Encrypted:false
      SSDEEP:
      MD5:EE762E016769925CED48260B983D6210
      SHA1:42697BBE637E813E32BAC7105F94E36DFFCFE302
      SHA-256:8AE15E9F69251D05B8E3ACD4BD05DA8D43F3BA662B8690DABA52B40CC666E093
      SHA-512:8937E2C8E79D159FD1C64A0F0607A9F8055F795EA4EC050E487ADD1986292C75C714EC9ED737F291D135E74ABB843A07ADDA34C9D1317E2430E45312EDA895EF
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx...!..Q...y.Q. .. .Q..j.<..`Y0{...@....A.d7..b.<......x....a-.s...]l.h...!~...h..}...s..5J...v.lgqx....P.U..4.....,.$...v....h...7..Q@....t.8...... .... .... .... .... .... ......../..............|N....A.vjP.B..Q......{....1..un..`...+..}......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\IconPickerOver.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):1059
      Entropy (8bit):7.718427575200969
      Encrypted:false
      SSDEEP:
      MD5:CF496A6820793CD7EFA0B9C54CF59E47
      SHA1:A8748E886F25549648981E865BE85BD2E32FD710
      SHA-256:F6FC609E1E2BFC65C81CB5B53199A04F7EA97AF3889BD6B3D062E490CDB57687
      SHA-512:F2AC81A57C383563F1E9AFB014600EADACDFA6CE5C81D31329123B7EED9781B56C5A05A65592B6A5695F6536A65E129E8B973B6B87E7D81C53B2D526A305F012
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.._H.A.......1O..LSQ+..0)........s....y...C.z+. (.^L.1,0+.C...(.d.....;..O3...{..'...ugf..g.73p3..kO...X....XH.$bMb.`]$..-hO.[..f:{.e9;.\.c,B..@.......@6.L...4.$..,V.e...49.q.;s.....5....Jso...F.}.~0...Y,.J._....TO.v2..(.YU.3Q....N....WO..V....7.x:.{.+D.":.F%5..x.....oB.......w...Ia.<W.~..j>@....b.,*.@...s.c.2R.\..).?.=.....2..`).b.@y...x&....LXjX.p...b>6"...*DV...j.5.`p...k.G.Q...D.D.#i..}F.T...;.@.I.dL..}....d....zV.c.!...,ro..8....&.....g&IM/...e.L....0.L....0.L....0.L.............?...-J........wx,.F.$..Y.............Y..........8.?...}==....0..VK]...........x.&....n;..U.f....=F%V...23..zS...^.Go>..sUt...^h......>........R-........G...c{...@qJ.Z.j.f..g..FR.(K.<E..x.....p.s.NV....s....K.......V.F v.g..)"....$I..C'.5..@..8\..=.....A....n..e4..M...9..p:.qR(.Y6.aW...(....5...G.`#..K.;...U.....w.xqnJt...P...g..9...e.....U...m..k.G|.q^.rWb..TIFZ*8..l.WH.n.&i../Q]....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\IconPickerPressed.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):1062
      Entropy (8bit):7.701880662042958
      Encrypted:false
      SSDEEP:
      MD5:EB1DDAE11FFDCA6B5644FBE56CE37C6C
      SHA1:D020AB87BF4E58CFFEF4A84A46F04B8273C0ED68
      SHA-256:570E854295BBCAE8FE66244FE83F2B583CA207600E7CC6C80D1E32244E1A0771
      SHA-512:D85DBAF5C8A64F7704C9E05B6061A4269864FEC5D320E16AAEFBA363971B80F3F076036A363F665A5DBF75D279682CF718061E15A1467271053F436460A4DAF0
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Kh.A....d...I.m.....`...UA.*RQ...AQ. .A<.=..... .<TZ.P| .B...[.T.+...4.M,i.t.qf;Y.<l=t.q..Lfv...}......3`...A"..;....5..*.....K..U...E.g.!.C.%.. ..`...p.i..hs(..#....<...a..!....[....|E]ea......_.=...Tf../....49.L%.H.g.....O.y.I.yz..<. 5........B.`:..^I.`.^\.....=._........`#../-.z.q....dy:.L.I.....e..[z..U.@...}....O....d>..g..y...N...<.:..e....!......<.@W..m.".......N4..c.U...&r..2..s.\.-...!.c&.j..Q_F.$G>...<...u\m......@.7l6A.....e..9.p..'...0......0......0......._..?....n"Y._~.e....N.E.....7{....dW.P.6{.X..."..J.}.-5M./...l..).......2^....Jn....x....r.#..z ......nw......3....0.....Z...I.Wr..q...2.K....V.9...v.E".1.!.wN..;.bZ......v.R+.n.&.....#7.ZO......r........$6b.G....{.I=.....-.plk5\>T...x....W..L....=...3..T.o...<...|?..L..8PWE...... GSn.Xu..\..m.....#.S.8....tk_..="G..7.5d.a.I..P....../]..g.^.'..6...H.cJ..Bsy..t....A..k.Q..xp)..@/.$..N.<.........>....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\adobePluginWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):411
      Entropy (8bit):7.263901746780088
      Encrypted:false
      SSDEEP:
      MD5:50835BDA4045935A06140F98F42F3B2E
      SHA1:B966AA45A8540985948AFA275E97B2892ACA565A
      SHA-256:EE186E59E2433337D13FF1F375C3BE74E41599185BDFD0908F110C1B139AA5D0
      SHA-512:00CA835D0BDC48232954B3B5FC16C1F875BC50953EE535CEA73F35EC72107DC1293EEF48A732D5C7BE19E9794BE5421FBA9D520919D4C7D89A2A6E1B869BE45B
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....TPLTE....A2c..\.E.......h[.{.ui...........SE.K=.............D6...........`T.H9.ZM9y&I....IDATH..... .E.V.]q....5.8.E 1>4....`....,z.BxF.B.6..!...{......Qe..C^..BL.....D[..n]....H.N...>s#2.3'"...N..(1Pb...(*jV...U7..e(V..1,mD.y..L.....5.*f"..`05..|....H0....L..*`L.....4o.91b7...D.Y.K..H=...&."...O.E>..;B.........D]g$..`G#".2......6....A..........IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\adobePluginWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):11384
      Entropy (8bit):7.965010579953666
      Encrypted:false
      SSDEEP:
      MD5:1F7B65D3701326F99BA8264B2FFC72A0
      SHA1:81C7C60F31ACA6EB4EB6B6FEDB8355EC8BB4F23E
      SHA-256:94239A3AD334E0528CB76B7CEAD9CB0898565FC5DDE9F7592141ECF4F80E27E4
      SHA-512:8554DB986E2E5DA464F13E1DED577958B34957186C5CB5796C067815CCF7C3AA9B0FC616252BEAEE73AD2B17FCE3456E0E628A8D45444CF683E6E344885E17D1
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......WPLTE.............A2...c........\.E.................................VI...qf.........=.....+.IDATx...1..A..Q...3.@..WQ.-..9i..m...B.0[.r....-.L..t...B....&.w.....]=_..y.;n@9.e..l.M.].6....%&.J.;l.a.,..F..J......f;Ph...P.IY......4].ZF.o..X..=T........S...+.Td...eqK.....T4...y.L..ny.*'....MT.I.AXB-...M.L....i\,.6...C....x...u$.K.,....b.N=..NO7.\.f..m.M7[...$.`}{.......$.k...........sK[Zf........M.pC.?....W...0.`..m\k..7......@..en..a.mj.=l.&85...6.....4...:M........K..JQ.i<.....r....Z6..vP..i....<...%$..?.J...[I{..q-..91,..j..Z'.........[UB..k...RMM9..w...<M...4...`..46.6.....~y.....e-.e...Y.*..`...m.~y.`.N... ...a.:A.VQ.Q.P...BX.?.. .....l...f.p4p..&-<...........Q.CE.2....Z.........[..j..0....6..(.U[m..j.....@...VY......M...............^.B9..:.j.5..4.&eZ.n....{...,.}.....l....&...Y......z.<....U.&....R<.rq%.5o.....5....e.H.....r.5.|...V.1..l....e.a>."...:..a.e...pi.+].........%

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\arhProjWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):6385
      Entropy (8bit):7.899612927142615
      Encrypted:false
      SSDEEP:
      MD5:3678CB16A25F6FC5C1E2CAF14E452C3A
      SHA1:BD1D10837A3692EC4FDDDA5301AA45FEEF331543
      SHA-256:A7EB29240191431809251025F8254477FB6CF9E7E49AEA9D657264014ECC21B6
      SHA-512:3E53316325078AB06B5ABBD8C1DCFA452843D3C2BFA8E54D94DF5CD14B6A10DFE7F578A776AC29B974A93DCE385DF90B105BDFC86B70F56835AADD7069D70F39
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE...........4.....Y...l..p..s..u..}..m.....j..w......\z..n....`..x....\....g......{....p....d......t..j...x........n....z..}...h....x...y..............|........8..V..L..?..R..................E.....`...3....4........(...;.+.2..#...d....e.U.%.....w.".........D..n......J..5.|#..Vm.......\.E......s...C..o...u..e..n.......T.....~..x....x..u.........c..W....../....IDATx...]O.P..q.i..H ..).jE...@...C.Y.|.....(.y1/4f.^..X....pJ.!.>...o....>..>.6t..h.................9..>@w@w@w@w@w@w@.w...................9..t.t.t.t.t.t.t..h.................9..>@w...+...h.i*.}.h..M....E.{<._.g.....j.>E...Lk..|.<Bw..(..>.wpp......(...t...P...{..\v{/.Ik.y..)<...F0..Avqm1{..TM..|.....h..'.u.m..Xw%..e..$n.....b.o.w..S%N.....Z....].I..........nd.....,.J.f....(h..K]K'.....~y. I'....EACuK...V".eE...r.wI.>..].4.Y.Y.LZU.t..)1;......E9.....4C......t...uq$.J.@@..@....n..t....8e..%Y..2.^..gW...EAC..N.B..[t.;N....EA..J

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\aspnetWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1452
      Entropy (8bit):7.822652965334982
      Encrypted:false
      SSDEEP:
      MD5:E39E32D32D0FC3C4E7866F064E130C5E
      SHA1:BADEE6EE6D762695DFE4859332D34B1239D56055
      SHA-256:A2EB6FAD5362C7D977C0A28DC8C0D0461E6E6D139FB81920085542C36498F009
      SHA-512:9DB35CC0F4C1F4BEFE350BA7B4EF69D7351F475B106ABF49E0885012300506EF511D8FE722ECD4A8BC425254A7530A625F61C765170E52EF9D0A419513E83FB0
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE.....{..N....w.....c....j..e..|....l..g.....t.......q..o....J........................................................{..............}..i.......................x.......................................................{..............x.....................n..l.[..N.@.;..$.y..................r...........|..s.._..G.C..<..;..1.0..%......................i...............y..y..w..u..s..q..X..V.T..Q.P..O.I.B.3../..+...........IDATH....S.A...'.W.G'T.....@..D.Q U.M.jz....6{..#A..L......>vo......M....6..D2z..d.q...3.,..'....`..W..h...zy...E..1LH..[..&.......j...L.{XS.....la.q...q@#../:.m.....&.....e.C.1.f...z.\.......:.}q@.............f....'...%.o.p2....Y..\.t.....G..}^9..O.VY/....R|.a\`#.....|.......9?.s...w/kC.........H...==_....D.~AE.........[..XxV.......dA........!..U;...##.m^..p..mh...I....,...4..^.hb^.Q.,.QSQ".].b.,..f.'nV.M..$.I.,.l.?r.".61K0L.j..h4..}.....l.c.(.`..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\aspnetWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):24335
      Entropy (8bit):7.976835412274305
      Encrypted:false
      SSDEEP:
      MD5:83BB6B51ABB178F0E27046E3230C48E7
      SHA1:FA190D12AE5EE36EDD2A72592B581E3AF57CBB55
      SHA-256:CD97DA63620C9B195D02A0D8E11331458C8997240450EE9DA9C98E7A45710EE9
      SHA-512:F32FA6982768D0A8166184842E1CE7B96187F22A5890B8CB5A32490CE4E7EC32E7CD3B657B5EAB80414FE17355E17DC31793150F140B2B07BAD0C4BDB25FAE3C
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE...S.....R..T..T..Q..R..Q....{R..T..Q..Q..P..T....NQ.....M..U..N..M..K........J~..x.........................P.............l..u..................~..d......^..................Y................z&.............F...Q...<........q.....(R..~...gj.....~.dm...X.|F..k..@..q...(..0..].IDATx...A.-9....#.6I......v...p..|...#a..I.Vo.Y.Z.Q..F..../o...[aF..c's..5....z<......I..0T]f......:.yWR..7...+....1..K.M.BR...f. S...5...(..buWa......=...S.S.....lt..O/T....8"....~.~.U.[..=S..........D3.JbHR5..U.`5[...P>.X.9.k4...BB>Y.v...k.l...A-..O..._.v.J/...5.c.x.*.1..=G.T..93..Yx..H....\'..gz...E....<.[.Z.E......Z...m...~]%....Q.....aaz.x.@.Z...kS..:......,.g[FE\u.a.....b..T0 V1G..L9t...."~..8.#T1.O..-.....=4....jqF......'nU..g.E.6...l.j....9.a......<.........|N.l..q....Hp.p..........Z..,o.>.I.z......b...tk.......F....._...#.:}c...q_..$........A..A.`.V.>.u..].4I..h.<....ZR...\........NC....N.>r.. ..N.......B.$.a.?...R.....f...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\browseIisAppPoolsWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1711
      Entropy (8bit):7.84234243861916
      Encrypted:false
      SSDEEP:
      MD5:DEE1C89A588968D3A137EE4139F7493C
      SHA1:A4B2638EB86D148C1CF7931D79FE185D72C1D429
      SHA-256:A57A25704738521780326D66EC049707CE09BAA74A93B261B00C005F06BDB45A
      SHA-512:56D1520077C8E89C4315092304C968106303C61C46AC81F7B3DFB886618B4A943635E6E9D5C8960296C788CFE15AB7D2A654F8622A256D8F2876EAC074018968
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....XPLTE....EEc....a..c....c..............g........a...b..o..a.....a..b..e..d......b..b....b......r..........................k..i.....FG...............w....t.......=r...................}........-d..MM..............................l..[.......@u.:o.....TT............................Q.....v............n..^^.II........................................................d........~..Bs..........._..}}.mn.eg..................................k....................w..u..m..............r.........L{..y..j.......6l..........u.....t........u...y|.mo.ii.L......IDATH..Ww.A../..R..i.....0.Q@. .1F....{...{......)../~.p..g..;....L_G..B"Q..8....E....8h%-=.7.AW.|.]....r.S^....z:C#.,Gi.-..$t..id....BoWSMH....H.-.`.6T.......Zc..v.^.......'4.).P.?...h...3`..x.:W......Y.H. ....;.F.Pg...%.<>e.!.,.|.......t-...A%..,0...0...-($.Q..!}5..T....45e.....?=...".+..A1.Xb.K.b...7<..4..1..+k...meY...f.#..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\browseIisAppPoolsWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):8631
      Entropy (8bit):7.932245367948659
      Encrypted:false
      SSDEEP:
      MD5:C851FD6056294324986427C8C6C7ED9A
      SHA1:02D9C400CB684C5AB151CE659B5F98FDF3AEA795
      SHA-256:A251686C2C4EA0CE3D3CC1266808E9C405A5D3A1C3ADF4180018E13B54A6E58E
      SHA-512:9A6BE7D0EBFD9BB6FD3EF3CCF02FD0CA353C47A148A39BFA98CE275B409719C9B25878217219AFDD6398CE10E6B1B71186600ABF37D384EE372EA490B278AE09
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE...Z.............@y..EEV.............==...............Y..R..N.....S..w........|..M.....P..V..O.....s.....T..U.....S.................As....g.....r..?y.......................n................M{.......X..k..............y........U..M}.........f..a..........J..F|.............[..Hx...................Fu.......b...0g.Fu.......\......................x...AA.....U..B{...DD...r.....Zo...................>>..._..d...R`...=v.......p...a..jj.GM.....jj..\.......o..mm.OU.........UU..'.. ...tIDATx...o2U...h2.&@.^..y.3.`.$...QB.)..X...KM4P........J.wn....>.f(......oQ.......s....=...4.............w........x.......w........x..;.....=.......x..;........9x.@.x..;......w................w........x.......w........x..;._z.;......R.&......{.]Su...~........&........v@m]}.|...'..........::...Ww..w.xW.Y.Z4..\=S....jUQ..r..d.9~?4.Wm......`..;..z..<.)+.@....'..I.8..;g...n.C!=.)*.J1.c.?l.>~...I.wM.....l..D...KC..\...j%..bIu....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\browseiisWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):25708
      Entropy (8bit):7.9846726881773264
      Encrypted:false
      SSDEEP:
      MD5:2FF34F279CBE8EC33C8AEF768A16EFA5
      SHA1:1EEB0EFE97B68F75582E8B08E2F873EA9E7DD015
      SHA-256:7FA43BA5C58E9FBC030F35190909E1A4B5E898A814FBBE7F038450AD9685C690
      SHA-512:4A4A07AD732C9AFC436AEEB4ACEEE6C6050CCF5053D8AD2B7F884E64AA49ED68F50E0039129F81F18095FC726CC3BF2B29CE7F0A2078D44B2608D48EA2391666
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE.............................N.........r..o....j....d...........{.....v...............................U.............Du....{..............M}.`..v..m..0g.+..g..cvIDATx...1nE7.DQ..pH.*.....;....BT!V.....dK....AQ+.!...t.j.........E.u..Lq"3..z.2..k...9[2.U.g../.y{.w...#..Z..9H.K%.t(.NKI=....*K...*..l.3.3......:.(r....0..@DY...]......G.........MG....OKdv.;MX.ZpD)..A..noY.9XQ......g.fj..9.....PF.~r........s..R.5....Zn"1...o..6........r.["..jO.E.P...U: ..U....;..,/W.....u.uj@.....).....y..E}.ln.}..... ....e..#.e..U...Uy.Q...i..9".E....h.o...F.. .."H.U.f@.As.$...$:..."..Z..3>.....b...t.\CT$..T..)..4.3|.u.@.5.}:.D.....4....4D^.3..t.K...>....8oj.~jm...dwS.@.I...#...F.....;.}$...>..u...u..e...S}.E3$....}...3.9..b...Q.1.z.J..#..[.9...$S|r....ySh.n...#.[.r..N...).i@r. 7.tZ.Y...s.@..-..H.LT...GU9P."..1.|}....-.....v..I..[r...T[..d.K-A.q:.[.....7..7'...~<.Y.P.....)"...._...x..@...j.m...{u

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\browsesqlWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1306
      Entropy (8bit):7.771466105264843
      Encrypted:false
      SSDEEP:
      MD5:DC9B35D8D154C94E36A4CCD6047DF23E
      SHA1:26D81B6A98CE3A6DC4CB7B672558EE02D3CA6ABD
      SHA-256:6642FD251EEA988782C44D725FC5D5A751EF61AE4B228A5B5A28F7E3B55F6B17
      SHA-512:A7C8B8893EFF280D108093F69D70C272866F709343EA57738E52BBB5F2CE2B40D201D255A155214E3DD4884C3DF758E9F9E2E83E9CCB32F7C5E595701500187C
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE.....Yc.....a..w.b..b..a..b..b..c..c.....x.a........{.......b..b....V.K.-.)...a........;p...M.F..9.6..(...................>s.-d.....X..Q.A..>..'..!....|.........................a....[.....x..[..T..P..O..K.I.~............u.............Q.....@u............S..D.8.. ............y...................l.....Bs........u..k.b.:..1............z..i..............w........p...............^.......L{.6l..........s..a..3.1..1.....IDATH....S.P..p.!....".T.S.`..PP.......{..o.Iq...>....Kf...N"./....D...2..b.......c.*._..*.[.RT.P....*?....i.. .L.#$.{+...#$....e..3..Y.....F&NX.[.....>1#*.Z..H.>.Z.R...d`>6QFOF....a$...kR%=.".n...D....g%....d6.y.=BB.vj0./.....sv....&..XXdB.H(..."}VZ.h...wpT.h..q.%Q\Z{XD......I.q..P...11...,.H\..?~.D.B..1.t.f....!....g8$...&g....!....^......\...0R>.3T.r.[d.~.....`.A......Q....mD..2._..W%Fu..w...j..bF.....(.=..V.Duv.#...D5.......wp..............b......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\browsesqlWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):4639
      Entropy (8bit):7.865688610734752
      Encrypted:false
      SSDEEP:
      MD5:D2C9378C13868C8803B0EF2AC5EC2011
      SHA1:2363B0D96FD5F7B135707A86CCE3D73CEC4D1253
      SHA-256:012B0C04DCC05E26F4BD56579E369E638DEA1CB6E3E1D7F5DF43A231A4A473C3
      SHA-512:6C98ABD9B24302B7735A94684AE25DB09C670A8E531DB8210EB469ED4BE37790B3E854A273F7287B3C0A289713AB6B008EBC2E26F03FB29CAAD3D32329BD57EF
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE...Z....Y.......?....N.......w..........Bt..h@y.Jy.......M......7w..U....K..T........g...*}..e..Z..F|....t..........m......X..{.P...z...P..K{.........S..~.......o..0g...}.(o........a.....Y....#....h....................Q.7....K...Dv.....b.<.|..*........~.~.1...s....w..q..L.D..........D.......M.x......U.........e.T.....|....\}....y .....s....K.....]..afn.....HIDATx...1..0..0.o.&.p.XH: ........w....x?...w....x.;.....x.;....: x.;..w........w....x?...w....x.;.....x.;....: x.;.=:....A.t..~.'T.;..w..K..;..w.....R..N...c.,..P....I..L. ..Cqpq8iH(ZZ.E......0.9]..={*.(xui!...o....f.6.R.,Sv..2!....g<...&u.%.......C6..a...K-@a..0...p....J.(y._w.M.>....G..^B..#.D43.tw..]..g.UA.8Q.k......A.....ODb.....%f.G)].%0K.`.`...4.t...w.P\.......\..(2r.{...UXLnV...S.9.=W..vl...+.wm#......su.]\w/...#a....&.{Q....S...fe>...t...t..#9?.:~......R.x.u....4.;..RD..Rx..u....h.......v.7.[@w.....c:..ql..!

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\caWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1122
      Entropy (8bit):7.778779669638138
      Encrypted:false
      SSDEEP:
      MD5:9ED7184A9097A5A7CB528C6B8B299A30
      SHA1:335EA1D3F803F2B9CBEEE1B398B765C43B34B2D6
      SHA-256:3FCBBFF8D061A3671CB23BA9E27B443206EB1441D08774AFAD5BDEEE2C9862F9
      SHA-512:096CC6793E08ACEF3C45B6B9D9E0CCE5FA6E8B7035A4D7D2CABD65B391285088BB543BBDA24E05DB6F18A9CB8CEEAC5CC393CC4CA3EA95EFBF9FB137BCAF7BCF
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....>PLTE.....Y.....V.7.{......~......|...s..O..$.x....d....T.."................u.......W.K....................}.D....y......................j.........M.>..(.........................y..R..B.A.1...+.w.................q..........d..W..M.G..7.3.*.................k..`..*.........l..."...F....IDATH...r.P....(..;*..c/.$...M.....{...@2sg.?....-..7.^\_6..^.&...t..;+..4.J.EQ2.nRc...E.'..D....x{...-..\..PUE.R`..t(.jQ.(..OZY..E.(.z.....1,.j.}{[..E..W....J...G.,BF...9..O...GPZ...-...H1$:.....s..H...o.T...;..Gk..u......l_...b.b...V...%#_...n"~+l...Ltu.......Fn0..%l.6..C..Rz....b//.Ji.......E*..e.*.iu.U.ee.JZ......'.....t..[...1.!T{.uR.Du..Z.d9....../..N4.{..1.U^...Y....+.G....?...6...W....iOe.*.......-.-0.1.N,....i.mT.~.........&d..]x.Yj.G>.!..........X..........-..9XPt(.).....b...c........O...JU...........C..+.<O.`....t3...../..O.|I......5d.N.1.zR..Y........?C.`...R@..8.f".;L..Xs..Guh

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\caWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):22227
      Entropy (8bit):7.971700013667324
      Encrypted:false
      SSDEEP:
      MD5:A794DCA60DAC47A3559EF6179CE1CFD1
      SHA1:D523B4A95FC6AD4523448F59AEFD488A66D2D833
      SHA-256:18DE181F6D827567EAF85B3955BC9D314846224BF3090EDC76A275B4ADC9A86F
      SHA-512:07AF422670F12492030BBBBD270D0799D38D82E45600AD0E697E6E8C09769263969A509C1AB10A6408C909BB131ED2499A42905D91EAFDC88A6F038A61CACF62
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE.................Y.........x.......................z.}..i....^......Z..a....Ct.....Jy........f...l.........t..Q....o...!.....|..p........X......y...;................7.E.....Q....G.+...p...................6.[........{..e.X....UzIDATx....j47.Ea....\$.T..l<.......8...@....7X.J:.~....D.t.[.V.j&a:r..^^~.'.?...z....W,.....5;.....r.>....kN..i?=|9..r.)...r4.gPTn\.............Ne"....."U..R...i...I8T.@zz.r{....;.S..+3.A.#.e..~......&.%...m..."... ..[T..b-.....4..9.}.)YneT...U........=*..e....D..P.%.V.......!..../.^!..(D."...L#.........?{y..K..gn..#.;p...;...].j%..j.d......3E..&J(....6...w.?............M1Ctv!.t.p.e....$..P...c_...R.[N...P.t..pS.[o?.x............."21[..As..D..H%.tp.yz.r..u.*rs.rJ......rHv..^.x........^9...o...... ).S.:g...f.\O._nSx98.`..V.FT+".....|..A.......P#.H".7RD.`.R.GUn.$...c?...)l....DD"!.$:.L..y..........VfnI.~.Z.... .i."qm...cn....T.u..`@T.K.'.Q........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\collapsed.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):732
      Entropy (8bit):7.641559462922999
      Encrypted:false
      SSDEEP:
      MD5:117CFBEAF48FA9D0D6A40BD791FA1EFE
      SHA1:479CC3E68726B3A2798186D0C6073953C631F25E
      SHA-256:AFE73BADC187E6E5D0E3D59FC9E559ED6D0390E5B6F2B99FF93BCE6041302F40
      SHA-512:D5157F706C10E0A236DA31EBE0A2DA0E1B5E477438C83FFBD044A7F275FE7EDE81EDA7D78B51600C60D08761D9C5D5A59B77D1CE8E5A30ABC466455D433A95C5
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<...~IDATx.tS]HSa.~.....B.D..Nk...d..AW..I.E7.."."bDT..U..w.Q.E%..\.M.uQ..Y.rhsV.s;.9.}.&.....~....}.....Nh....8aq-.j...F4.*.Z_9..iT)....zU.....Nm..q......ph......2...%...M.n.......i;.,!G.h4... fe.....Z......V.....2j......$..B2+#C9.V..60.5.......J.<A.U-W.PP...T....4%........s.x..1vm...!X."u$"..aO..#. 5..sY.Z6...Lb..QaA....,...>L.....uN...`..s7o g`...L..=.......N.9.3...mI.p.. ........G.G...M.J...b.....l...>.Lt....C07.........r.I..X.n:.W.......n...T.].-.\.N7F\.>...+\}.1...f"..y...Y.^.x:1.P....s...g|..{|`...4J..J..S.=.i#.....=.0.5,..~&m.m.....>......s../.....8K..J..pE....5.Bb:.B:+s.....L.`.>..&g..b.T.......6A.]!a.....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\conflictsDetectorWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):2069
      Entropy (8bit):7.291056205787157
      Encrypted:false
      SSDEEP:
      MD5:05A89CF6AE830841314ECE7CFCFF582F
      SHA1:AE75B497374DB1B9EE2E7CCA945BCDFDC6207A85
      SHA-256:1034D8237E293D8C0E475C8741C8B273F5ED655610FEAFA1079576934F88049D
      SHA-512:E0BA57663E05E3E36E8ED79A964AD85F818ED46FA1EDE8602E983C11E9E044CFF31A320D97840D0A9B15C31ACFDB03820C56E5271CF9950F6CE9593C6EFA4445
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1........K....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c132 79.159284, 2016/04/19-13:13:40 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:d808f9f3-b027-404e-a21b-f8ea61fb08dc" xmpMM:DocumentID="xmp.did:848D59C6481A11E69FB3B419136886FC" xmpMM:InstanceID="xmp.iid:848D59C5481A11E69FB3B419136886FC" xmp:CreatorTool="Adobe Photoshop CC 2015.5 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:df018129-8a48-8946-b771-fcd5ecef840b" stRef:documentID="adobe:docid:photoshop:54adb823-481a-11e6-b817-cf42c1a9f7ad"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>b......%IDATx.b...?.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\conflictsDetectorWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):25030
      Entropy (8bit):7.969764782649932
      Encrypted:false
      SSDEEP:
      MD5:F365C960D2ACB6B92FB9108A6CC60BE0
      SHA1:B81DF04FC09B2476B1CAC82E61BEB7B652C8B721
      SHA-256:7F98BA7D3B1CD1F364C59B53FD06E4F6DBD1D1955A6BAA6BC4A33CF4CFD8E036
      SHA-512:1D35648FE5CA21CF346FB820A310D59A87D09E424DE9D025239414A8FDAF9BEB47ADB441897E651B2835605FAAFD64B2C393B2ACB4BD845DED59EEBF4DE4B3BB
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:......a......tEXtSoftware.Adobe ImageReadyq.e<..ahIDATx..i.d.&........b.DVq.I....[.....V.4.FO.4V7z.i{~x~5`...0.ixl...h...n..x....4DR.h....HJ..*.X...-....8.DD>..U..z...X.../../...;.?.cQ.a....-.. .e{...)io2.]i...pGw....B...owI.K.q....J...>...O-.).y.v.k......y...=6A({..^....C8..=..gn....}`_...4:.{....L.....w.]a?>m...........[..F.<%+.QI..I.]..lD.R.9.]..U-..p'...w..+.<.R....n..d.G..Q..%.%........>.=.....z.+^-&..r{~f...a5u......7..t....Zm...`.R(.E.%..5T.h\R..t..S..[fq.I\o.M@7.l.[...@.;{..5;<8...Y...n.:.?...$..~[...d8~8.0....V....6..f.]X....WS..,......+..3.....4.y.0Z.K(...5#..?;JE..r."....m.H7XJ........ m.i..J...x.8.O.D..1P..I._ \..d%...5...t......g....K..J.@wv.?+.k..7.h.*.........p_._w.cW.|....."H4&j/.N}.n..DV.....&~.......g......A...Bl..,...5....h...2X.{a.Q.1AfBL.o.B~n...0F..O..^....c..=_...(..s.cW...I.d.R6P....m.*.md`.....LR=.wk..C.-aC.o.....<%p.P.......`U..S..^...@...z^....q...qr..5.N<.........|.peb.R.......Q.H.M...P.|..4

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\createVmWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):668
      Entropy (8bit):7.448945715447606
      Encrypted:false
      SSDEEP:
      MD5:1EE3A1045D2A84666E2648316E5F9F0C
      SHA1:82012CDFFE84947B74DDF0EDD7C934E3691CEF0D
      SHA-256:8D0B3284D733AE3F65106A4C89E587519C99365F3C8CA846361EF56447C8F298
      SHA-512:ACE81E7A9529EA69F6BB2396B5D07EFA29C69C25D27CEC2EF32DD102910B6A7630B514D80572CA54097CC2F1DF7218091F396C46C86E5D07DF95DB568D7413DD
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE...Z....Y&k...^..............m.......................d.........................s..a........|.._.............y..o..j..f.........x..l..b..............................].........m......IDATH...r.0.E.5..b.{.[z...T.B.!...3y.y.A...wG..)..!ds)..\....o...e.....y..,}u.akT.9.q.#.z....].e....h.7.%.0..OuL.W.....j..5..Hj.5....a..?.$c.5..Yhe..2K....pH.B...........)..r._t..oN....f..U8@J...m..mL.4..M.-.VEs.....A..e@u.........}.......W.i.f..6......Ii..L....$...TH........8..1.E.mG...P.a..........&...@.1a..(i...[.q..a.....p.......S...1C.W5.D9./>d`6.q4.......0I.oAN..B.+....0..*.Z.....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\createVmWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):2585
      Entropy (8bit):7.757913110245645
      Encrypted:false
      SSDEEP:
      MD5:2332C12D118FF757534D2C40F2BC9C48
      SHA1:4D9A9F8922606017F492CBA113823921D611CBAA
      SHA-256:CC6FD99EAC5933BB18087A9FE7954839593A0FA903B5E444B80893C57E61E7FE
      SHA-512:151D29D09A7504C904DBACD37945F06BA422A71F1CAB695DD4048715AC8793A6CBDE0E8702203FE1A4550D6A0A3FA3B2FC9AD3A92715039D908343882296B6D6
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE...Z....Y...............c.....................]...l......y..j.........q..b......................................f..........`.........r..g..[................z..v......................}..6....IDATx....I.Q.E..l&.........%"n....@...I.R..P<..Cu.BwtGwtGwtG..:@.;..;..;...p............}..P.......>\.(tGwtGwtGwt......;..;..;..........................u.BwtGwtGwtG..:@.;gu.....z.."..k/.@.u+.@.....K?.]......{.C...E...".{....E........t...L'u.%............'......;..;A..E..;....[.;..;A..E..;....[.;..;A..E..;..;..;...iW.@....%..."" **......O. ..&.<.!9y.o.1.n.L....g.w.&.M.=..{6q.l.......g.w.&.M.=..{6q.l.......g.w.&.M.=..{6q.l.......g.w.&.M.....n...w.?.}.n.Z.Ay...}Qtv.f.}.n.R....J..S..G_.(=.;..-u?.....~;....L.E.C.....aK...!DN...=@~S2H..........3{..".o...S..i...A..TE.$....gh5.3}..-..-h=5._b...+Y....3.....<...q.[|...z.>.sC%....s~.:..mR..yE.y.Lw..W.acX........S.".N....ZU@...sp..S..\.C.{..rP].Edw.i.u...)A

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\dictWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):5378
      Entropy (8bit):7.917736920254075
      Encrypted:false
      SSDEEP:
      MD5:0CC1A4D799D0A602150C37EB5E7624B7
      SHA1:3CD71311005A63A06EC1F40BC8967D5B614E2C2F
      SHA-256:5308940F9FE9E8F2D1E67F97996DAA4BCB12B22A8BC87237A51F73E96BB33BBF
      SHA-512:D6544FDF724D01F57C799723740803F23FF58460AAED0CA08FA98E695ECD4AC1500C6047E200F1C7E573764B223C86689848EB27E82EE743BCA2EE88108D8983
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......xPLTE...Z....D{.g..k..~....y....c......t.........p...........`..M.....\.....P.....V..............s.._.....c.....EIDATx...1..0..0.o.&.p.XH: ........w....x?...w....x.;.....x.;....: x.;..w........w....x?...w....x.;.....x.;....: x.;.}..i...8~.vsOnf.6........c9J..3.&....._,......3..;...r...qw...wg.qw...w.......3..;.......%...\.X..8r.yQ..@]k.......g..gE-@....6t... #.%A...Z9..oD.quZoi.>........}V.R.v"z.m{.a.O..=.vW.bX..Dt.M%. .)..k....(..)Q..(..S..G....#`w..ZhC.jq..o+0....3ww.....F..o)}.....Z1.........|V..J..n...)...R.......V..;....8`.....V........W.....{.B.w...I.w...d....4.w...qw+T..I.....5o..s.......C.+;.n....y.h.......[..'....$\..Vv....}.+-(..\.H....[a.?.(R.....$s...%wo...t.u....+....2....6.wU.S.....S.".O.W.....Wa.?^.Z.'#7. .g.2....=. k.....6..TB{.Ps.F..oy&Rj<..j.L)R..Pr.9P+k..l..L.;.:..y......w.Bt....../Z.. ...N.F.O..=t@w....kC.-.........Y....w..t....5...j.6c.>4.i...E...S.!Pw.._

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\down_hover.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):373
      Entropy (8bit):6.98754291353423
      Encrypted:false
      SSDEEP:
      MD5:5849462B908411C396ADBEF96F1D5BA0
      SHA1:A5027F64EBEA7790B6A310A863408FB78820192F
      SHA-256:1B10647C5BD556C26D66A3882F524DF96C0ABEF784DD5B8EEF00B4C22BE5E546
      SHA-512:3C07800E930EFE4F0F22B785AE9A305C70BEDCCD09FC67E257D48B4C61502062A93800DB73B912A525E4DB01D68F3D7B950957653A115A98FDA20CC398383CC6
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............r..|....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.b...?.........).....bN..w ....@...`.2@...@......g .K..o.....).w....2J.3..H..IB....UC.|..[..X.}.....N.)..a..&.+.... w....k...........s..01..<.6.....=..r.0........"...n.g..``.... M..P.k\P...X;i!..P.....*p..w&.-..9.i....b.M.x...R.g*.p..+T.0E..f#(.X...../d..4.4.........7u2..9.....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\down_normal.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):222
      Entropy (8bit):6.431919464596441
      Encrypted:false
      SSDEEP:
      MD5:7E9A1DAD4992D1FEEDE0FF858566A9A5
      SHA1:AD3A69D6D425C5F4FAC1D75978CDBD3363B36555
      SHA-256:14DA703F83D826807A156536A8424D0B300B6DA9D972F27F7647AB17813B6A54
      SHA-512:8BD4BC6F593D7DA85A06366A361655B059E4638BA1526FF92E5939EDB958B04E5AF261AC53AD96BEB96F691E4A74BB77CE58AF6A5BF0871E8A947B43B59BC02C
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............r..|....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..... .D..h..`..l@...&.N.D.GHB .{.f..+.`O.....r.!.4f..!..v`.%+.......R..G.s..2(...g.........}....-..s..r....N..'.t.......d.I.j5....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\down_pressed.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):221
      Entropy (8bit):6.532451649071698
      Encrypted:false
      SSDEEP:
      MD5:94505ECB39E41414617C1BD18A596099
      SHA1:4853A2E39F898A06406EC5D40B26224F4462B9C5
      SHA-256:7B327563AC30D51F7488EF11AD20BE741872FC5C974624F8AFA88CA9AC5092BB
      SHA-512:E3BE454A2DD6AD17F3A1FA3BE89E56AAE078ABA07EA0D29383D1A61C67170EE9A1CD7B441FD2EC9B03844C645CBA6A1B987369DA992EB4E0148E9B716A4ABEE8
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............r..|....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..R1..!...{.................].b.....$..T..)....(..@.BWo.B..{.Z.H.9..no.9.R......S.[k.:.(9gu../..c.R...-.Zk.y..?.#...B.........IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\driverWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):743
      Entropy (8bit):7.6496347127077
      Encrypted:false
      SSDEEP:
      MD5:EECA84E1102A047816F72AC25849BC3F
      SHA1:731C25FA38233154CA9B3BFAB9C590A9EED71427
      SHA-256:08AC1AB74CC0361486CE978504F5F0BCAFCCE0543F9F6546F7421A58DA144E98
      SHA-512:950E7565697E9AE89045CA28057B687643D63EBBC41A02DDFE7AC4B1E8FB42AAC11D059A7380628A8B05F60502370CB1E3D587D5A2C9569FD2CDE85762E80C93
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE......&f.&k.`..a..^.....^..b..e..d..`..e..`.._.._.._..(l.a..k..a..i..a..f..o..'g.l..b..h..r....8w._....M..>w.......b..e..)m...........k..-k.......x..@|....X..1n.......6r............IDATH.... ..[.%..W....L.......t......cq.|7.?...3n.....'..S.1L....L..\<1L....l.BP-%......MG.>4.&...`..."+14...F.@....b.......Z/.5.......N.fp...b......1L.k........,.i.}...u.i....(.3[.=\lWv...;...).PZ[11j...1g....Jm'.RE.....bW.v#...s.q.........t...........1..t.y#]{..o.\r..a J........,A.k;I....A.:..,........x..k.{..4.2n..^d{........k.n...s...........A`sx..H..F...q.2.....).....*..M.g..}h....:._0$.../g..\I...'..kS\..&Dn..1.#.|.LT....Qk;J...t..e.....v..Z.u..f...t.oH.x....qF>.%..0....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\driverWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1724
      Entropy (8bit):7.540881337875601
      Encrypted:false
      SSDEEP:
      MD5:372D776463B993C965CD6B8A925513F1
      SHA1:0188362AC9AF0A932CBAD20288CE34CD85F782E0
      SHA-256:6ED5C1A0A4B40C3EA4124DF0807D15E183780F360CC60EA891D7BA241028E467
      SHA-512:7DC12B5FA86AC850A0922DF7B9EB17BDBEE07AB3693383A10497691DB988D7C04AC091EB5521A4F760301FF5D9ED710E4E82F1D4BC47C3013E6F225FA3EB0D83
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......9PLTE...Z.....^..^..&f.u..a.....J..?}.F..3r.S................?......>IDATx......@.E.j...3...cGWn.....9.._......u...........=\.@.;..;..;..{..BwtGwtGwtG.p...........Z.................;..;..;..k.(tGwtGwtGwt..:P.........mv{\NR.....b.m....H...#i.<.b$m..>...z..eY........;O..aO.u......WQgv.~s..*.......WQ..;Gt...a..>.......G.{&.3......t.{&.=.}>..=..t.d.g..gr.g.=....L..L..L.g.=....>....I.L.g2.3..3..3.I.L.{&.|&.{&.3..|.d...~........a..0..!..._..jY+.Z.=[.=r~...ye......u..^'..u...N.^'t....:a.....uB.:..Y...b.^....b/.}^..v..]1t......{......q.W....u..^'..u...N.^'t....:a.....uB.:.{.p...?...Y.W...:&.}.q~.f...wu..r.#t.........{..N.^..t..M.'.........Bw@w@wP..^......"t..w..{..NFX^..j.t......\eo...<_..C,.0.p.GP.d.7....K.........Ch..S...ro.....~..... ...~J.6\?..}P...o.;......|.}.)......}H..x...'".j....}QQ....g.......3,.....'......}D...................D..}x..+..}@w..t........Xt..^..K..].;..B\@w..t.\......}.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eclipseWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1123
      Entropy (8bit):7.758758019371734
      Encrypted:false
      SSDEEP:
      MD5:829B97C49EA020B2EC24F8E280AD5AA9
      SHA1:6A021F09A842FC0B871E26773EF0F991A4071887
      SHA-256:D9B7499A6B4B0619595AE1572F89DB841FBB4A710026AF44CAE101696567DFCD
      SHA-512:B19285B7E5F2466242F1B3F869018BEDA838316D8767E293E4D45176D106167B8EFC1C2AAADC70B3CCA2838FEA06EAC92E0404572575B55C9595C280EC39A07B
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE.........,"U].....).R6,]...MDq...SH{...V..<.v...B4.E8y*!SKBn........b.._........p..h.....4+\) V.........}..u....t..e..E7.2,h..*..&...............|..n.......sl.;9p8+n .Z-#X..E..1...................................|..l.............B?r?6e%.W..E..9..........w.....j..................y.ij.F9|;D{YQy=/y:.q..m=2j.hB9f.................................[..^.................b..X.......{....Gh.t~......Oe....BV.jd.jc..{.z.y).l.Hj@OO...PIDATH....W.P...$7..*PV...PF..2......p.......{...!...n...>...9.........L..../...&..X....7_...P.?n....g7..+}.h.....%@m.)Qp.?...h.126p5....D.....[ACq.e.....nR/N...r...u..|}f.P.:pb.....L..W...`..R.....K8...%.....E..=....Z;<.V..6naT.~Xv7..m...Y.{..V.N....\.Z/.E.T^I.. ...KX..$...I.......Y...#..q..6.Lio.....+.h..lo..:29f........$........d...:..B..r.Y.Vv.^........1.M!.K.E.R..q..k.....v......R.%A.IM=X`h....G6G.Qefi.....+.4r.h..F.'m4.._N....).....WUDO...eIR.0Q......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\entProjWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):446
      Entropy (8bit):7.377828387596595
      Encrypted:false
      SSDEEP:
      MD5:AB738342C0CEB84C0C0C5AC6841CFAFD
      SHA1:BD087238BE0A85F31AC6A9AE1CF9BAA04BFF38AF
      SHA-256:62838308AF68369C82E43A67B006D330CE323E1E0366DB800A70B3780AC1CFE4
      SHA-512:BF7B61B2BED7A08DF196EB7249876AD9F4A4624211B39F2A375A914544D8421BEB61EF0D624E0F053ECB12C984D228D6D580BF4AC302AFD3FCB698F211A7B655
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....ZPLTE...c..............u..p..l.......~..................e.....................{....=..&....IDATH...j.0...~.b.'.Y.....JW].....H.<..........8-..w.N......9....u.6... ....yQ....N...\.Ip?U....Kt........-.~*......H.[...MV....D$`....X....B.:.........R..Bm..w.t@..0.s.Z\j...Q. ..8..w5.f.frR=...0.'.#e ........6......j&4>...h..i.....+.8..]...$..f...K.{..N.[...{....Wdw..J.......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\entProjWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 4-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):9368
      Entropy (8bit):7.960004580426872
      Encrypted:false
      SSDEEP:
      MD5:230D1F33BE74D7466C40DF90817B8223
      SHA1:DE0A8F603517BA6755B256DC93F068F34E732760
      SHA-256:95371E35AD10AF28720039B29D963ADC0E2D4418B01041757BC470EC93E5BE60
      SHA-512:282B95F9F6D129D03B120501FE4E8B89A4ECE3AE7CED41C0AEBD0C4147CB405AC80966C6007022AB9CB3CEC74782761890F54BBA20B37FED888D5CA03B589372
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:......-.~...*PLTE.........c........Jx....s............c...,_..$)IDATx....d9.C.........O.1.....c..+..Id..Z.....Y...2r.y=......u.T....]W5-NO.w.g...wX...3..\.V.t~..`.>...".....r.....I......m.g.>i./.9.....E.)..v.....Q}...9....._...G.._:.....t.7N.....m=.......Q.j.X.....\.$.."h,..%L..[ "..p0.@b.....y.....A..q!..(~6.Gj].k..P..:k ..=.L=F.Tk...~...g......Z......o......B1@8R..0....?...F&... ....9.M.A..R..N..3..~.A.v.K..^.?..k}.xJ...X.;a.....1y....e...f..5,..~..8.*/l..>o].f=..+3/w^....e..(....H....dr.2......0.rR].3}....1.%m$..f.!.k.....~J|..*....s.Za/:...v..V.....x...%@..q.....K....8z...........OH...|.w..t................l.>....e.A.....:.KY..QS...I8}...Y.5S..|U....w..4.om.Y@.0'v....2.T...?%........0m.~4...M...2.q....k...........mf..w...3...X.u.LE...b5...Z.....2e..*..;...o..@q.hG.p...V.Q.N.......P&!..|...;L*..O..$....rN.X..(4..`.yE..t!J......o.0.Y~....T{.Kf0h..........i.2.o.._._...+.8Q.]r....e.xz..y.L..S.u.0'u.S.......xo

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eulaWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):282
      Entropy (8bit):6.940987284812653
      Encrypted:false
      SSDEEP:
      MD5:BF8207A147E614132999E0CA79B32958
      SHA1:92C3C28D40DB9EF901E27ED7F3EDC419142E3487
      SHA-256:318728F9A4D5CDB3254F16244098F39B6CC4F4525611296EE415F23DD6588A3A
      SHA-512:EB91AD9498BEFF4DE1470C00557FAB2442C201B8E2ACEE5347B36BBBE9B5A64E9CFD2C5AD7A0A0BC60ADAF3C8680CA079442A4793EC57F1705CC7BB0CFF6C8E2
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....BPLTE...c...........b...........:g............b..H{.*.....w.Kk.!.bC.....IDATH......0...q9N........b...Z..W..2.."+n.k.>!....."....zo.....k|B{..gqz..@ .m.k....L..hk.......6$...D..N...R../.`\dr..0...q.c..kq....4..YJw)....$cF....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eulaWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):5546
      Entropy (8bit):7.907215583848211
      Encrypted:false
      SSDEEP:
      MD5:15F80FB96F1669851C98975A8B40C409
      SHA1:5021D636907F18276606327F9DA58C219D3CF5EE
      SHA-256:CF50FDFDAD1CF330F936990B3D78AFC3D8D1B5D2187444816ACF3911CB1B81AF
      SHA-512:A34C6AE604F07B2A1F60B3DEA70D61A0DBD1522A2BA09879FC98B3472BBF5D135DB13E509BA204B88C253A38314AA7716122061D00283116A3BA4F53030BF6B6
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......QPLTE...c..........a..Z..Q..g..^..|..L..U..I|....q....v..m..k..b.........q..@..r...?k.....IDATx...;nd1.DQ.P.Ii.{.....?m8.'.$...&..O(..z.............K..?.wOZ.....=..sc..s....?...U.,/..D.n..#.o[.![2...to'v.)...e..to.uWB.b..D..M.v\..A82@...N...rB.4.;.{;....V..X[..3.tWY...d...q.toGt....0.....L.v@w..U.^.6_...........+.2......q.dX.oL.v...7{Xo.7..u..3.D6x.......}.(l...%~d...v'...y..{.`.p.&.eA..<`...u.CS.2`......z...p@.(.........'J`/.6...[`A...L.v..S,..t."....K...e~m......M......M....o..7;..$.3...s..m.P.E..3......fb....SH..............mP..i.......].0d.zt.....v...?.F.C1.. .....m.[..N@..]..\..?.m..F.3..a...K@"[.|ow......!Q..".:...m....[wU.....9{... .....[..>lA..D"+rL.. ....bw....<.k.QMT.KV.......W.....s.P..%...%(.k.v..w.......rc..$J...n...:...n...X]..............t...........r@...6.{q.. w..-...}..3.[9..G5d9.f....O...t.$.@.g..+.#.QV@.t....d@..'^.=.H.Z]..%Q..$AY..yD..P...y./..aFF.'....I....a^e....q./.......P..Z.....5./

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_cs.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):271
      Entropy (8bit):5.028709411798827
      Encrypted:false
      SSDEEP:
      MD5:61A89A9DB391EC4BC5CD28C0850DC965
      SHA1:B4323630B80B4F044E5F5C574D6047C4C3FB9A25
      SHA-256:182EB62A3308647799CF69C1F34E022F03B1FB634DCF647FB7434AE31C8B2289
      SHA-512:DAAFA7148A6AAC73A9D6D108FAB84A4AE2276BC33EFCDF4C042959E7FFA721D64B61180093B2F3B4D3D999070C61A326379679F8071BB0E6E20F2DDB9451F5FA
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset238{\*\fname Arial;}Arial CE;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1029\f0\fs20 Sem m\'f9\'9eete zapsat text licen\'e8n\'edho ujedn\'e1n\'ed.\lang1033\f1\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_de.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):183
      Entropy (8bit):4.955566670603247
      Encrypted:false
      SSDEEP:
      MD5:47686DEC4ECEAEE18591DECF8D3E2D90
      SHA1:6A990A8977EAA3DCD3E69C0046C253F28BA837C4
      SHA-256:FBAE89F6354186AEBEF094EE73B6D4D33320E6BB6CCD031182BDFFD2937AEFEE
      SHA-512:6AA3827818315B780B56A1D31D24AD8C136FEE019B0B3D9C97186253FDB76D8F7417936AD800B623A7855D737645827120F37BF19CAC3C5BB32610F562A0D2DF
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1033\f0\fs20 Ihre Lizenzvereinbarung hier einf\'fcgen!\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_fa.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):392
      Entropy (8bit):4.800764905307118
      Encrypted:false
      SSDEEP:
      MD5:0970C225ED3DCD885A9F044C652F32A2
      SHA1:4D5D35E9EC2FC630FEE19A508B4E9B28ACBEB6C0
      SHA-256:F3CE17B2E8D34EA675AB0F83BACC7CCB8E4FB6546EF46C2B86322E3347C46B71
      SHA-512:4A6DEC4D372597F90C4EC1134D347248E1F0EAAF81D11E4E923EE4E7C5D6D3C3E85F585A89C19C631096741EC9B3833B4FC9D5C29D899A6633D3EF3D869C15E7
      Malicious:false
      Reputation:low
      Preview:{\rtf1\fbidis\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fnil\fcharset178 Tahoma;}{\f1\fnil\fcharset0 Tahoma;}}..{\*\generator Msftedit 5.41.21.2512;}\viewkind4\uc1\pard\ltrpar\qr\lang1065\f0\rtlch\fs20\'ca\'e6\'c7\'dd\'de\'e4\'c7\'e3\'e5 \'e3\'cc\'e6\'d2 \'d4\'e3\'c7 \'c8\'c7\u1740?\'cf \'cf\'d1 \'c7\u1740?\'e4\'cc\'c7 \'de\'d1\'c7\'d1 \'90\u1740?\'d1\'cf!\lang1033\f1\ltrch\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_fi.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):227
      Entropy (8bit):4.976701386381707
      Encrypted:false
      SSDEEP:
      MD5:62FBED3E8180A960E264AE0C50F6DDA0
      SHA1:EAED131F0467EEE2A6687F7A3B26C1DE2724F5DD
      SHA-256:019E97411C9219A4F6617E609995654CA79DE7B6EEC10AA214CB073FDDBB8FFC
      SHA-512:370DFA6430D9804548260E32D306B971C845E383270136FA7C12732CD2F09169BF2E277272A6BE4C532DCD9F0EA07DB4F1E4C63711E1D6011090BB4EFEA4B626
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset0 Arial;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1035\f0\fs20 Paikka k\'e4ytt\'f6oikeussopimukselle!\lang1033\f1\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_ko.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):479
      Entropy (8bit):4.686943223159262
      Encrypted:false
      SSDEEP:
      MD5:31B0FED8D94F3F4366BC4DDAB649A356
      SHA1:9A8D2A4B9673159A481BD91893F74665084D9489
      SHA-256:564A5C7771122F9F663AEE1D3DE5819C9200E913C72129F8172F7335F0BB8FB7
      SHA-512:D8DB571605EF17094898CD70A6CD568D780D44B298CC538960C3CD4C8EB4E85C923ECF68A5537262A061635BD961B8FB52AAA298FF49A7E3E7C52E35E354DBBB
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\froman\fprq2\fcharset129 Batang;}{\f1\fswiss\fprq2\fcharset0 Arial;}{\f2\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1042\f0\fs20\'bb\'e7\'bf\'eb\'b1\'c7\lang1033\f1 \lang1042\f0\'b0\'e8\'be\'e0\'c0\'bb\lang1033\f1 \lang1042\f0\'ba\'b8\'b7\'c1\'b8\'e9\lang1033\f1 \lang1042\f0\'bf\'a9\'b1\'e2\'b7\'ce\lang1033\f1 \lang1042\f0\'c0\'cc\'b5\'bf\'c7\'cf\'bd\'ca\'bd\'c3\'bf\'c0\lang1033\f1 .\f2\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_nn.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):243
      Entropy (8bit):4.861926890969193
      Encrypted:false
      SSDEEP:
      MD5:5F9615A54C7A1FBB90D6E7A48EC0D0B1
      SHA1:226E89B23AC6902D31DB6F54CC927D2316DD82D1
      SHA-256:37EA2D6A15F45582A0E5D23E5F620DD4C5DAC7866126AD727EAEC43C2C66FD3E
      SHA-512:423450301FAD8F7A426F07C80CEA5A2D8728DB5843584394799C4942B7A6595AC8CF88291238EAD82DDA1E67B0B849338BCA09F1312AD7E771D41B66913F842F
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset0 Arial;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\nowidctlpar\lang1044\f0\fs20 Lisensavtalen din skal inn her!\par..\pard\lang1033\f1\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_pt.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):203
      Entropy (8bit):4.942128733790023
      Encrypted:false
      SSDEEP:
      MD5:B9C7C4CDA27CE95B9D556956BBE2FEBB
      SHA1:CE5EEF366E68D3B146E3A1CD1EC37995ABE92EBC
      SHA-256:6151BCE91948F6D5B0B5D9F1EE88E74D14AE4ADB20EEB3F77FE8195E11C68365
      SHA-512:9E4EFB1E790846B299CCE5CF1A411F7E9C601CF67A1267BA42EEA14F31C2DF3549A9DF376F6486FD95BC73433E998502CE550C3B868282A7ADEEAF026D42A353
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs20 O seu acordo de licen\'e7a deve vir para aqui!\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_ru.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):365
      Entropy (8bit):4.564364869203804
      Encrypted:false
      SSDEEP:
      MD5:07778B134AE11A74320438261BD469AD
      SHA1:C94E2F499E698760CF960E606C14523B0B8C3C77
      SHA-256:7C287B5D1FED411000CB9F534B9EB66339AF90A41824282BCF0DA4BE1DCC7FF1
      SHA-512:A64FF49F4508164D6D4D9ABE5ACE6EF1EE975C813509DA371856F2D815335D7BE6D84E47124E573AD804F5027D61312C6EE2A498299665698BBD0FE063C64983
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fcharset204{\*\fname Arial;}Arial CYR;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1043\f0\fs20\'c7\'e4\'e5\'f1\'fc \'e4\'ee\'eb\'e6\'ed\'ee \'e1\'fb\'f2\'fc \'e2\'e0\'f8\'e5 \'eb\'e8\'f6\'e5\'ed\'e7\'e8\'ee\'ed\'ed\'ee\'e5 \'f1\'ee\'e3\'eb\'e0\'f8\'e5\'ed\'e8\'e5!\f1\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_sk.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):258
      Entropy (8bit):5.067838784225045
      Encrypted:false
      SSDEEP:
      MD5:5F4FAFB2AD460F755262CBCADDCC1E8F
      SHA1:C1E64333137E6DA4A7939A24A55E5A2319B403E9
      SHA-256:E9998D6206BE9861D4D4E71DDEC785DD4038B5F780870F1B5764890B964C5412
      SHA-512:D5CD2F6D8C5CD27A0DD82466F1B9DBF0BB078AEC0873FD46D4C06340869757D8056B78DAE4C690F737A257DA17AD2895228D8A7BEF653B8D28BAB4866C98F77F
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset238{\*\fname Arial;}Arial CE;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1051\f0\fs20 Va\'9aa licen\'e8n\'e1 zmluva by mala by\'9d tu!\lang1033\f1\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_sl.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):280
      Entropy (8bit):5.075446178180577
      Encrypted:false
      SSDEEP:
      MD5:856CF5F98AB377127AAE67C4B664E1F9
      SHA1:AD366D98A7BFCD8387C07CD5EB111C215ABE5A54
      SHA-256:722412A961B50AD2DAA8F8D2762A15A63DE429998731ED8CB0B1E57F15BC02D8
      SHA-512:CC921C31220C73AC468CF952D280B217C996F96A9F2859FEDF7CE468B31999A6294B6DC2A7C27DE8159A7720FA4AE3A41086DF34FEEAC52D295185EA554C6D54
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset238{\*\fname Arial;}Arial CE;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\lang1060\f0\fs20 Tukaj mora biti va\'9aa licen\'e8na pogodba za kon\'e8nega uporabnika!\lang1033\f1\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_sq.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):216
      Entropy (8bit):4.947020242694899
      Encrypted:false
      SSDEEP:
      MD5:213B4EFF57D3D813AFDDDFE78E77290E
      SHA1:3E187C9A76A8F286F48D795164B8678FE1F2739C
      SHA-256:1F075DB5F1C59C36B133691EE87995D7F6B97E2378EF377C0F4354218C8FA5C4
      SHA-512:F68B91E668BB86C236F94F0E2D0800B9A197018FCE683DE988DE7E219B9E21364DDA2D562AF40E7597199F4B4EA11E96BED9C7C56124C65547F4CBBAD983435A
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs20 Kontrata e li\'e7ens\'ebs suaj duhet t\'eb jet\'eb k\'ebtu!\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_sr_SP_Latin.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI
      Category:dropped
      Size (bytes):307
      Entropy (8bit):5.0315534376698485
      Encrypted:false
      SSDEEP:
      MD5:F7357C48EF90B01FA47DA00E8C99B9C4
      SHA1:D0EA6B2F11F7363A4E1F25BB65F90A6E6350D312
      SHA-256:C129C9A35DDCDC015E4AA7FC7F537C8BC0C4904E9411C5E3C412B909F8A2854A
      SHA-512:C6165AAF812A801A58F3769D7D8AD6702997E3531AD5D2247A0E96C62E9707C7828C9C79166408AD9E3E9BC2C1A2E9EEEF48D9851E21DA2C4C65CDED24C3D32C
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\deff0{\fonttbl{\f0\fswiss\fprq2\fcharset0 Arial;}{\f1\fswiss\fprq2\fcharset238{\*\fname Arial;}Arial CE;}{\f2\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.21.2507;}\viewkind4\uc1\pard\lang1033\f0\fs20 Ovde bi trebalo da bude va\lang2074\f1\'9a Sporazum o licenci!\lang1033\f2\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_zh.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):286
      Entropy (8bit):4.839360964290176
      Encrypted:false
      SSDEEP:
      MD5:C667D7E90242187D02B25A22AFB46670
      SHA1:0EB5C95C87B95507348D0B815B4B6D354DE16BF4
      SHA-256:82887038B5D950C60B22E1019F07CEDB852A891252EF3386E48331C022E0AA48
      SHA-512:DA2C44A12B8F2042E2C4D19704B4B722D2E2CAC1735DEEC07B198254BDE15EF48FA1C220C7F32F78F62E85890DDDB1F115AB392775D4DE0E732AD1C86348E19E
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fmodern\fprq6\fcharset134 SimSun;}{\f1\fswiss\fcharset0 Arial;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs20\'c4\'e3\'b5\'c4\'d0\'ed\'bf\'c9\'d0\'ad\'d2\'e9\'d3\'a6\'b8\'c3\'d4\'da\'d5\'e2\'c0\'ef\f1\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eula_zh_TW.rtf

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
      Category:dropped
      Size (bytes):254
      Entropy (8bit):4.847991462504462
      Encrypted:false
      SSDEEP:
      MD5:A6EE2CC05717BADAEEB7883808FC5514
      SHA1:2CFA39002D9CEC79D1A35066BAA2ED7D506F8961
      SHA-256:1B1446611BDB86FF94AC5B2F0AD3175AABA1E7EAD784F676F776D9D4320BCDA2
      SHA-512:D58369153A13B9EB4296876944B954D1DBDBF330600CF228FAB7C460771191DDB2AC1152BB6BDD12E3521E2BD17DC6F0033CEEAD305047104B8FA905A75EA331
      Malicious:false
      Reputation:low
      Preview:{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fmodern\fprq6\fcharset134 SimSun;}}..{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs20\'c4\'e3\'b5\'c4\'d4\'53\'bf\'c9\'85\'66\'d7\'68\'91\'aa\'d4\'93\'d4\'da\'df\'40\'d1\'65\par..}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\eventsWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):441
      Entropy (8bit):7.344616773995564
      Encrypted:false
      SSDEEP:
      MD5:66F7B703F8B1AB9F5A2621C98E44870D
      SHA1:F2378DBCCE32716F8961E63F05F98B987357E19F
      SHA-256:299E6DCB8D8833A9528C2EFE2E948D887C07D6BC5C355FC43D90E51C66930DB9
      SHA-512:EDC27E498069E9E4644C29FCB1BC7795FC1D5530BD7AC967106128DA02125B35D61612A98E9D3634A489F0505C8E0048639FD67D23D0E8BA82160D1D5F8B6A22
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....lPLTE......x..b...........v.....=...j........q........e................By.&...z............1z...N.^.....IDATH..... ..`.....4.....[..v...Z..x..K..F.)i.eHt.^..dIH2s.iM.....E..B&.h....4D....?g....C4.Rp..-..*N.s5.c.....#.H.*...L+V...{..3.p.;-.....q..6..K\.....SX<._.J8..HI.K....L.G.."..q....A.d..?67..p.J.`......`'8A..+F.G....F.......)..U4D.F..k..~.{fX...n....|C..........IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\expanded.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):718
      Entropy (8bit):7.651015646466543
      Encrypted:false
      SSDEEP:
      MD5:823CF71B6EF902470F470B247EBA9E76
      SHA1:E1CAD9F21C657DD47D8EF6CB4E7A1AD7BFF5C2DB
      SHA-256:01AA3D2C9B5181BE422BAE6D066A8103B799FD636BE270B2EADB978BC89D67F2
      SHA-512:4BF5C785949E5C834C2D9E8D67BA417104880C4ED52BE7303DFAAFC4DE6330E0ADA411F44A6F628F22954FD760AE1ECE263D1F7386C75BC4DB25BD27D25C090A
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<...pIDATx.tS]HSa.~.9;... .sE[..-od.!.... E.......("v..A.Z.B.........P...4.....b.[......m1M?x.....y..}.O8...6.J8X.'..[..-b,z+Kb....g.dq.cu...eS.k....~..{...T:|ot.N.......|.3.9....S.R..u:....(.:...u.K%M..,.......P....1.....%.H......2...]......7..u..."Wf.....O|4..d.U..\..z`'tw.Z.)T.:..3_....b..=..@....U..\..o..:........&..p.4Z].&x?K..".O..s..j.H..R.Q..J.:=..g#.Ye..zl....E...DI..+..9.6....k.n.._L-.j....KX..[......"!....!...a-. O.....s.j......G.$ Ko..(.......:w.....M....4...j...+T..U...?...Q.N..eM...}NeGF..C.K.6.$.T....&@6.`.sY.B..3Y...1..!..m....2..$..3..n6..C.;...v5+f.Gv.....o.&..L...$./......j..[....*...........IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\extWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):363
      Entropy (8bit):7.065539945088454
      Encrypted:false
      SSDEEP:
      MD5:6DCA29095C8A6D4BC986DFA73375D258
      SHA1:AC058102A55BEE16C7A34AE21EFA8423D8A94FCA
      SHA-256:0051994D7C3F393552D9F6A867F3F6773155EC5E3464CEB0C6153B3B8F95A599
      SHA-512:B2EBCD182572F96308CC1D006AA91CF7ACF23164537A87FCB92E1ED1CD33EE79A9F97B1070616B428BD9F4404E2081D8056CD6508C3766DFEC9DAD0D6B3C9B08
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....`PLTE......c....8w.-........c..}..T............}.....j.....3..................s........?.......fR.I....IDATH...... .E.A...n.....K.)...M....d....Byb....m`T.3*.9..........B !d]@A.:cB.j@A..AA...?.....p...../N.;.........&n}...&.FD..Z#B&.Rb6.;.>G8.!"MFP.d*P..q..].6.W.v..yHS_G...P.b.........E.(XEb...0<..3.!.....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\extWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1733
      Entropy (8bit):7.449004322365902
      Encrypted:false
      SSDEEP:
      MD5:489A2E777A196802FCBC4866C7623FFB
      SHA1:B5318B228EB4725B99E42D6F843E6CED1F58666B
      SHA-256:0000C41F130C5F5F35D7C40910398CE930F8C516AEB1B8C3C66A7284E54CFFA0
      SHA-512:DB229E5D6936C361365EC60AFAB920B790E2F80D163ECEC540B4B57774D2565CA749685EB9721D3D4095C80BC59859FEF1DCF416B44D0EC1EB480E57EC419D9B
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......]PLTE...h........w.c......Y-....z..k......7..........:.........nD...+......J....Q.._..H..a....#IDATx...a..0.@.D0T[........vh0):A..{W.``&..@.Z..A....;.N...;.N...h.@...;.N.........;.N...;.N...h.@...;.N.........;.N...;.N...h.@...;.N.........;.N....)...p.....\c=.yq...}.....<.....Q..67.a....{...r.g.q.....=....,O..x.\...6.{./....{./.P......t..=.{.~.{.;..k<...wm...<....e5w.v.]....=w..}'......z>.....|....r...p...}...^.....^....{1.....{)...<....i..nW..yv_.x.....O..^....N...;.N.p.F.M..}.;.M...............?.>%..w...p7S#..:.q...]f<.R....T......4.2.+..W.u.F..p.....O.w{....p...}.......s......q...w..~..s.13..p_.cp7.n..;.8......w.)..4...L....p7..].:..r...wXc)........B...t.R.F..........a..\...[..!N...YY7...6ft.3s.+|D.O.-w_...z....w-...A........]G.?...w..}.>..m|...p...>..g...w...3.}.k...~....F..Z,..X..[....b.wo....%..K.{+.p.V,..X..[qL...w._.....Y...;.N......N...;.N.......;.N...;.N.;/*(.Q.?

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\extract-archive.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 16x16, 8 bits/pixel, 16x16, 32 bits/pixel
      Category:dropped
      Size (bytes):2550
      Entropy (8bit):3.3524096003260473
      Encrypted:false
      SSDEEP:
      MD5:8D12F0A7226E996AC62F7ECAD9DC35B9
      SHA1:7563269BD1C859F1535DD22FC2384455FC2B601A
      SHA-256:7A360335C6CBF4CB04A40B4B0BF3808786739E72618B858D7505D02478D48B4D
      SHA-512:0275E83C974A19AEEB871AA146A0D2197621E9D218D2AC75A3AD677FF12E4BAC3BBD14B0053A0A7B4691148266DD8E2399E1EA5CADA1F6FAAD93989029BF7AC4
      Malicious:false
      Reputation:low
      Preview:..............h...&......... .h.......(....... ....................................V..Z..]..`..c..d..e..i..m..p..r..u..y..|.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\featWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1061
      Entropy (8bit):7.7928930320618175
      Encrypted:false
      SSDEEP:
      MD5:8B85147F8519A7F0F982A33806BD704E
      SHA1:02178078ECD3DD34DACAEA3450AF5150AC2F5F83
      SHA-256:541782E528DCD9095EC4B4884362F475304D3F87225341EE90EC8B7383354232
      SHA-512:5345DDFDCFA1C0965A9DAF37A453CF09D0326D57A129DC15797D4D9B0629E76E9D5AF1D3F3C601DB47CB0004B315B8BC483D2C3EFF57A0B3C82FCC5F2CCF957B
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....8PLTE.....Y.+..w....y...M...........U....x.L.{...~.H..6.......}.......?.8.4.2./...............h.`.Y..V..S.F..<.:.*..*.#..............u.r..i..d..X..E..1..0.-..(.."...............|..q.._.].Q.C.>.;.(..(..#. ........~..y.Z..S..R.B..,..'..$..#............M.'.%........6..&.....A.....IDATH..gS.@..C.l$.@..% ...R............Er73......y.gO.......|@U.....k..'^P.Fv...%..K?.$e.....3...>5UC.9.......o`.9*..x.....R...pGL .....[..........K......{>..z40%V6..jW..(j.....m.69k.....c...[.S.L....b.)..R.f..#2..GMU....W.2...<@1e.......E.U.+K7I_R*mm."...:dt..5.....C..q...VwI.#Z.g.iP.....f..D..p...L.^..D....5i.......YK..W........L...."...I..7..".xPs^....rR...*.4?.h..;.....-..h=..-;..q...m......B.B[.N.b....~......h...@g..~..'.{..C\G.....~<aD:..I+....|...1.~DZ..x@.5......f%.zx....u....)q..Hb.{....R.......9..K...,.X(.^.L.v.F.V..+....L.h.../.t.. vf..!,W.Q..3r&^K=u...g..=.p1b..8R.m.J6%th. .)..v2.%.n

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\file-download.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 16x16, 8 bits/pixel, 16x16, 32 bits/pixel
      Category:dropped
      Size (bytes):2550
      Entropy (8bit):2.686660642600911
      Encrypted:false
      SSDEEP:
      MD5:3ECC85FCA095E4A5C8CD00A40E87DD38
      SHA1:B272B2CCADA9E5D1395246303ECCAB25A1873945
      SHA-256:7269599FEB5E955D56C85887F752297F23AA7DC6BA79BE7BBCBB1AB74A887FBF
      SHA-512:D5E30D9A08BBAB5DE42F9AFD07293483E2157CF0DC8498E6F13AA2EB21D59222F011843A4590D42F90F8031EDCE2DAEE4FB727F329F8FA6419E1029D7A044E72
      Malicious:false
      Reputation:low
      Preview:..............h...&......... .h.......(....... ....................................c..e..i..p..t..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\generic-file.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 16x16, 8 bits/pixel, 16x16, 32 bits/pixel
      Category:dropped
      Size (bytes):2550
      Entropy (8bit):2.1780406519265587
      Encrypted:false
      SSDEEP:
      MD5:AAD7AA6A4B9B4FD9E5A4F347A830E606
      SHA1:350A6CFBA0D2945D621B653532C5D908791135BE
      SHA-256:ACA3604C7C4B53640238DF1374042A30C22A11CE07DAB5B2178C8959A57B85CF
      SHA-512:2DBAFBFFCC01CA7AE07615759A902263E8429B7102C52DA3D5C19F37FAE58F88A283C17FA3010CE79919F9D3E0FB0CC673AFDBE60D9CA84D20541A8F67152DA2
      Malicious:false
      Reputation:low
      Preview:..............h...&......... .h.......(....... .........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\iisInspectorWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1026
      Entropy (8bit):7.729894077529539
      Encrypted:false
      SSDEEP:
      MD5:8BD1B9D544E6819F4BE3F726A48EDC95
      SHA1:5B92C633F9F73C4C56FBC2B1EDAE488E6CDF8A7D
      SHA-256:61CE0EC291DFE10146E0BB8905CCE7B3E90301E00D78B7ABFF00930BBDD57A7E
      SHA-512:27D9B41463BC606A0C62714B5C6B7A1829F1800FAB492CE8C19603F92F824C34470352920D900B9493D87B5775141ACC7EAE442386B215C92B086F6A47C9DDD0
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE...............d......i........s..l..............o........................|...........................................................w............................................j1.....IDATH...s.0....@X.....(..]........r......7............^E_.QZS}....jPB.D.YC.Q..$h.WdW.8.P\Y.&<.DY.".-P...*..H.d...Q .&t..80..$R...}....0..s....`...{.H...../..!....p.@..............O..K..W......X#5S.)....._..."[nS....O.>.XC..%.j.+.UN"R.uD.R.t.q[.O......A.k..PU3.KCS)!...I...>.....ES.....E_.1u.%...0....Rx&|.1..*...s:N''..W.L..)Y.f....n...e.B...vl2.*4.3@......".4._.Vvo...s.}..<.4x&.]U...f....~8.{.0...a<..*..J.\.;......_.Q.{_..U..E...+Q_...d.."ou.x:+C.;.;....F...|.{J...p3...<..s..K..aN...W,K`.}.I.i..X..M.....Q.|=....&.`x...V....%....0".tl.b<.% b...>.W..P...h..m...C.B^.Q.\Eo.z..V..Vj.+u!.o...A.......7...8...8^.D\Ua....zfa.n.<........'.....a........L..".......;.s.E.O.)..).|.>..,..*.*.Y/....?.3w..d#.K.....x.|.M.p.@q...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\iisInspectorWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):6930
      Entropy (8bit):7.894670614389671
      Encrypted:false
      SSDEEP:
      MD5:75F696221E190CE75E8CD295F037A1AB
      SHA1:776A18E6ED6A79F9F3E68B417319E1F49D608BB9
      SHA-256:320BF7943F8E7813AA07DC144BFBA515B8C312FB4740E600619F090BADDBA9A4
      SHA-512:B262D3B8B35EF8412FBC2244C5AD624A39C6833F215B57FAA0D23B36266E138BFB768E9CC5F72F908F978ED24D88E1B58EAE2711CFA7F15FFC807E95F9627423
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE.......................~..|..s..q..z..k....`....\.....m..j.....{..g..p....v..s..............d......v..........`.........................................k.............e.................................T..l..Rx......IDATx.....0....t*.P$...."...\t.....f.`.;.p.$@..x?(I.......w......I..x......w....N...;x......w.~p...]..g{.j.B.!.}..s......W.nB=,.4...,.y...n+.....~+...y\.......1.....&[.....s.u?.c....q..|....v..*..p...MK......y.UQZ. C(m...;.....n.w.".. 8w.[...F...!.U}/2.:._S.P.$.Lz..V...9..U...."..WW6/..;.k.=..f..o9-.^...[.z.}.5b~@D.*..iVP...s....G.}P7..V........N..U.CJ........s_0x7....V..:...S<...#....n..V............j.Fuf$.A..'....lm...6x...I..|...w...o..m.d...b.....%`.{KFwR.8. af.oB.W.CS.7.o.}...byX..I&`f;b!cxLw.....>.X.v.'..S..........~.3.:.4.f./*. nWfw......WYx...E...........{CmK...d.v...v..;..+...,.j.VA..f..s...q.....c.....=.{~L.ow wD..kR!bj...h.....B.x......|Tr...W.6......_>......8'\.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importAppV5WizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):3245
      Entropy (8bit):7.716338889262496
      Encrypted:false
      SSDEEP:
      MD5:7F5C28C6B6107E23CEA4C77BF3C2E5F7
      SHA1:B7A37311E5568AD45A899DCE7EA594FC8FECF6F7
      SHA-256:0A34EC4F19EF85AD7474887B66510011D5B232EAD9F9F4E33DE78112637BB170
      SHA-512:189D037396324FF55893540BC2AD17086CD6EADFEAA8FFDA317C9428E4397F831CD55D0D3ACB0338B36A1C67461417CA34E415B2064FA43BCB6F34EAD12E7F73
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1........K....tEXtSoftware.Adobe ImageReadyq.e<...fiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:212F1C2AE8EAE3119761D420577A93B8" xmpMM:DocumentID="xmp.did:6C9FB64481FE11E489DA9DFFA27F8DB6" xmpMM:InstanceID="xmp.iid:6C9FB64381FE11E489DA9DFFA27F8DB6" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:34D7F9F0FA81E41187ACCC7582E1FFC0" stRef:documentID="xmp.did:212F1C2AE8EAE3119761D420577A93B8"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.o......IDATx...o........3.}.4......$n.&...(...C/E

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importAppV5WizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):11839
      Entropy (8bit):7.843789522215131
      Encrypted:false
      SSDEEP:
      MD5:85C625EC58817F4C58618C3562ABCC9A
      SHA1:7D34AE4CB8A8A79B02638E510E1896A637B0683A
      SHA-256:B5A31C2DF0368F966DF832285340DC7D5931828F8EC35DD00CEDE8F6DD91A5CB
      SHA-512:6B238025E7DB1E85DA1503AD19C1527AABDC4028B31BCABECAF5FD3E91E3B6DABABDD4F939EEC48CD315B5ED7F5D92E9BD228E6E12A0C159D57C3A21D1675281
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:......a......tEXtSoftware.Adobe ImageReadyq.e<..-.IDATx...i.\Wz..ouk_.zas'%j....,.=N.A.....v.......O.&.....a.....3..g$Q.H.lv...^w.g.9...&ER..&.............S..\....5...?.O..!..5.~...Hy..@....R.............<..R.............<.. ....)...Hy...<.. ....)...Hy..@....R.......Hy..@....R.............<.. .............<.. ....)...Hy...<.. ....)...Hy..@....R.......Hy..@....R.............<.. .............<.. ....)...Hy..@... ....)...Hy..@....R...........@....R.............<.. .............<.. ....)...Hy..@... ....)...Hy..@....R...........@....R.............<.. ....)........<.. ....)...Hy..@....R...)...Hy..@....R...........@....R.............<.. ....)........<.. ....)...Hy..@....R...)...Hy..@....R.............<..R.............<.. ....)........)...Hy..@....R........H.Q{..s.r..]UL.H3.0MU-M...H...Hv..q.....J.e.W...q..5L)....n...w.. ....S.3.Hv....k.pr]..X.v.i..'.i..bq(...C...H.C..2FT...ZuUQ..d.t..;.m&..5%gj?....r.....?.8....+%G..^..5..<...n..CQr......n(.8'..8.|.]

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importAppVWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):945
      Entropy (8bit):7.728480405984006
      Encrypted:false
      SSDEEP:
      MD5:8B5B41604DC138E28F0B30227EBC5634
      SHA1:37D4520B54879C3A8587D060EECB205712B7566E
      SHA-256:020BA8F80DB0AD476DB27C601E3EDACF975B11E7215E2B7C5F9A0E7A3A55CDEE
      SHA-512:228D37679A844188DF8CBE260EA5A41B1CBFB56CB8B84AA90090464404891436BC78CE7419758CE95105FAC1AAE5881D9ABA3F9BA5CE7D3A8998D8D0A20F7AEE
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....&PLTE........Y...]..c..V....U`..y....~...I...h..~.............s...r..R.F.<.,..)......v...{..s..k....W.8.5..................................u..M.0.}..................k....O.C..2....&..............................D..%..#.. ..............W..S.2.................g.R$....FIDATH....V.@...D&MB..-..f......]...Um....D3.BE...s....<3..`o......_..i..U.......f..GB......`..C.K...P.e.....e.Y...+.#XE.2-W0...k7X...`x:..TV.(.K.C[...a.g..`.......>7$Uj.......f...."9.T.V...W...H..tZI.f..O2".......y...^1g.l.V.. ...&..uT..s!~.9.#.7t.+gi.(JA.].;.`{3k..(!!.F...U.u.5...4+G...L.,...y...9n...C.RD)~.).6Zp.;..+Q......a0w.X.-.:....74........Q...E......h8Dm.L...]...p...p.?...p...".G...."...'..'.qa...).RW^..6;...T.6.m.....^..1...x<.M...;.e.|k..1.x&.Q..]z<v....C....I..c+,5B..v.(Hx... .c;E.NL:.]t.(.....X....4.....u+....@;F$.e0...*U....Z..S........5G.3.......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importAppVWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):5496
      Entropy (8bit):7.858110825304846
      Encrypted:false
      SSDEEP:
      MD5:971E8AFC4BC24E75C2C5A85CB9FE65F9
      SHA1:9A8C9CF56290F5170AB7C194D9EA35FFC020145A
      SHA-256:E107D4DB3757484BCECB90BB46D05E261B378335BA06777134D3A3AA61E0BD5D
      SHA-512:82773FE26FA80FAE51E1A8DFD37302C4C787F796573B9BB1B08C8FBED83DBA9D79DA21D25DF2DE908C84F0D5E12B38286812DB8964A49B740B141DFC3AF8367D
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE..............Y..1.....s..`....6..W]....T..<....L..z....c..o.x.......B..h..F....P..\.}.l....u...W...._............e..r..x....i.)..x./.1.-.*.!.M....7.@.C....%.....Q..................Q..2.........]...}..D..hr...X.....CIDATx...kk.0.....2.T.%.-.t.Z../s"."....9'i.:..b....>.|._.^............;...................x.t.t.t.t.t.t.t....<...............rt.................9.............;cl..l.G.{B..+.M.m.m>.n.t3tO..[...V..k.....;..c...D..$W....l)Wmj.>ek...'.d.v.W.?>>..\..xcn.(6tO.Ir........CkI1.{.H..z+.x.c.R...fe.(.tO..9..l..{>.j...C..{.H...r.G_.O...>d...'.....3.T.M1.{.H.....F.w.....=q$c......R.&ztO..pF..<.....T.....{.H.=.4.p..n..L..,.j.8.q..<|...:.....C...{j....~^s.c..-...(_(z.qm.Q....+...Tj....f.P(4u....;.CWC......TL>.]..V.|T....").A:...j&W..yvO.E1.{.H..J.yz._=5d....Fr...9.I}...;Er..0......$9.....bB.x.._7...uw.....I....$..b/./...... ...a..g7.k..>..=9t..z.c..v..~..'...g.........-t..t........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importAppXWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):551
      Entropy (8bit):7.533741749398949
      Encrypted:false
      SSDEEP:
      MD5:DDE36C1DE0CC8D57FC4886E5B1D0CCC5
      SHA1:E1AB36B361C6B63745797967790B48394D8EE021
      SHA-256:9C1C94A713A4E090F9875295B0B15C59ED2AA6D99256978F6FDF940DE5162F02
      SHA-512:6BA33FC69A0B80B0B2D2FB9D445518A99602AB4DAE8DC1502CCB4355E170A6F576CE09612BE49705E4A58AC0F5F51EDB6544DAAB89A540EF4347D8F2E68072D7
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE...]........h..a..}..e..V.....j...............s..............................t..z.........l..............u........y...V.4....^IDATH....r.0......a.DD...R}..k.RAD...8.7@r..\..'F%A<[...j]I.....rY. 0..............#%zj..Z.AI.G......]1.y,tk..j...3#.......L._.)...`.Q ..o.;.m.r.$>K....Bp.v<.ej.@)dti.^5..6Q...W'Y....6.M..^..$|iGnk......3.3.<..Z..1.~v..KG.....Q."g...~]G.C........"......4..>....EX.-...z .r+QV...-....1?..^...|v..%..M.fy.o..\H.\.......'.:*4".c..Db.F)N.zR..t6.....S....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importAppXWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 4-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):2215
      Entropy (8bit):7.744905870445509
      Encrypted:false
      SSDEEP:
      MD5:9DE6CFF48B57B78DD17A88496F94B3A1
      SHA1:F1679DE59BD326F413D862C124C51619ECAC9D8C
      SHA-256:20CC9E4D6059767699F69149A2A9DCA242CD7C5D1CC3B5FFBAD526D4B35D770E
      SHA-512:5EE4B0ECF4F4D978044316800C018AE5BE1DF58B62AA9A102C79C008A630B30A2B497C0467FD9A3FC23EB5C3DE3D982AF21FD5B81D2C144A2C1955B379D68D0C
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:......-.~...-PLTE.........i....}.....t....^.....................5IDATx.....A......q...ND0...:1 .1.=..9.'.q......H....E..).N".`e...)...7s..5.FQ....^r....{ovoo....=.{.<....<....<....<.....-..x....x....x....x......<....<....<....<...oK...x....x....x....x...%...<....<....../.....n...58;.`4~U....F_4..^.yq....'}^.\..O......8G....<....<....<..{.<....~.-...x....o$7....".*c|u/....<....,R..'.OOP.}.......x.L=.<...i.7...K#~...s_...x....x....x.m.....<......}..2.......z......x..j........'..=.-.....x.M...Wl.*.x..-^]..4.}e.W.k....U......xg/E..x....x....x../....3....u..._...|.*..._.........7S.>.f..].y....J.T.."u_.z..OEK.)]);..~...)uH..*U.W.L.s.n..O..k..-#.G.?.....zd*.N..Q.]....*.4^...xC'uj.3.M...b)]uu.2.........$.x...8.....g...n~..^%..3..E..Oz..C?>.B.8......o.....Lt.....O....f.....J..~n.....QO.s..... ....9Uz..W.7._.e........5...D...4w....o=[...V.@,...._..'C...........y.l..N~fN>........8;.w............:...So5~.7...]..._z.....bW.$f

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importModifPkgWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):2480
      Entropy (8bit):7.547663020009457
      Encrypted:false
      SSDEEP:
      MD5:6E41D10E34608FE9A8F3A22096303CC0
      SHA1:B883BBD20FB8AB2C81D7C6D3AD2163F9EFD2A46E
      SHA-256:F3D6E293F292DF2136A5ABA98FE733BB859C88851C27DCB685D8AB2E0AB13987
      SHA-512:1C64B0C100F21A16DC5BD2BF34CA1CBF8A444615D1FE6EF90442FB10A042821AD86650ACFE68FCECF5C014FF09C722BD89648FD4BE85A74AFA50F5FE7F903DCC
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1........K....tEXtSoftware.Adobe ImageReadyq.e<...|iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:212F1C2AE8EAE3119761D420577A93B8" xmpMM:DocumentID="xmp.did:5AC89A1DCC8311E88767F81A417BF6BF" xmpMM:InstanceID="xmp.iid:5AC89A1CCC8311E88767F81A417BF6BF" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:0734fd0b-dd1d-204e-8723-d2d9f82f3c58" stRef:documentID="adobe:docid:photoshop:ec3b2b1c-ced4-5346-8c9a-f9d39d98194c"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..o{....IDATx..ml.u..{w......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importModifPkgWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):8590
      Entropy (8bit):7.839732275556701
      Encrypted:false
      SSDEEP:
      MD5:EB1502F2AC9DADBA0B0876B3ED25BBF7
      SHA1:7885B8B0E0B0124E121EE6C5D043515DEE9915DD
      SHA-256:3AE3589718BF1DC91F7ED805E8A556BA13706C3D60CFED2B9F9C2AB7402F9300
      SHA-512:70E46006A9B1FB5E15D575FD49AE9477C368B6A3753249BA6DDADFBC7A21616D50A71FE197F62151B2B6958BD44099B39BD459F890DFAB11F69BAA8F61BC6701
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:......a......tEXtSoftware.Adobe ImageReadyq.e<..!0IDATx...yo.i..qV..x..}....9}.....f1;.f.........,. H.l.l..f...>..v..>$..-.u.*...i.e[.u."..g.5n.eJ4..OO=*J.........t.;.x.....@...T..@...T..@...T...<......<......<......<.Py.....Py.....Py.....Py.....*......*......*.....@...T..@...T..@...T...<......<......<......<.Py.....Py.....Py.....Py.....*......*......*.....@...T.....O...T...'...S.VJ.....=B.lSc...<.E.._.20./.x)....w...w...S.c.;'..zsxf...L*[2x......)...)^..k..'F=G.........u....|w.%.}.7....cN,....S./.f.....M....|G..:.?...k[..O..?7..........T...]._.....l..C.._>...~..3...2...T.S(...A.....}.{.GB.......S......c......I|...#C.C.....gf..J....*..D..;.>8.j...<.{j.:1...\.`...*...]~.P..~E.Z}C}>..T...o....w.......K.....@....w*<.u.......S.n.M6....m.T.7......Rk.h......W3,..... ...u.1......ose..T..FB.....AG.oh!U...x..........b..#...[.q(b~.S|.oHL.b~.....xN..........3.\......Y.^..{...5.C.%..W.zm.cx...*2.w.<p....}/........&....".....m/.kv.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importThinappBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):986
      Entropy (8bit):7.7100077957948425
      Encrypted:false
      SSDEEP:
      MD5:CAC62C5C54BD27CF959652145998298B
      SHA1:5339EB9EFEB4E19598BCB0A3412C04D46EA24A1D
      SHA-256:E00E82D282ABB20F3C3FA63CBCC168BBC5019571C93F0742B2B610E39F01E871
      SHA-512:699B3EE6FB069DE4EB12A7F08051229E0ACA5CED4435DCE5BD7E3EF98F50B2FF7D6AC689993640EF956FBA37C5BD4841FE4B5B6526FAB6929989E082B1E4C2F4
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE.........]...TK..V........b......|.._..........e...T..TT..Q..C.....v..t..s...TY..D....................l..l..i..i.._..\...................h........Ly..c..e...........................................[..Tl..G..>z.=y.....................|................w..u.._.._..V..O..En.6z.4...Y.$h..s...............z.._..g......f...........m].a..D\.=..;r.1x.(\..[.._....rI....IDATH...i{.0...a.AK.NW.n.U@....k.t.....}..G7M.(."y......C..I...4.]..}5...:.Fss.....3..g...86.c.q.Cf.7q96....|.,.&.......)..>.4p.j....G[.M.J.....V[=......0..h.Z'U./..,..)W.{.x...y.#`,{.wo>../..?...U......R.Q,..:d:.....Jj.....Q..F..<...+....(..,........H.....=......JID._.;.y.0(..>{....k..G....*.q.<.The9...*.....$U.$.'..Q.U.<..,<..Dd.{2.y..<l./..2..6&.....K\*..5+A....%y.....rI.H.3<.Q\s...g!...m..2..J..".!.....).....R....Bb(..p..U.%....D.._..1..[.D"...l.7.......Q`.;...?.dxq.!.uQ).P\......,..$.tlJK/...w..P.yS.8....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importThinappWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):21429
      Entropy (8bit):7.985237420840008
      Encrypted:false
      SSDEEP:
      MD5:56512E6AAC3CA49C5F6D84CECA6F2D86
      SHA1:6A70E71EBC84195AA85833B19CB36BCC00A20531
      SHA-256:EF7412901BB68E6740471E9E28145AE4D93731562A6C8E13E1E4123F7AAB3E27
      SHA-512:8105B1AECB68ACBEA6C0CAD9EA097EEDE089AA956CCFCB0DCDF5A32515565AAFAE1CB1DBE078ABAAD5CA10CA9D661BBCF1E1F3CEDDAB683CD25BF98CB4E698A6
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE.............................`.......T]..=z.Y..a..h..P..C..J....S}..G....S....ST..k..t..X....=n...R.....[..@t....L}.~.,S.Z=uEa.'q.i>tg...V..B}(y.>..e..c..Y......R.IDATx...K.%9.D....A.......A.....D#C..d%o<..5[w.)..1.1.f...)..x..jJ.....Y!...x.}.T..8.h....D....Q.....Nj..clw<.%3X..h..z&O\.!r...a2..'.H.B.....GE.j.Z...;......a.}....].i.......$8.L]..9..2........8..'r..y<................&......sh.V.v<}d....!).;..\G..x.Sa..MN.KH...Y.W....l...$.`.....................I<OV....)..k..........0.t6.;..K..."..F...HH...\.6.2U.|r..V4..R.q#0.Q...F...+W. A......%.s...L...*0...~.UD.Z.(.R....y....]p..S...Y.JkI..:.V..V..{..a....G...N..#)...J-..,.zn.F...........t...{.S[..[...dE........w..km-o%f.....t<yD.gf=...X......r.Q._.?..9....Z-^dI.....P+kl...0..v..j..k.w..8...-I....v2.h..F.....Vb#P.;....N..U......}4..%.,^.T.....E.A.}.y.....y...D..$.Y.P..)...o@.c.xg.a.z..)F.{..v.....8'.hY...G............;x..DT6....:..z..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importUwpAppXWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):2523
      Entropy (8bit):7.543797128717546
      Encrypted:false
      SSDEEP:
      MD5:98C4E13DF0F12D10ECB533C34C20C30C
      SHA1:F03EC166D9195E83D89EA72D839E20303C34DC04
      SHA-256:9E420E06FB74E2B9B9D5F9E5636B49CC9D121003D8E80C9838148D63F79CF0DE
      SHA-512:9B379536D6720AF9AFB0BD60DEDAD31C1CF83F2A1E8D6023B8B52AEBC362F01C79DF934FB5DDAC9DB3F7782365C0070A1FF612E6CC40C11D393C37F8DD15F91E
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1........K....tEXtSoftware.Adobe ImageReadyq.e<...|iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c138 79.159824, 2016/09/14-01:09:01 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:212F1C2AE8EAE3119761D420577A93B8" xmpMM:DocumentID="xmp.did:23816B831E9C11E79919FB2DCA6ABC82" xmpMM:InstanceID="xmp.iid:23816B821E9C11E79919FB2DCA6ABC82" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:bf3e2783-7fa9-c642-b7e7-462e0ba536a7" stRef:documentID="adobe:docid:photoshop:c261f26a-1e96-11e7-aafc-bbaf87655f0b"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.P.w....IDATx..{lSe........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\importUwpAppXWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):9415
      Entropy (8bit):7.848812812759592
      Encrypted:false
      SSDEEP:
      MD5:8F15CE01536C0E8898468F64EDF2AD78
      SHA1:7E97630DF7E82149CA376C030216B5C33B26BD5F
      SHA-256:7B86089D43273ED07F81CE551C70FA7A8CBCAD4A1AEC4C2AF5A43453695449E0
      SHA-512:BD68F4492C53EBDF7F103CF3A55F546706F8C6657A186907B6F62CFA46ABE645F96C4BA928EA1B4C67636371B67C1C4031A77BC31EA08C15D8671AA1BCE536D7
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:......a......tEXtSoftware.Adobe ImageReadyq.e<..$iIDATx....{[.}.q.s.o$A...m....E.%.K...6.3.'{:..<...\.Mn....`.v.i.f.8v...=.cY^$/.E.l..E..F..9..........$.}?=QEZ........8.....&..~..nn..n#s......Py.....Py.....Py.....*......*......*.....@...T..@...T..@...T..@.......<......<......<........Py.....Py.....Py.....*......*......*.....@...T..@...T..@...T..@.......<......<......<........Py.....Py.....Py.....*......*......*.....@...T..@...T..@...T..@.........;...>.....{y..>8.P...._.eQ...W+...........Z.Y2.+....<..}u.M}}f..1..[..,....0k].Y....f.-.%f....o...<...w..M.F.@..V..?{......R_?>.e....ko......."O..?.........-.t.......=[.I...W......o..>.W..o..o.u..7...T~...o..(.=w.....;..*.z.E...@cS..o..`3..?.x.,.*.Z"._?>..Z......[..?.-4~......^.C..|+=}h.....g.e..W........z...X..}u...=..6.\...4.@O.7..X)W..8..>.....:_..x6..O...........7..y.;..*.!.....{...\.s../.k..7..."..\..j4.^...=`..C~.cU.............a._x4..o......v.1+6......h........jV.o....}...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\innoWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):18234
      Entropy (8bit):7.973755088349967
      Encrypted:false
      SSDEEP:
      MD5:3E685C098C8A44D8454B21C97F610F79
      SHA1:A9B1FC18883E209D6507FFF07DB593013A47BA5C
      SHA-256:9223844A3A8989AE544AE87D16CE85389D43960F6A020F1AC37914B218B6DC99
      SHA-512:080DDF63817A8E43941AA87911A831B9CB85A9C71676B6D39F8BEEBDA8BD4C68805A01E7599224616D010BF6D47CD962B18F4808FFE99238CE093FA298B13DDD
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......8PLTE...............................?j......{..u.....]..?..C..1..4..8..O..(..<..*..$..e..-.....[..K...Iu.P|.^.E..H...l..e.T...W.k.....X...._...r........Do...u..(c.....v.R....!z.......e..p..n..............V....y.........X.....{........t........6~....q..-u........./l.k...u.....a..Ex......G..i..T..[..?..d.......=..E.IDATx...c1..L.`w3Wp..y.s.....4....m.8E...=....z.D.a......5NsT9L....}.I....rW....<>...IM^?..n.(...y.9,.!.<.$.....J...1.t..".TW...Y%+*eo.8IE..).......l.&:.\y..x.*C..c...q...0&...z..5$$.B..np..J...H..._....Q=.R..-.....j...w..4...]Bn.....$$..I....$.......B......[.QZ.,HY.F.G.e....:.@ .F.I-J.'....T$lR...Q..\.....t...(.)HB8.b......9((7J.8...tu.N*.7[.$...e.8.....H.#.......c.....t...........=8...(...Jo.S9m..`[%{.e...]`.)..y..s.&J.}S..uG.$.&jk...M...<A.=q...K.&...\2...-.....qn.rC.u......M`.z.`..9..0.dE.mNX..+....?;vnk...@.3$..........?{'.rB..{.......E[x.$QM&........C.(@S......3.folp&..=...8<...Q.w..e{n<..II

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\inteliJWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):739
      Entropy (8bit):7.665084163757267
      Encrypted:false
      SSDEEP:
      MD5:16653C226C1EE0DC91B4F9C42C05536B
      SHA1:7ED9705899BBBCFF6C66E3D28B370BEB1930F383
      SHA-256:9D1C6770F235E44B8DED8D07D2355CCBF0A713D9D2881FF5D3135548DCC1A3B0
      SHA-512:AD3AAC197BC04DEDCA26A0560ECD640768391BCAC748ABFE636DE269E3A35B84826A53245EC1327DA7CF1DAD299E7B0F79A70C92B55F991CCB6C0FBD452C7713
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE...w........].....V..g....`.....t...........................o..c......C..............{..w....i..q.................v..o......................i..j..b............{.........y......G..&.......W....Q.....IDATH....r.@..a.Mh..A."Xb.k........$d5e&..o.3..tg..^wT".;.Q[*...ZH...'...F.8....&&.bq...B.?...+"...f....}..b.-.P<^ vP.......<.....j..m..5o/w.h?yk.6Z..\m.J.....f"...T.C.Z5..@U0_.K.c|*V2'h..LJ.2tT.....p$...0......z.t/.9.-.,.T.w.....=<...$....S..$..aIx$.@x ..(+...AC;!.........ti..M.4=...f"0X.g..y....{................t...Rp.U.5..k,.8......<...o.2I...A...x.).P....^.......D.4.@pq.S..V..d:.E.A.q/......$u......n.....!..^...O..hE.m.gz...+........IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\inteliJWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):17419
      Entropy (8bit):7.9765323454163255
      Encrypted:false
      SSDEEP:
      MD5:B8638F2CC5565FB580184AA5286263C8
      SHA1:2F5F2AED8395499F83F5C4FAB1885E98ED40AFB4
      SHA-256:4F76EBAE75FC0EF4F4BD1B70157D08A9EDFE0407BF29357D32612FA97611317D
      SHA-512:889393755B542CA964E624C59E4869AC3CD83815E18696D0DB3B2CFD0920839F088813C6B09F8CDEB49A5566911977B79CEA01B2EE127F6749F142B01A4B11DD
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......cPLTE.........~..|..........}.....|..z..Z.......o..k..c..s.........~..d.....}.............]....-...CcIDATx...A..1....@.n...k....g7O rSP.P_:.\r.sY.^.......wR....g...6.c...&..x.@.#...=Nj..cO....|L.~.w.xl.......j+?g.B....X...!.HH...1.5.g.5d....#..d......nc.l..V....U..8.T.g......c~x;.F...;.p>."x.N.....'....w...]....-....=...k..j.J...r..bO.8jw,."..u....:.1]......;...+0aDC.|.\dw...Z...I..8..N..o:Y..!.7...L.X.......a..o0..JC.R....&.....7)....".8.s...xq.$`....3.......Y......v>.5..6.@........E...Co...E.\5...t<.0...k0...0.6........9..^..Q.....jM..^{..0....w.X.-..Zc.....yz.@.....R=sQ....k.Q.d...up[G..@43$.A.....K.o.. ..A....@.....u(.&$@.]..Z.M.)...i.!.XU..F.1..Q.i......q%...}.6_hK.c.Z.@.H_[..P.m...9l..\A.=.m./32...8...H.,.....@X..P...+A.y...6..5.c....2.vS.y..6.l.$.+.yYG.....!kA...... W..TmKj.)...M.....>.C.........y..&.!.D.$.0.&`..........d..6......I3. ...i.H.i@.B..m.9..j._63.:..K....../..........zO.$.$...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\intuneWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):2391
      Entropy (8bit):7.530930494081327
      Encrypted:false
      SSDEEP:
      MD5:8A8C49B663BB3B2E7BFD463A42F4F5DD
      SHA1:C32F6C70B9270BD68406EE661DB118A64E1ACF13
      SHA-256:A0B075FDD1E4D4902B588BE61FF129AE1D2280B73F051EE3B72C97F8429CDFDE
      SHA-512:0E9AC33C0041E2363DE4BB39FF5131A11D5853C26FF94785AE4FEA6DF9BF8279EB8C9B30809531BB3C6F1B17DA43F78D1FAA7329F7354F1E9F56776237667408
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1........K....tEXtSoftware.Adobe ImageReadyq.e<...|iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:212F1C2AE8EAE3119761D420577A93B8" xmpMM:DocumentID="xmp.did:002A27C7706611E889B1B7949526C1ED" xmpMM:InstanceID="xmp.iid:002A27C6706611E889B1B7949526C1ED" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:b521047d-40a8-cd40-9da2-8a87402e7bd7" stRef:documentID="adobe:docid:photoshop:958b0391-396f-eb41-b08d-cbe8d7dab018"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.B.u...qIDATx..YyL.g.o9J)....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\intuneWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):6625
      Entropy (8bit):7.784121604305129
      Encrypted:false
      SSDEEP:
      MD5:14DC15C1BA8D390A19430408FDC2AAB2
      SHA1:A1B3106F43162096AC2EE4609D6844DF69EDB7F8
      SHA-256:5C779254CEA77B3B33A6D1A65B8609A9FDAD1CCEC78BDED0CF49783595341283
      SHA-512:D3237B291A69653228A909E0DC0AA98DD6F0E233BD11B2B0E0EA7450C532EE93F2CE24B3B2909BC79CBCE5E75291BE23B14AB03B1EE7DF3CB3B75918B46A7E22
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:......a......tEXtSoftware.Adobe ImageReadyq.e<....IDATx...y|T......$.......@.....P..u....Tm.......c...P.>.u+..(U...De_......m.....$C..2.dHfI>...c...;....9..s$^.....`^=.".......).. ....<.........R..Hy..).. ....<.........R..Hy..).. ....<.........R..Hy..).. ....<.........R..Hy..).. ....<........@...Hy..).. ....<........@...Hy..).. ....<........@...Hy..).. ....<........@...Hy..).. ....<........@...Hy..).. ....<.....R..@...Hy..).. ....<.....R..@...Hy..).. ....<.....R..@...Hy..).....>.._.$M.S...M.._.d0Q_..8)?wx`r.jb....1......l...K.F..Z....|l...x.?.r...b...FCF^]z.v[vmVE#E...K.9)...+.G.xt.....m..z..b;[........5.<-&...I.b..3....%~F.V.d.....M....z.+#"|....(......mm.m.{..l..n..CCUC.....T.5%._lO.ml5....$....Wm...)?+9....G!...8.......#W....mne.....&.............x|...m.N{?~y}+...xd[.. ...b....5X.ef...l.....##|#...<...b..(...u......uQ}..^|...w`tM_.I%W%....4..v.k-#...|...s.|.....O...x\.o..m.QG[P.e[......W..m..S..*6.X.|{'.v...}.......yxl._.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\islImportWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):996
      Entropy (8bit):7.761434370097079
      Encrypted:false
      SSDEEP:
      MD5:B6A05D21ED3959F238FCF29B3BD6EFAC
      SHA1:6CDF85A9C7058E2EF829C503B7902445437CB59F
      SHA-256:8C429EDCDCDBA16B8033D4F33DF785B64E6C7A6CC2FA5EB18460EBD2123618BD
      SHA-512:5BB05A6253709F9D5ECFB94614BC37A7DEBA7D66A9FDEFBE01824526BB4553EF455D41594A9CBD3F2268E56FF00BF33C5A44387B2845880F88CC5ABBD07FF316
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....5PLTE..........R.]...N....+i.....M..H. c.....Q..O.(g..K.V....`...E.......c...U.........t...T..O.............s..h..y.."i...........{..Q...[................F..?{.._..............o....l....d..X..3s..a.......v.....j..e....R..t..m..A}.(k.+n.........~......y..........L....$f.Fv.'f....F~.3r..r.7...jIDATH...YW.@.../dh...1..$..A@T@@D...}.k....:lB.@.i/z.{..y2...E/.&.2N..}.h.mf..2K....../.|'A..........l ..&....]h....%.-...#..W1lk..,W..U...)b.T:%4..S.0......Ne|..$.0U.8u.w5S......&...u"......as...!..<.<&.......i.].Z..d. pA.6?&...{#.`.N.....9<n=.,$4ly*.X...P...... .![....JQ.ry.R.]....E,o.6.....j...0Y.T;..H....u.S.0W..1.]=....x...`.ze.Y.?..........>>.9.c..5..D....yF....fP...v..5-..........L$S-r...E.b.?..68D..nQBh....H.....ET)sf.~'.......F..........o..%.U..!..+.D.u..!ne.kO.....C.[.Z..+.y`..VOI.(%.b.p..p8.DO...pT..6..J.c......Au..[......gT,G..P|T.*..../..S}qs..U...B..l........?.`;..k..M...dY........IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\islImportWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):15584
      Entropy (8bit):7.964683530992468
      Encrypted:false
      SSDEEP:
      MD5:88AB1A61ED7E9936F6AC4819E19A356A
      SHA1:F2D8F9EE693723CC3279EF10378A42B9E1DD577B
      SHA-256:5C5BE3759B6486CA7E84017F243489EC389F639231C9B08391B748600F965240
      SHA-512:CB8D365C7ACB3E11D7871990E3F1E6533B00D0C82654DF63373E837AFAE32A2A7A8E26E960EA7F683659203B3BB4A9196624BADEE42F97A0FAE877FB2D4E24A1
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......uPLTE.............R.......................O....{..[......Z..J.......3p....p...b.......f...........N.....x..........x./...<&IDATx...1n\A..."Ht.H.?....h..0...+.Wr..;..U.Zi.2+A$.....b.2......M..E;.P..5y.6+Ik2......Q.aE....8,!+.M.h..S...b..a.!....a....qm.J&"..C_._.wb/..D.b.Ab.*%.....<b...P..2k.!!...S...)...!.=.?...I..6SI...K.j.PC...:d9.$...6......3Y.pn..qQn..\........n .l....8.*.U.m.`M.......f.%.. .e...K..P..U......H.]...@.B9....CG......G.Kvz..I\{C@..h.[........3..]..w.p...:.L.c',..(...d..Ul....3\&k.S9....6%W.qg[@......z.:a.2{_..].F.i.n..X4A......U<....H...d.I{....T.v.m.......$...@.,..-y?zh.J%'..R.._.Z=nW...Z..y..1c\....f. ....Q..NN.wo.e.j.....A7..IT...B.p<...(.D...n....krK[Z8.`...rx....e.......V=...$..%I.&..d.s.......Z....td.Bk..7..5..c.L...WAT.......L.(..Oz....y......e..k.+6.;..P.J9%Mj.....rJ&.$....b...z.!0..E$eUHG....B...'Ih...Z7O.......m.f.%...2[...3..... ..[+..u;._.....1D.V..Ts.+K..e......Z..Q.........!?

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\javaProjWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):659
      Entropy (8bit):7.519134524345608
      Encrypted:false
      SSDEEP:
      MD5:513DB24E15F1C28093DEB48FD1FDF221
      SHA1:29BA21269AEF8442E7D355F0AA72F194540982FD
      SHA-256:F6605474AF6F87E25C085532049B2A08C0F9162777B3D9E2213589BC10E11020
      SHA-512:D960535E965CBB19C28B12A82EBFDED9225454DAF1C0CC3D7E2A971A3F88ECD9ABE2E282C17C2624C5684001DA54B417995059DED5E5747BA1121CDEBC2A5BAE
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE.....n........q............................~.x...........................................u.......................................p......IDATH....r.@.@..o.....5.3..uC....MA.T.Q.w.]h...H7on@''..q.....m.E...+DL'B....W.MK.....=-L."...q.n...x...)....J+.0...SZ..A.!.0....3z.g9...*b...@g\...R...+.=....*....z."J.....-.....c.K.Z`.=.z/H}...p..c3m(2.~..l(n.=..i.(6.N.....*..N.P...(Eq..$."d4)..'......K.".C.....;...#..N....`.....}.\5Ab..s.>........Y.N...4...0....e...d.,.K.,....LW5.......oR.e..kk......._..n..9.,..gSf..H...'.O.7.].C.........Q.4.r.{.i}.M,4.I...@+.-h.........G.....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\javaProjWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):13561
      Entropy (8bit):7.971093662179315
      Encrypted:false
      SSDEEP:
      MD5:870F2648EF79174023C9367B90281617
      SHA1:4C81439D318A8D91C521BBB09483B224A600E62B
      SHA-256:47A43743DB2D8544810F84AE4DB4951598D2F7BBD3BF0DB6DAE3703A415B7EDA
      SHA-512:497BC15F3ED7764213E61F03124D849D6EF390C2740CB45FE42DF0CF9FFB49D54C8AB32C7A175037D11F7687B52F9DADCB58F0B0DCCB4F6FE0DEA53BFD58B8C3
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<......]PLTE.........p.......n.........Q..h..l..b..Z........v.................y...................I.@..4WIDATx.....@..3.B..{.p...L .,q..`..GQ...`..H.(.....A...h...X. .q..."Y.....*..$8..W...G .~..`B.......F8?2j..sYN.b#a...DX.....W....q.FH[.^+...@.G....FY....E/@t8).=.>].y..B8..*...0...C...f7..^.[.q.3."L.P.).R.+..........G..*..y....`...(a8Y^$.Ct.K^E...CB............PL0cY...M.(.>7.%."..h.B...6(..Ev.....^.?.'.!.[.... ..$.$.$.-..(.Y..X...E.d....:.....wgJ!.8.n....5t6.lJ.......}.q.u....U....../._h..f.7..D|.....JL./5Y.H.....>..z..Q.x..;..3.u..a.......Y../...6j.f....&..D..Rmi.......^.i....$......c.{.....J[:....._.......-K%.....f......\+.x..H@...V.X.......\..>..zK6~.....+....7..tN....,P!t....qadE_?....k....C..(P..riM;..aH._k.4..b.n.g..2k.7.....".@.4.....}C....^u.W:.!..............o~..$...].vl....d........r....FC.X.!.;y...._?....C....f;otD.V..6..b...T....k....wG.he.....9..v.v.q..A.!.zm....z.H....?s..4.=..,.......yD..yv...sq.....M.....>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\launchcondWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):596
      Entropy (8bit):7.509291024415946
      Encrypted:false
      SSDEEP:
      MD5:9005F41BA950E8EAA1C274BDF6A5B1EB
      SHA1:B1043981349840E4ADF6BAFE1373CE29D4FBB88D
      SHA-256:04A98BDF8974C88DB4947279EBDCF7E149A586239C36881C3F840B671FBE43A4
      SHA-512:9DF43BB1812986BF654FD00173E8801FC7F1B2C01185D65BB353E92604A5CD6D4245F88DDC63036C67F6EB536DB346219622F2DC1E081B0428C23EE58D109904
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE...8w.c..&k.`..^..`..a....$_..`..d..`..e..a..`..(l.^..h..c..q..h..d..a..e..l..i..m..l..e...pt.")........17..........V[.(.K..:x........AG........IDATH...r.0..!V..fz3......H8...3%3).G...N.5~W./.V.4 V..lY.....E.Y@0.a....*.....i...i.S......,big$...:.`..n..6...O....9]+}......y...[....u..%.O.8., .!6/B./ .S.....EL/.m.fa.a!mBDZ$:N.....k.g....d..Dr.......5.......w...g..p.8.l.......l.9...1&...'...0a....i..}...}5.....j .h.....[.Y.l-....D...:.%.........r0v.h...97.NwY..q..nDp.C....:;].?..h, ......E.4}.P..K...Z?@....}..1@r.......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\licensing-banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 492x63, components 3
      Category:dropped
      Size (bytes):7299
      Entropy (8bit):7.598448135708291
      Encrypted:false
      SSDEEP:
      MD5:1CA7CFECD483460326FE3385768E36D8
      SHA1:81D6B5A1E5A9FCFD7D35D3997B45BA6D90A140E8
      SHA-256:071B27C39D00B5986FFB8FAAED3F23D773016DF15B1B3D27B9D873A1D106EBC8
      SHA-512:AE45E969C3C0686173ECB5EAB24B520F27A2CF1E4653BE946A3A0C56599D99BBEB5FFC5733319904091DF35589DC34FF946D73F4B631911D4AD40B60BB7F0C73
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......d......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="adobe:docid:photoshop:5203ab09-0d30-11db-81e7-b56f382a9a25" xmpMM:DocumentID="xmp.did:A0028C9438D911E492BAAC89E369DD06" xmpMM:InstanceID="xmp.iid:A0028C9338D911E492BAAC89E369DD06" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:39629350D738E4118A25980E67443CBA" stRef:documentID="adobe:docid:photoshop:5203ab09-0d30-11db-81e7-b56f382a9a25"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d.........................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\magnifier.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 13 x 12, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):424
      Entropy (8bit):7.225786214459869
      Encrypted:false
      SSDEEP:
      MD5:0096B03823D6BCD0597D5B0B30D17FD6
      SHA1:AE054F3932AE75D1A100FA46897B9D08B1BE4FC6
      SHA-256:F117CB4B878E6B29A28AF6FA63CA0AE1AA95DE20CFB154F997DEC617F6F07A4C
      SHA-512:C9E9765BF30F356611671457DB44D43AF04E008F9CBCF07DAE6C01729A7F15251D87A92920CA4804A45A4044538DFB8880EF94AB413097097BB8E68F3F624068
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...............7.....tEXtSoftware.Adobe ImageReadyq.e<...JIDATx.....@.....-ll,..Eb..i.*...M|..A....M,b..J.."j.F....$x....a?f.7.~..<|.'.uq:...C.V.a.PU..G0.M.S.l6(\.a...t.._A..@.e.z=4....wl.[,...f3..u.V.9(9.#D..G..e.r.U*.fY.k..x>..k......4..^V.zr.T*.q.^.PV.zrHQ.!~3b>..3..0M.Q.a.\...l6.x<.^..$.hJ.h..y4.L.?.;..p7[.....$Ib,....@.....^...f....x....._..!..C..Ft.\._..8..|>../....i.X.'......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\mixed32-64WizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):336
      Entropy (8bit):6.905024595764654
      Encrypted:false
      SSDEEP:
      MD5:67C9FC73571F002A7804ACEB5ADE30BF
      SHA1:D5E19FFD2E2756943C0A8DEE0C532F10EE699C0B
      SHA-256:CF814FECD81B8BA702C60A979A5406FF7C45BB069BFA6BF2ED10A3D63CEBDECD
      SHA-512:289043EFD1632EC0DAA17FF4DE3FA5B08DFF0EC187EFEAF66DC8B351DDBBB53BCA050173544390771ED2DC45CE3511A5CA93081AAE4029AB7C912931A81088C2
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....3PLTE...c..\.E333...HHH...kkk[[[...............{{{........xl....IDATH..K..0.Dk........8.R..KQ..$..<0.>?...f.#....?..;......c.5.p.Jj.a+..4.BY......."1..b.i..E.....t...B..\,....W......BC,8Dr....2e#{..Dp.`..n..:...jX...P.,.....F.&.H9....5..zz..{...h..7o...f..ll...s.....|..........IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\move-file.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel
      Category:dropped
      Size (bytes):5430
      Entropy (8bit):2.7932715883587944
      Encrypted:false
      SSDEEP:
      MD5:408FA8EDEDE027A8403AEB611B01D13B
      SHA1:3384BDC0013B1D4F520595B5A703CE610D1A66D3
      SHA-256:0248E88DF04521AE4C2C60321FD374A1CFBA24310678A9D2D620D989CA3D7C2B
      SHA-512:0D7FC4A0DC54D44720A67915F1AEB4406CCB69BC05B259DCEABEB1E9FFF3B03201514072F3DD8B1A077FE1ABB4E784FE0205A9915EBCF39B428E7764855C1693
      Malicious:false
      Reputation:low
      Preview:...... .... .....&......... .h.......(... ...@..... ........................................................................................................i......................................................................................................................................................................................................................................................~....a.....................................................................................................................f....a...a.................................................................................................................Q....a...a...a.............................................................................................................@....a...a...a...a........................................................................................................./.}...a...a...a...a...a...........................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\msiImportWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):748
      Entropy (8bit):7.6443595998309775
      Encrypted:false
      SSDEEP:
      MD5:77752876AE39091F942815BDE8591A4B
      SHA1:5861D16CBDAE3458A6B8DD2F3F6051516B84E219
      SHA-256:DA0142B455A4850EDD97A67B81F91CEDEEDBA1590E25AFF013AA04F0612F493E
      SHA-512:0DBA7285B9F278AAEAC02CCEA333EF51B368D072E85A79709B2FC37F9E9588A9CFC1030021A048243733F0BB013BB8D076C57CC54D2CDD3A96C6CDE561EE42EA
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE...}.........N.c...b...n&..........................m..Q.....q...........j..:.t........j.z8.^..X...........}.x2.n-.k'.h ............n.M.e..................{.W.V.I...}..~............}w..{p.o.[.X.tT.e9.^'.......IDATH...v.0.@iLI................O.D.z.....{..!s.$.A...).....a.c.?c>>.n.V.#T.B$i...}....:.E..".F..B~..A..".q....... .O..{./]..o..#.n..h....H..Qa\..c..........h..P...}.)...Q..x.p.Q}....ye.YG..h.9..-E...Q..aeu....{...Fq...0....Q.X0.x......Y.bV.....2X..&.s.19..K..bgf.....d3sd..j...Y.fF...L.=]K.R..%7.9..ir....{e)T......TJ&l....G...'..2l...I_.....`.X...."I.b..5Nl.U..j.;...n...}._...t...U...3..fsZ%Nb...{..}....3./L..a........3,s.2a..MC.=_....h.......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\msixWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):2203
      Entropy (8bit):7.4442032484054215
      Encrypted:false
      SSDEEP:
      MD5:C97D7F626B7169C2E177B2AE00C521F6
      SHA1:E12018251D7864EDDB573EE5024F6E1C84685719
      SHA-256:6B25558906DF0E860D6A028E1C86AEE57CA6179DB132AF31E2702216401DA003
      SHA-512:B661C0338486B200273FD22546840F27A524BF7E418FC424616D553F5B4D5E8D3EFB844D36362E68290CE4FC6C1519F916A930DA25B7B1162419180673645F3E
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1........K....tEXtSoftware.Adobe ImageReadyq.e<...|iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:212F1C2AE8EAE3119761D420577A93B8" xmpMM:DocumentID="xmp.did:897F3417B02111E8BEFCE837E9BBB821" xmpMM:InstanceID="xmp.iid:897F3416B02111E8BEFCE837E9BBB821" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6df2ecab-c137-7747-9513-c7508ba3421c" stRef:documentID="adobe:docid:photoshop:04b3f043-4b44-0140-bdb3-78e79bb07afa"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx..Y[SSW.... .....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\msixWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):6563
      Entropy (8bit):7.768525726505212
      Encrypted:false
      SSDEEP:
      MD5:DFF9177B6E325A5DCCC630FAB38A7C0F
      SHA1:AC62FE7882AC18257EB44A2231F5AE29E549CAE2
      SHA-256:EE9E19BAE5FE71190BBF87655BAAB598C107E0546683E3AF1B0C306E4BFD7E7D
      SHA-512:E73B2E681269FD4E98575AD4EFC9523931496A03774894FDB8BB0B80F58500DCC5F80EC8FB4830594FE3022E7B5ABA2858D1D69216D3691CFC82AC9CA67CC78E
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:......a......tEXtSoftware.Adobe ImageReadyq.e<...EIDATx....S[g~.q.............j..I.;..I..$.....Eg..m_t.3..h.]g...j;.N;..j..&...q.[..B........&t.!...H.!08.Hp...z.|. ._...9.#...a..._|T..l5j.......*......*......*..T..@...T..@...T..@...T...<......<......<......<.Py.....Py.....Py.....Py.....*......*......*..T..@...T..@...T..@...T...<......<......<......<.Py.....Py.....Py.....Py.....*......*......*.....@...T..@...T..@...T...<......<......<......<.Py.....Py.....Py.....Py.....*......*......*.;%......... .U..s..R..!.~g0..1.@.7.Sq...K..._.oj.S.....Q.$.....yKW.~.@...L..!...:...._y...m...y..P.<.......:.a.A|E...U.>.u;.....*...m/>.d-7j....;K.....t..p."...Py.....].|f..F8V[zh............+.^.9q..ZcP.....H.W...k..e...!.@..A..^.k<^k..f..*K._.....~.....|y.....qW.zK.>..B.nC].....;"r.%.*...w9........'.-...K...q?_g...:Yr.SN..~....[...>.........Jw9.Zuy.....1..........&.......C.f.>..k..U%7..w.<b.a=.*.%...SEZ..F........._|....h5....G..>*k...Gw.o..<a.....f^_>,JW

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\msmImportWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1090
      Entropy (8bit):7.720543581610642
      Encrypted:false
      SSDEEP:
      MD5:FBFBB3387CD75C647E429ACE75D27FE2
      SHA1:D8FD2FD6D637D7D678439700C7473608DDFA6BA8
      SHA-256:9E08272B7A2172B28586DA239D99A427B59B92C1F611A6E70E4A5AA8A6D278F1
      SHA-512:CD1A9ED07B4F52CEE1FD138FCD38C881921A6F3FF093301F82A091BA67DCA4ECDEA4FD57DCBB5E8C7888478F9EA5FD1FABC03776815C90F8A3262D007154C317
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB......PLTE............c...V_..]........V..n.,....T......i..a..L........_...........t..........................|.......................~.....v....p....W..............................n..|..k..p..Z............v..f..\..................z..e..e..}.<............................w..o..\z.>..6t.6h.&l..d..P..^..T................................q..a..L..L..H..E\..X........hIDATH....S.@..._....".4..EP.TDT.......^N.r....... l.3.p3..}...O~If...%5.gj.J...8.F.u..f~^...A..73....M....S........10J.^..^n.v..f...i.0..uU.]0......j.....z.o..Hd.a:.p...HdJ..^...F<...8...R.Y...S.K..}.hk.18....-.v...........'....cB.......;.],*..S.$.lA.6...@...YZ<.........Z..d........>..}.....N*.9|{u.-.._...@...l..I............4...X3J....]v.......<i.A.r/..)D.Qs.yI..h.N..h.... .....C...){T...-...*.L..J......M.*.#....G.et._..8..f.... ....F..8...."..S?..O.....8..yCrU,..A....)k.A.I..0..-.v..b..*..)..*.(._Hp.DM..8.v|m*. .

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\msmImportWizWatermark.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 503 x 314, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):14276
      Entropy (8bit):7.951676490317254
      Encrypted:false
      SSDEEP:
      MD5:2C94D5102646502162AD0810BF252538
      SHA1:1C23252BD1AA845616EC1561A868AA27712619AE
      SHA-256:B0B4D5759A928041D2D79236A03857050B116CAA8EE294050154F34A5B55D427
      SHA-512:059BF4F21230DFCBDB8BE29B1C244F935D399FF448A5146F9EC82775881E201C94C7FC235EB8C5C076363E98550F514AE7F5465D0D38BCA66C2169D189C1C6CB
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......:.....<.......PLTE................................V...}..y.<...............Z..{..}....q..f...........................p.1...N.....k.)..........}........P..J...p..........|..a..........{...6.IDATx.....`7...B7.....6`..{.wQ..I .f...6....n............fvM.e.j.>.H`..$.......!..'.....e.......-C.bz...e.....aXz.=.....!..%.>. =.i&......,V..-.AL. B....w.V...:.m.z@..f..v.f.5..:X.y|...k..F....M!0......`h.1o~...e...=.yC..`....a.vU......*dno....+........`d,2l+2Y.....Ag.C".45@..I.V`...6'.+t....!..:M...2.g @....g......S..2.....d.%=.......\..+..HK...rk!$..e....r.f.V(..l.]#.srG3.m..F.#.....68.[...AA..$.Qr2..2..}.~...k...(...........I.u...4d..n...?..{.=....m...vh.2|.~.L..Lz&.*^.BvK..a...#s.vu..B....B.......;.!{.g.w.......{...4.Q......zU..t....R...$......6N.._...2.!0.[...q;#......q....bj.[...._p7..u7...{0$.a.;.uF..4.`..... ...n.....nc`.|...'..3v<g.....8...~.&M...U....KgH..r...bg.P..............o,......2.\...&..F..0..v..v/..*

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\msmProjWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):881
      Entropy (8bit):7.665811348502413
      Encrypted:false
      SSDEEP:
      MD5:ED7FCD721E9BE7DDCA77E4A3DCA432DE
      SHA1:3E95412C1B26BFEC1B95AD6F72DA4B84EC5AA407
      SHA-256:C47B5414B76CDBF7035BF130920F00477A6A22066C37AABF84701494287833A3
      SHA-512:A46F83C89F6D7F8F1AC84B7B901126FA27D56EA422CFE38CB567CAAE98A3A209096AD05A364CD7F296EC9605FE5325784A5F911D0FB413C6C1AF7A9BCB5EDA2D
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....MPLTE....mm..V...c.._............Un.-V..L........~................jl.)..........................q............zz.rr..[..G..@q.1.................................^..Z..............w..h...................................................r..o..b..N..Gy.A~.=[..W..S..O.........x........................\..Yy.8P.%.....IDATH...gS.@...(e... ...E...H...^N..z....&Y...3.3..}..L.;..2.I..w.jgL.....~|....~L=..fA..C-.[..ZH..A.F.O..q.....`.Y...m0....$....K.....+;,...M,....4W......`..h*,3.'HG........}.^.....e.b-b,.,J...G..U..G{a......Z...... z..]q.K.3.Q...=..Xn.Z'..UY.;..c-.<T.n.m.:......P.U.6..M..S.?~p.b|.7tP......2..|o6c.7.b.......'..l(.......xh&R.{".(+. .........@.z..2$...V4\..".8?.E.Z_.)E..Z.h*...R|.zv........G...k.~....o..T.[..E.tx. ..(.E.8.p.EAQ.../.l:.....n......]s......\+...=..D.fW{.....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\resources\msmReplaceWizBanner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 49 x 49, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):976
      Entropy (8bit):7.708147882143986
      Encrypted:false
      SSDEEP:
      MD5:3CCAD6049631843347CED1F998D02EF5
      SHA1:FEC79C1FA19306E27256B4FD6A0DE789E325892B
      SHA-256:4404111B4EA52A6D83756E3647A60D90CEAE4583D81FD95FDC24F45769AE38D0
      SHA-512:CFE8CBDE3BC611984E928BA51CB544F1CF018293FA1FBAB0EF602D3B2AC94342219369B5FE29C85D1F6E297AEB3BBD99970BBEDE5D46D90EF2F3A925AE20330C
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...1...1.....DB.....ePLTE....mmc...V..._.................n.-V..L....T..........j.....l.).........}.......................ss..Uq....................[..................@...................................`................q..g..W}.;q.1............................y.yy..r..\..Y..N..J..G..Dy.A[..W..S..M................................a..\..Ys.2P...<P-...&IDATH...gS.P...W..t.)R....* (R.k.kw{o...k...c........BN..)0......6.'.*T*.@h...%FpSI. D$.$Y...W"....X....)#./......H....9....3;GS...u.6..o68&QpV.$.....H5...8.....,......3G....d.0:.'.V.#.?.e...#Ns.!x.....w2..".....[......9.......t.U..s^W....kv...c.L.P..w.).)..v....s.}*5..#.:.....v.........R..V../@....T..".b...........g.^..3...Eg..x.G'%.|1.bbb>.w..{......4............ ...G.T`QW.........S1../.=.|...=.4.T...g%.%.qJJ...%*e.+..pxid..........Frq....V_.....`..n...I.f..b@.zN....m..Y.e..F.`......K#....-..s.,o.....D.......^.&O.Jn.-..X........TC.=.|....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\MaintenanceWelcomeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2034
      Entropy (8bit):5.211218339228256
      Encrypted:false
      SSDEEP:
      MD5:E01AD14A517FE99DFE4CA73CA4281433
      SHA1:EE7CAE6D34DDD5CE2E2F7BBAA798567A8EC71BE1
      SHA-256:B30F604FE0CC6D89B7B618C73C7A6471B82A74F6E024CEA3654EBD2633F7BDB4
      SHA-512:CB564EA9DADF7E729EA084D0D85CAC0B0210DEDB659897C23A4144F2F0B890BE810928527BF714421A8220F00833C37E058F8181E9CAB1745604DED4A84EDDDD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Back" Type="PushButton" X="320" Y="330" Width="56" Height="17" Attributes="2" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Title" Type="Text" X="33" Y="32" Width=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\MinProgressDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2220
      Entropy (8bit):5.234089480799587
      Encrypted:false
      SSDEEP:
      MD5:CC88CFCB464A868705E676D08B5E53FE
      SHA1:4F92E92E8F9544B8887918ED4F92DC9BBEF17E6B
      SHA-256:D4C1157CFDFD62FD9E13858C8366E105BB05A033BB73875C6128884CE46C88F1
      SHA-512:6B8A4A2E896BB4D100EB61CA7A2A66527A8E4740EDA8927D121F6A75E7344BC1D0B8E2656753A5BEFE8E7C3194FFA9AACC172349BCFC7250E358720226084F16
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MinProgressDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="75" Attributes="1048577" Text="[MinBackground]" Control_Next="Back" Order="100"/>.. <ROW Dialog_="MinProgressDlg" Control="Back" Type="PushButton" X="309" Y="52" Width="56" Height="17" Attributes="2" Text="[ButtonText_Back]" Control_Next="Next" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="MinProgressDlg" Control="Next" Type="PushButton" X="369" Y="52" Width="56" Height="17" Attributes="2" Text="[ButtonText_Next]" Control_Next="Cancel" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="MinProgressDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Control_Next="ProgressBar" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="MinProgres

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\MultipleInstancesDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):6583
      Entropy (8bit):5.396412140797057
      Encrypted:false
      SSDEEP:
      MD5:8205BBAFF6AF2B9F7A66390C10A25C71
      SHA1:9867BE74DAAA174535CAC0F27D40381602602431
      SHA-256:EC8C52EB46DB8458470AF3A175EC6D1F2DEB23379811DBF6AA4ED018CF44E2BC
      SHA-512:E674524AE7E66BEA0817DA93978D07D984596B903C674DF6FB171325F246720C42BEC21B6ED310DB3AF5D529C05C7C3066FFB7351DCD302FE9CE3873B85F6CC3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="MultipleInstancesDlg" Sequence="450" Condition="AI_BOOTSTRAPPER AND AI_EXIST_INSTANCES" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="INST_RADIOBUTTONGROUP_PROP" Type="4" ValueLocId="Property.INST_RADIOBUTTONGROUP_PROP"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCheckBoxComponent">.. <ROW Property="INSTNAME_CHECKBOX_PROP" Value="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MultipleInstancesDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="MultipleInstancesDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Tex

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\OptionalFeatsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3952
      Entropy (8bit):5.313694716017058
      Encrypted:false
      SSDEEP:
      MD5:ACB931C7C693EACCB92680C75D9537A8
      SHA1:4F577B8C53BF80FA1FB5A84D1025CBFB1D25DE45
      SHA-256:E6EE00B26730A5E01F50893DE4E1F644DF90EC18907D69DB45258F763B443EAF
      SHA-512:E5657F623A27F7C76652B12F9CE2E52F5EB5F9D6373F0B0A979B842CA3860A11C07045B7434E68F3682586BA62D6F4EA419579D6FD646E2D3705609CB8DD219B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="OptionalFeatsDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="1300" TextLocId="-" Options="1"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="TitleIcon" Type="Icon" X="10" Y="10" Width="36" Height="36" Attributes="7340033" Text="[OptionsLogoIcon]" Order="200"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Title" Type="Text" X="55" Y="23" Width="200" Height="15" Attributes="196611" Text="Optional features to install" TextStyle="TitleFont" Order="400" TextLocId="Control.Text.OptionalFeatsDlg#Title"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Text" Type="Text" X="55" Y="76"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\PreparePrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2176
      Entropy (8bit):5.291029047901119
      Encrypted:false
      SSDEEP:
      MD5:D3628AD1546703E33CAFCECC46B05D95
      SHA1:271F0CE854C61414AABF384DA133ABA9BF354FA0
      SHA-256:8BE74688965AEA8086C4795E48006C4EC4FE23A6F58998BE603E8EA74D09DD26
      SHA-512:325BCF5363155AB69D1A54FACCDC52538EE7A11506F42C8E262A09482856F46F2FDC83227789B6844C5626625BDAC10922CC180EA2795C2A5A748C64E445649E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="PreparePrereqDlg" Sequence="150" Condition="AI_BOOTSTRAPPER" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="PreparePrereqDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="PreparePrereqDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="1" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="PreparePrereqDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="PreparePrereqDlg" Control="Back" Type="PushButton" X="320" Y="330" Width="56" Height="17"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\ProgressPrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2843
      Entropy (8bit):5.2845091012124215
      Encrypted:false
      SSDEEP:
      MD5:3F6E5B96C2E4608C79F8D2E6DEBA6560
      SHA1:F343A6F088F78420ABBF1EDA91FC225424E1E30D
      SHA-256:9FFECF016A9EC73D7D616057EE9083DE76E7E1A4B906EF72FC6EFBBCBCC14E5F
      SHA-512:31D2193F188CB71DCBB36758163F513BEBC2818F6FA804D433BF9B82E2B2122D09716A2634984D914B9B8D5669415AB9E707146672E1A0F2D91FCB05B6C0D7F0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent">.. <ROW Action="ProgressPrereqDlg" Sequence="300" Condition="AI_BOOTSTRAPPER AND AI_MISSING_PREREQS" SeqType="3"/> .. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ProgressPrereqDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="1" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Back" Type="PushButton" X="320" Y=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\ReadmeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2214
      Entropy (8bit):5.305553966237931
      Encrypted:false
      SSDEEP:
      MD5:8AF0C4A5B312D53EB43AAE49F0C77905
      SHA1:83C2885DEB0CE4E3BCE129692669CA91CA24AC4F
      SHA-256:C7121B0DA74C321E19B6284146AB5933739C9F8BBFAEDF7E81EF601A655C7124
      SHA-512:B261C62A4AB331C579AF9B36172E3B976613BAE240D9B26319B1DA36137178AB5DA7D285DF3011A5FB835E8823CA24881FB4EDB664BB99E6BBA2F87C20828396
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="readmelogoicon" SourcePath="&lt;AI_RES_COLOR&gt;ReadmeLogo.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ReadmeLogoIcon" Value="readmelogoicon" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ReadmeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="ReadmeDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="ReadmeDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\SQLConnectionDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4749
      Entropy (8bit):5.324387478332137
      Encrypted:false
      SSDEEP:
      MD5:15B69C2C6DB69DA8C1D503B9D44C0916
      SHA1:91434648DAF0D265D4B31AEDA321E6057B33E2B8
      SHA-256:33017996EF2E6B12383CC279A0516D7D40A40A4BBFE899F29DB2F981419017D5
      SHA-512:E012BC5DD089DF863884F70DA9AAD7BF03F43FF31E2CCB40A7EC3B70AD91ED99B8490957AE1D14A4477CB590CB0C37253934FEFFAC7CF726BCAF120E410D6C06
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="sqllogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\SqlLogo.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="SqlLogoIcon" Value="sqllogoicon" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SQLConnectionDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="SQLConnectionDlg" Control="Title" Type="Text" X="55" Y="23" Width="380" Height="40" Attributes="196611" Text="Configure SQL Connection" TextStyle="TitleFont" Order="200" TextLocId="Azure.Control.Text.SQLConnectionDlg#Title"/>.. <ROW Dialog_="SQLConnectionDlg" Control="OdbcResourceEdit" Type="Edit" X="120" Y="91" Width="270" He

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\SQLServerConnectionDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):6683
      Entropy (8bit):5.368595945581528
      Encrypted:false
      SSDEEP:
      MD5:D46D71EBD54DCA6AF80184A20AD1EA4B
      SHA1:196149D99E5390849F02CB05B42266228963B573
      SHA-256:AC8EB461125834DE51EDBD7B5945B5B4827AEBD84D7FA3D84263DEE02172ACAD
      SHA-512:C4E152C17E4325F4C3590F21E9123E327AD0355A7368F310E3B42CA31605DB62DEF82B070803A1816821FD46338A133359901363E52F343805780ABE5EC8C55D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="12.6" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiDialogComponent">.. <ROW Dialog="SQLServerConnectionDlg" HCentering="50" VCentering="50" Width="450" Height="360" Attributes="3" Control_Default="Next" Control_Cancel="Cancel" TitleLocId="Dialog.SQLServerConnectionDlg"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent"> .. <ROW Dialog_="SQLServerConnectionDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/> .. <ROW Dialog_="SQLServerConnectionDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Back" Type="PushButton" X="320" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\SequenceDialogs.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):914
      Entropy (8bit):5.226137720243581
      Encrypted:false
      SSDEEP:
      MD5:43708C7DEDF8CF8B618C758C9B55E03B
      SHA1:981011ECFFBC4FA4D99FC963B70B93C21730973C
      SHA-256:10005D60CB95E69ED8DD0508C6AD259FA47780450F2BCE006A0AE1DF64DA3D16
      SHA-512:CAF0B95792DC814753BDDCD1AD257B6FDF7056C083BC96C8A5E6117E59E814CF83E3ED1C5E5391EC8104C8A9FE122387072B43BEB61D1AFE2A277014744C6A8F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath=".">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiInstallUISequenceComponent">.. <ROW Action="ExitDialog" Condition="NOT AiSkipExitDlg OR NOT AI_INSTALL" Sequence="-1" SeqType="3"/>.. <ROW Action="FatalError" Sequence="-3" SeqType="3"/>.. <ROW Action="MaintenanceWelcomeDlg" Condition="AI_MAINT" Sequence="1250" SeqType="3"/>.. <ROW Action="PatchWelcomeDlg" Condition="AI_PATCH" Sequence="1260" SeqType="3"/>.. <ROW Action="PrepareDlg" Sequence="75" SeqType="3"/>.. <ROW Action="ProgressDlg" Sequence="1280" SeqType="3"/>.. <ROW Action="ResumeDlg" Sequence="1240" Condition="AI_RESUME" SeqType="3"/>.. <ROW Action="UserExit" Condition="NOT AiSkipUserExit" Sequence="-2" SeqType="3"/>.. <ROW Action="WelcomeDlg" Condition="AI_INSTALL" Sequence="1230" SeqType="3"/>.. </COMPONENT>..</FRAGMENT>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\SharePointLogDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1865
      Entropy (8bit):5.285120264017444
      Encrypted:false
      SSDEEP:
      MD5:7A18BA3734ECEBFC62F96DD3FA8270AD
      SHA1:2E617D2A65CB95540CB7C8973609A82AB5EE1C6B
      SHA-256:0DC92F4B8C5BC89420E14181482852898B8E129770F3C7269812E53885E9037C
      SHA-512:849B9EF87DB39188FD9157ABF836A0DED11FF0DBC440A169E78343DEE9000566B48E8A33B6276444209FC524C2961EF90A65BF1A8570E8797952392D4C687198
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SharePointLogDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="SharePointLogDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="SharePointLogDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="SharePointLogDlg" Control="Back" Type="PushButton" X="320" Y="330" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="SharePointLogDlg" Control="Title" Type="Text" X="33" Y="23" Width="200" Height="15" Attribu

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\TemplateChildDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1168
      Entropy (8bit):5.294061526456837
      Encrypted:false
      SSDEEP:
      MD5:3170B31AD9E6818FA9389580C5886C62
      SHA1:7C64A82BD2AC860CE3349513F6CAA92D7068FDDB
      SHA-256:43EF9866F762D510535F34516229EEF5E825213F4B8938E3C97EEA0259785999
      SHA-512:FF70ABA2B77D14537B17FCFFD19CF488C3EC8702FAEB610764F43D756FE6C6CF81537749F096CAB45D11CB862796E0E1A00F695459DDD5961B54FA6E06C3BC17
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateChildDlg" Control="Icon" Type="Icon" X="15" Y="30" Width="36" Height="36" Attributes="7340033" Text="[InfoIcon]" Order="100"/>.. <ROW Dialog_="TemplateChildDlg" Control="Text" Type="Text" X="60" Y="30" Width="230" Height="50" Attributes="196611" TextStyle="BlueText" Order="200" TextLocId="Control.Text.TemplateChildDlg#Text"/>.. <ROW Dialog_="TemplateChildDlg" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="" Order="300" TextLocId="-"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlEventComponent">.. <ROW Dialog_="TemplateChildDlg" Control_="DefBut" Event="[AiStopPageChange]" Argument="{}" Condition="1" Ordering="100"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiDialogComponent">.. <ROW Dialog="TemplateChil

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\TemplateDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1567
      Entropy (8bit):5.2627719061704745
      Encrypted:false
      SSDEEP:
      MD5:B64E78700744A039BA4935A02BB3F908
      SHA1:6D9513E0CE855D75A02B4A2572A383411EEA0E42
      SHA-256:6A3FA958D7EBBC5C89E781C1553B36A500903D39FFCA9CA160216711BC457BC7
      SHA-512:4645175598DCFAAC190B8CC9E1F965C6981F3CB4E95EFFAAA4DB6C42EDB5BD7C72A0BCD57BFF3985D09FF3FB552EEDB70705DE85F9051564A8DE84320D47414B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="TemplateDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Back" Type="PushButton" X="320" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Title" Type="Text" X="33" Y="23" Width="200" Height="15" Attributes="196611" TextStyle="T

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\TemplateSeqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1785
      Entropy (8bit):5.282805177749571
      Encrypted:false
      SSDEEP:
      MD5:7AA58521240B7BA6B22677BC891FAEA7
      SHA1:C96A9F03A68C690E7E0C234C55F0DA5624C235CB
      SHA-256:EA3DCBD32DB2E57DCCD17721F0257CB0FCD55666EE9CCEC7602069AF12BB1186
      SHA-512:7CBEE596E0D5CC661E68A7C08492D239F74F4E0AE828817158C221AD827A8FDAFF0A637DC617F0DEF6CFCE238D59E3FCB5536C7F7E89CA67A5722633FA56C931
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateSeqDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Back" Type="PushButton" X="320" Y="330" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Title" Type="Text" X="33" Y="23" Width="380" Height="40" Attributes="19661

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\TemplateSpawnDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1476
      Entropy (8bit):5.298257999193904
      Encrypted:false
      SSDEEP:
      MD5:568FC497F7D76346B2B74DD16F12BF1E
      SHA1:C1F95319BFEAA364FD0A4CECB48BFAA1617B7CE5
      SHA-256:DDC718901AE9D25501CD3727A5361AAF9DBDB9BD55287E4486F0C85600D15E16
      SHA-512:72E9E52F1E0FD55AA637DB17F6FC416CC46FBAEE550262E62A46AF98B98E52A07D7A754DF5D1B1639299310E77A90F5FA4667E2DFDBE43BF56CC7B7DE81047E3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateSpawnDlg" Control="Yes" Type="PushButton" X="91" Y="87" Width="56" Height="17" Attributes="3" Text="[ButtonText_Yes]" Order="100" TextLocId="-"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="Icon" Type="Icon" X="18" Y="18" Width="36" Height="36" Attributes="1048577" Text="[InfoIcon]" Order="200"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="Text" Type="Text" X="60" Y="20" Width="230" Height="50" Attributes="3" TextStyle="BlueText" Order="300" TextLocId="Control.Text.TemplateSpawnDlg#Text"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="No" Type="PushButton" X="154" Y="87" Width="56" Height="17" Attributes="3" Text="[ButtonText_No]" Order="400" TextLocId="-"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlEventComponent">.. <ROW Dialog_="TemplateSpawnDlg" Control_="No" Ev

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\UI.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):51469
      Entropy (8bit):5.291447282398082
      Encrypted:false
      SSDEEP:
      MD5:0AD58504FB5B7F898428E1057FC4B40A
      SHA1:7E6B57EBA51F94A90BD86FDC29D573241E7B1DBE
      SHA-256:2A0B2A906C401037AD20B957AB0EDB402672092917A6310C169CCB598D6E3535
      SHA-512:D21F1D5BF009559045F917962655013C028D57815F18ACFF0865F54785748FFBA4A5222B3BA97C54C89AD87F6C7D1082E8D33984899F3343E3C185E136F583CB
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="printico" SourcePath="&lt;AI_THEMES&gt;common-res\images\print.ico"/>.. <ROW Name="removico" SourcePath="&lt;AI_RES_COLOR&gt;remove.ico"/>.. <ROW Name="New" SourcePath="&lt;AI_THEMES&gt;classic\resources\New.ico"/>.. <ROW Name="Up" SourcePath="&lt;AI_THEMES&gt;classic\resources\Up.ico"/>.. <ROW Name="waitlogoicon" SourcePath="&lt;AI_RES_COLOR&gt;WaitLogo.ico"/>.. <ROW Name="installlogoicon" SourcePath="&lt;AI_RES_COLOR&gt;InstallLogo.ico"/>.. <ROW Name="exclamic" SourcePath="&lt;AI_THEMES&gt;common-res\images\exclamation.ico"/>.. <ROW Name="whitebackground" SourcePath="&lt;AI_THEMES&gt;azure\resources\whitebackground.jpg"/>.. <ROW Name="info" SourcePath="&lt;AI_THEMES&gt;common-res\images\info.ico"/>.. <ROW Name="tabback" SourcePath="&lt;AI_THEMES&gt;common-res\images\tab

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\UserRegistrationDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4033
      Entropy (8bit):5.302854440258606
      Encrypted:false
      SSDEEP:
      MD5:767439BC89730F43B6A3345764502F6F
      SHA1:AEB0337BE118D9468CFFF49A9A6EFBE0F52B381F
      SHA-256:37D54AC365AE1109249DF7D7E4A97301280C9FCCF95AEBC0CE28BE929C850C67
      SHA-512:8FA1FD2BA7C4FFAB3FA5D033FD8B95C9985523DB969798907D749CE31F2CCAF104E1DAB4543999D6EA10E7F71BAC7AF20EAF19C5DEE6B61BD05F526DC3273528
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="userreglogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\UserRegLogo.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="UserRegLogoIcon" Value="userreglogoicon" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="UserRegistrationDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="UserRegistrationDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="UserRegistrationDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\VerifyRemoveDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2626
      Entropy (8bit):5.383674551969706
      Encrypted:false
      SSDEEP:
      MD5:29EA7BDA1185024E3E95FEB35571CCFF
      SHA1:78D86422B5F6226B8CCFD9B72DBD83372DA11E44
      SHA-256:F283E6DC524ECEC57A17523F565DC1FAB4C53AFCF2790ED1C01838FD3BAF1784
      SHA-512:20BCF7424FFE8C14F14300B701B53F951382B5435B211EE2258B0C5A2FE3B878EA69F8A12F0C35B8E4213C76F6416F86C652152C3D3C1C67A453F14E98382497
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="VerifyRemoveDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Back" Type="PushButton" X="320" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Remove" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Remove]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Title" Type="Text" X="33" Y="23" Width="380" Height="40" Attribut

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\VerifyRepairDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2779
      Entropy (8bit):5.358907851646657
      Encrypted:false
      SSDEEP:
      MD5:A64135878DE5141E4C145514EFE9E2A6
      SHA1:3AC52F0A43AFF0A3B550CBC96F3678A4BFFAABBE
      SHA-256:3B5B23FF06FA179B5170E80516EC78A0EA7EFABB1E2119F8E26BE51F67810CA2
      SHA-512:26499BEDBB920ECFCD293CBD968103EAAD29D6560FD8DC6630A5BA71D194FA57C8A65E5F43881259EEA11AEBB7737192F1DF50D12CC8ECC16568BAB62C773B7D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="VerifyRepairDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Repair" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Repair]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Back" Type="PushButton" X="320" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Title" Type="Text" X="33" Y="23" Width="380" Height="40" Attribut

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\WelcomeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1912
      Entropy (8bit):5.261859722114889
      Encrypted:false
      SSDEEP:
      MD5:7A3151D3A8CBE915BB1AD9560D6975A3
      SHA1:698A4D5401046AC4DF340214FCA44529BD5F1A9D
      SHA-256:E33A8EF4EBE8F277AADDEC14D51E8BD90E6594D87968EA0918DEECF1DA6E8018
      SHA-512:3DE7501A9B50608FC5D7A69491188E513D9414068687566EA1E9AB101139371789F71D0B72D46507AB0851C38620C9F8B3EA73DD5481D1E8B90FFA606B01F49B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="WelcomeDlg" Control="DialogIcon" Type="Icon" X="177" Y="112" Width="96" Height="96" Attributes="1048577" Text="[AppLogoIcon]" Order="200"/>.. <ROW Dialog_="WelcomeDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="Back" Type="PushButton" X="320" Y="330" Width="56" Height="17" Attributes="2" Text="[ButtonText_Back]" Order="500" Tex

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\fragments\WelcomePrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2059
      Entropy (8bit):5.345460395742976
      Encrypted:false
      SSDEEP:
      MD5:02E220D79FD90E17E9EF67A434EBDB42
      SHA1:9B601F7450A70DCCC22A1BA8C201A7FBC2941F33
      SHA-256:9861A205470CAE09FF70B606D90BBAEDA711D9AFF6EE212B958FB7419467FB19
      SHA-512:3A59AB413207178D053ABEB949355722ADAA1C8E48F627021F50B75889251490104FFF80C414529F318BC8B83ACF8C4E525B5FC8100266A8B2C3FA1695B3D60C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="WelcomePrereqDlg" Sequence="250" Condition="AI_BOOTSTRAPPER AND (NOT AI_BOOTSTRAPPER_RESUME) AND AI_MISSING_PREREQS" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomePrereqDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Next" Type="PushButton" X="380" Y="330" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Back" T

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\aquamarine\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):40503
      Entropy (8bit):7.959771901276397
      Encrypted:false
      SSDEEP:
      MD5:A93AAD517ADED79F5287A4D95C5310C9
      SHA1:3D988E4C8A810A9EA3A5269484A480658B0DDB62
      SHA-256:7EBF0B73C30672F85FA777B9B893F5C00B690B00B330DFAA4355B1BF05B0354D
      SHA-512:89C921C0485FF07AAA623E339B82E7F95FFE388817F7D14480CC1C3ECCED56D43FD14C9F61C16669B5FB12E5CB21EB7CF07AA396F3FFE69ABA477495DD83592A
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^.............................................................................................!.1AQ..aq."...2....BR#.br.3S..C.$T..U.&..cs.D%....t.v4f.G..d.Eu6F.'g......................!1A.Q.aq."......2...BR.br..#3S...$t.cs4T..%...d5Uu.Ce............?...s....0p..4n.{....~w..1J8E...,N.FK...t..i...Dd[.].j..U9...|G7....s8}X..k.G[...*.~..q.J...t/............VI4.Y.Fo..rYT.,..J*.5A.B.J.e.e..,Y.;P. .......Pt.z....P.t*...}U.]D^.._...|P.......k...,D....X.NM....'...Q..8k.(.M7.d.1.J.,^.E.w3r}.....~{..'.......}..4.........$....4....}+.1..=..G.7.d..}(...<K.Y....~.O.w....;.O.>..,......r.:.q.'.H.%72.O.w..x#..z..O.O.?....<..i.}..$....;.\...)K..2........M9j........W0...'.}.......+.\..,.2.O....w...&.dnt.G..jX8..].i.R..rr....H~...9.J...Isj.(...uq..s.MT......`I'..N..)DtT.>....y....;.(..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\aquamarine\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):14090
      Entropy (8bit):7.482240101387165
      Encrypted:false
      SSDEEP:
      MD5:536C141D33166050C1070D246B84EC6D
      SHA1:F2CD64D3C6E34D989BB66D388436C87E42D31636
      SHA-256:7CA4C29985838D1BE2649C9F5456D54F233828176EF7AF8562789018279A95CA
      SHA-512:6715C89C431C9F6DF576468DCBB154833FB72F0AFA0EFADEDECC03D90A4677C33941F1F818B61F142B9940E5B0CA8380A73BD706079B70ACA6AE6750B9541EC1
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d...................................................................................................................................................X.......................................................................................!1a.AQ.q.".....2R.BbS....#3...r....C$s4%.......................!.1Q.Aaq..."2.#...B..Rbr.3.............?.................PQ@.P@......A.P.@.@I.IP...A#..^.......$...".......Q.W<..`...E.<.33._..<q....'.L.<.e.2Y5.|E....j.V...[9sc.n....&b....,.$.Kn."m..t].15..4..q.MwDW.d......DVd-......v..p.S.y{.7.z.:(%D*.@.B..T..PJ...P*-.....P*.....D...y*I.XB.R....T..Fd...J.UKZ.T........$.....@*.P.*!P*.....T-.~q..f.r..m.6...b...k..[t.../...>L.....>~;..m..^..;.vM.7.....Z[u..y.c...'+....{%..}....k....[..uq..4.g..D.,....w.w.8m.37N}...e..m.....U&.b.i#}z|c...-..{v=..;Q..............&.L.Y.,.._......H.....Sn..r]..u..m.JD~...t[.:.~%m....<..,...f.X0.6.]K.....pB')..}.....k~Y.m...........G.7..Xr.+4N-..-.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\aquamarine\head\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1520
      Entropy (8bit):7.318654015844963
      Encrypted:false
      SSDEEP:
      MD5:E77420A51D4FD5FD61050501F216A1F3
      SHA1:9D7240E262B5A740C384E013D8A7B3ABC89197C7
      SHA-256:8480B6AB284CD4713465E049D148EC884BF1C7D0C9D892041D548BED53D3B641
      SHA-512:1B96057FB5764DE69268BBD7845D8141B097F2B3F82429DD60906454B35770DBEC0623D7C2AA5682A4A043FE32197A2C7AEC92F4AE3F7D263DA67C3D7DB2BD2C
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d...................................................................................................................................................X.............~......................................................................!1.Q.A.B..aq"2R#3$....................!Q..A..1q.a...............?...........#..yYZ;.I.Vs.c..t..OO..r..W.U..) $#.9x^.m...g.k.F[&..p....$.......M,..L$..^w..xihr..._.f..=i.U..>..r.h.@...@........",..:.:......J .....".T...P..B...........$ .Bd..@..H......P....q}..[f...5...]MG.....+{..-..LoL.....n..N.x..~.x.\..o....%.......5.j.?qW=..Z..;8..>..=.....-...O..q.....{_..z8.....c.7-.....'..*.n....oEu.6.QD..*z.'.Z}..J.X.t....f.....+.b#.p.k..j..s=.cl.....Z.t..y...r...Br..8..]..._o..a..>6.x.(....[........i}.-...nF...>...t.m.....^...3~......e.....S}|.=...R.zJ~@.yb.......R.5.5Zi..X...W..Y$....z......Y..N.}.....^.C.=..8.ri.v..+.+..v...R..R..U.`q........\.m..^6.r.k.gkii..._"W.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\aquamarine\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):10472
      Entropy (8bit):6.791867756025011
      Encrypted:false
      SSDEEP:
      MD5:D686A75E0501E2DA6A245D7472368147
      SHA1:18C7C83E76550549B6700A04CE2DAF6F37EAAF91
      SHA-256:B725B36B0AC4865B464E6DC2592663C54309F1B9B2DDAB3C7F271E873214E4D9
      SHA-512:B9D26D5858A1E971693E7C62B0BC6913CE87F3452301A4DAA1FBE17DCDF1E4D14101AA2F4E610210C7562545B8EDAA51EC4C5EFC034EE31FDC9463913F20F9EF
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d...................................................................................................................................................X.......................................................................................!1a.AQ..q."2.....BRb.r..#3...$4%.......................!1.AQ.aq..."2..#.B..Rb.3............?..S..............................................ys...9n.byTI......O.4...&a8....d.....Z..)X.....f.u.G/..4....e.&....R&.....&&.<....;)...3...-.o.i....af..k}..o..V)..j.g...6.@..............................................{..%...[-....e...._...r.j.>\.....<.w..>....U.wx.o..Oo._.--..q<......U......>...rD...;......:i..[z.....?&...6..>......Yx_.M.N1m.........2.o7.o...e.qe...7v......f.5..,.~..[....$]..sYn).im.....wi.[t..w.t..u..Jm....<..,...f.X0.6L]K.....p.....C|...k.6.Tc...W.=[..??...........k..fH.....|L]3m>...8.Q.^...'ww..S...o.2.Y..3I.......F.+..>....w..~.%'W..../.].i6]|.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\aquamarine\nohead\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1358
      Entropy (8bit):6.559791277709891
      Encrypted:false
      SSDEEP:
      MD5:AA3E8321077DAAD33A7A015213F9B4A8
      SHA1:AC3D7CF22B096BD0A5A348B471DCAFB865A948F8
      SHA-256:17AB9B1893C2E2AEEC8EACF223417DE575D8796DD6B5047C68AF8A008E2434D9
      SHA-512:0486577C3872A7D79E63F40354EE9B27B313AB256D20090397D3459091EDAF16C4BFEA11F3F2AE73F226F592EF85EA43340CC1A2ACCADF7BED6758A1052A8F5C
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d...................................................................................................................................................X....................................................................................1.!.Q...Aaq"2BR#3$.....................!Q..1A..q..a...............?..Rm%...._M.uIK..3,..f.f.%.~..6..W.4e.....P.r.c/1...C=.j....rO..m*.J+-....+.f.R_..K...L.Y<<..|/.3w..v..)..>.R.l.......................................................8..;.....\.....?._%...^0..._+k.2....L.Wx,F2..[.`.][..3N)...:..u..........?b.w{.(....K..J..q.....v66{<.eeuv.9O...x..../8...m...|.....*{A...'ssSVS+..3....+.m.._.ZGkrj.f.j.k.ws,.f=....q.x.wm.N9#.....*.+s..\,.`.k2.o.X]...wm.x.o...z...Mc..+.#'t..r~y.V.<./...w)....(}.a..iu.?..J>|..n.7...7.[.W.'D.P......T{BQ..O.]...Z.v.._.B.....Yg.8..c.#...I$F..7.......p.....'..n..>|y+7=....l..l-.S..H.*zI.a..^..t^x........(..*l.u.....rr...V.._#5....=...`............

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\deepskyblue\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):4061
      Entropy (8bit):7.492016089937667
      Encrypted:false
      SSDEEP:
      MD5:57A5EBF98C29E193AC4DFA75A2F1CED8
      SHA1:4574B961CD6AB1EE6FBEDF91A8DD0D8505342996
      SHA-256:EB09BFC49FE3AF7BDE0CB1245F8655141659AEF771D1B6A184EF7A1488EF7F63
      SHA-512:66489539A32D435FA43B1E245C994DD8AA588A3AC84B02DE470DC53DB45A0E7EFAEAA22E12EC02BD09C2745484475C8CF57DC26AC5B1C1A7A3F04D1A3232EDF5
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@...........................................................................................!.1.A...Qaq".........2..#B.3$........................!1A..Qa..q..."...2#3....B............?.............................................2..p9..8....W.yC..:..e....vg......mchfh.o.7q..:.......-.\..o.....7...M...u).^OG..q=...S.....U....j[.....p.#.].Zu<..dJ...;.u..e.R.;}a..G'm..T#..\{.3..NM9.S.F.|.D....u..U...6).lMfx.}..x..Rxqd..W'..(.V..,.....|.UB..^.."8.......H.|....g'..V.bI.vLX..@a.>k...=............n5mBn.......~L1vO.?UK...;W[..i..IU.K".5*..'K.U^..^.Q<.=..3(W.?.%[s>.*..n....%.'....S..............................................C......Lw:....2..w&.7..~..6.f.v.....}....M.t....r[^....u.....s^.=..@z...n........K.D..\ui.f..U...,..Y.._%4..V.W+JZk[.V...N.u......>...><...S..V..J..uf

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\deepskyblue\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):60996
      Entropy (8bit):7.974573850326862
      Encrypted:false
      SSDEEP:
      MD5:847126256BBE64FC2C9456F86B8F0FC0
      SHA1:D6835C7866386D9150CD28BDF7D5CC4018C3056F
      SHA-256:329A1DA4CF7E07C34938BA77F728EC2909D448AB41F1A3B8DF455678C4DF6BFB
      SHA-512:33455878F4CAF958CF1F429F2457939DB500AD8642D9E8C138AB5EFFCC5B4C2068062CC45D70F1BC89B89B2FE2AB3F491E01ECA0356755E77B0F546DE5DE7714
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^..............................................................................................!.1A.Qa..q.."....2#.BR...br..3C$T.4.Ss...D%U..'.cE..&7g..56Vw........................!1..A.Qaq"....2B.....Rb.#.r...3CS...$....cDe.s.T%Uu.&6.4tVfd..v.7............?...I.b..Q_.I...e..~@.41..=..Q...p..K...2..'r..............#...,%.... p.O......R...~LUiO.....|...._.GU.....en#..W..g.........n..I^...*.8.......|3.oH.C)..,_...c....6'...v[.9.j......V....R.V.....}^....f..H..>P....?....n.....7...J...Gl.....>.~..p..8..U.66a.]c..QcS......v.......U.....C........U..B..5j.R......~.W......"..r/.oe[....8....k.....0..}.*.yX_C....W....UD......\....b..&.C..p..T-.SM?.\t.....V..Z.T.}m.....T..6..=.....UNU.n....F.cl.S..t.1._%.)..|.aO..<.V8.TR.9ca.$....-...w;j.V....I.....`.jr.k......._]#

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\deepskyblue\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):29396
      Entropy (8bit):7.939750212973211
      Encrypted:false
      SSDEEP:
      MD5:6C0EE49A7FD729049E4DD57A97242E62
      SHA1:29BC6DA2E1F568CB1C30993A4C4090D912079E01
      SHA-256:080C73382C5CB466EE27FCC5DC724BECECE17C20F7D3A87B59FC2DF279A4647C
      SHA-512:359530F9B647F126DC723BCF6E7562903B6EEFEAE2D5A9B3D12D4E072FA938F1F8ABCF69DDD030F8D788AFEA404440AA2FCA65F4B6E229F004AC86B50EA27F74
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X...................................................................................!.1A.Qa"..q...2....B.Rb..#...r3CS.....c$s.DT.....................!1.Q.Aaq.........."2..BR.............?....9.+.8FFkP..\...6Nv.j%...!.M.a..B.....Vh.@.%....T....@ H.BT.E.......D$(2..R.!A...Pd(2......B.!A...Pd(...m...J.@R.6E.d(2-..E.Q.A.(..A.4.)...0..Z..._...3;3.Q..5f.....-..' .......W.]..H0.....X...R..z.+p.r..`..\..o.qn..J\3..Z.....h.jN...3).Q...[`DH._.S..j`...xY.f...S>k..@..p..0..'<c.R.,.&f.XW..fI.!...\..+nD...3j.}....SLG...;}Kx.z.K...*.7".......H.QbT.XP..U...gb.T,........L .aV.1.*...$@.@ ..! .UB...@.....@ ...... ..................@"....@ .4P.P|..>j.j.8gb.,..9q..... oR.&_..".2.{XD..=+..o.....9NZi.].v.....h....r6m.......'zR..y3.......d$.\8f.w.p....|.......,b#...zc..\i.0.b.%.s.c.T..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\deepskyblue\head\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1558
      Entropy (8bit):7.06038290462095
      Encrypted:false
      SSDEEP:
      MD5:085F11DAA29E78C6EA7519EE4637CF80
      SHA1:87F47B85CF9BFBDA6CAB617B8EA594CFC5EECF5F
      SHA-256:5D18E7E8AB3B05CFD1130B62B13E9FD68353F3B2E6A68F7885BCDE75FEC076B2
      SHA-512:FE8BB975B242C67A1AD66F9660C44E366DC63CBE84F123596AF635FE2B9457883FCC328F81866992C2963FCAC6A66651603D3277A08553FC5B26D60AE382DB5A
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......F......Adobe.d...................................................................................................................................................X..................................................................................1..!.Qa..Aq.."B.2....R#....................Q..!1.Aa...q....2R..............?....K/Dvy......'.p[,IeH]\.......l&.[.#@....}Rm)uYo.5.Qamve.Y....V.K.xDT..5..5..r.>M5.l..)|..jm...F.8.*QyLY...T.........J.......VE..L4F....................d"..............`iG.Y.a.C/.3..\......x9.g...Z.9...'.G...^_..'....BUM.B..X....r.ZrKc~G......w...c.o...........i.A=.5...{..$....\....m..c...W?...u.O..Y...r....'......1d...GM......v.i877E..MYT...v.=~.vm...|1..<..ZWr$....6*{...)..]..c.5'..^....N.-+o..]..J...N1.pY....c$..||.nq.;.zy.N..v+wS.....n.[.o.r}u..=g..|.31q~k.m...5.%.G.....U}...K.C...g..\.[3q...^\.].ep...V.]n....Ts.G...y&.9.\..ct..{.d...{uF5.Q...G.Y.U..Y.I`.LN.?F.[..|..s.ur.R....x.-....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\deepskyblue\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):21465
      Entropy (8bit):7.826540068839825
      Encrypted:false
      SSDEEP:
      MD5:D682CF32D866500C87E4E2F6A1DBF870
      SHA1:FF8620AB4011918551275235A1EC15C0C04F8E40
      SHA-256:AC53FB5F87FA500AD17A7B3AA171206D6126DD5F2F252932CDF065BF264B57AC
      SHA-512:6F02DAE147A72E04D2C55FF8432D17941DA8CB0C4C12CB22D6C14452C88FE2C434DDBB8860D4CDBA14FF3637104C19F267BDD786C6464A160FFAD49BA42D9C99
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......O......Adobe.d...................................................................................................................................................X...................................................................................!1Aa".Q2BRb..q..r........#..C....3S.c.s..$4......................!1".Q2..AaBRbq...r........................?..L..L8...]....]....c.@...8.d....9.P...hd..\\. ..@................%.R5.5...U.h....,......04..2..'.J....&mh.d.c.d...(..U.VfpM.#*..`.A./i...-...J..+j.U..r..o....I."g.Z.....]c.G4.=...i9.>.q.X.2I..=(...L...K.]..EfRm...#.94..V...f!...9Y.....M5K.......2.wk3.....k..zzt.mI...V.z..4..$.`..h.k.T.-a.......C ..AP............................dP........../...2...!.8`....nm<.1.n.]c..{;4..8.......x?..L[<8p...~^....K.......(..0.so%1r....u.J=e*..5T.......3Y..n11....j.6..xL[..\0..g.0......K....So.E....W.f........c.{E3.......=.\.|.r..|.%.$.C$!..}.w......c...'9....p......E.g.<by...."

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\deepskyblue\nohead\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1947
      Entropy (8bit):7.357378710508512
      Encrypted:false
      SSDEEP:
      MD5:6A0E7AA7BA2D80EB3BFF62754EC2F2A6
      SHA1:B4D2869E2B3B2F884CFA3402B5266A690A865FA0
      SHA-256:E39768782A9A9F6BE8F15D5C1036DBC294094EE84A062D0D5F5E65497C40405C
      SHA-512:BB942865BCF6659090D240420BC6AF309FF507F4617E4BC9A8CC7910CBBEBDBE6719C5F38B698F13BC6F1F14D5CC2B2A34CB440628FDCF09F7D05FE7D87FB062
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......O......Adobe.d...................................................................................................................................................X.....................................................................................!1Q...Aa."2q..R...B3.#.....................!1.AQ..aq.."2b...............?..Em$..VwxQV.7....5.3...Q;2..m.....<<<..b,..f.2.L...]..2....')F2.m.atx78L1....nM.%%..f7\s..nQ..x_.SV.[]..$..S.......n..3.d.,......._.........al....&&.#(..VPP..........*.......Q,...i.F[....................4...............@R...Mc.\Puo)~.L.9|E/%.Y....%../..g....IV..!.S...=>..W=..<..........(.s..v...b.......m9.po...o.....'Z.....x9....Z..8F......M.*.....]..?5B....PRS..&..[..o...o.D.mb..f0.~.9LO}&...Qf.....=]V...N...w..kU.c<.$.q9...?.z~6...................c}y..nV.Wr./..V...j.Q..eA&..7.8.X.J.....Y.............;;.Z..2.[aj;w.7%+\|..p.....+.'.b.^.[|......j.....[l....D..Y.e..R.....<.u.2.K.iK=:..5w...w..:/,

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lavender\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):43145
      Entropy (8bit):7.962103614312115
      Encrypted:false
      SSDEEP:
      MD5:2D73AF3432789622352E819CBF0F88AF
      SHA1:BCC5368BAADA812FEC9E3F17C01601F2E8C74E84
      SHA-256:8C40DB50BF30CEF94B78010616C44C29413D6FB1FBE43917B55134645F1613C2
      SHA-512:E9AE220AF4F464C6488E6E938B374685852C8EB25914FE2E7D92ACD51EDBB3847A083100ED57F0ABBAA99EEB0009172D29E1477FF2404729E4CA31E2119CDFA6
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^.............................................................................................!1AQ..aq"....2...BR...b#3rC$...Sc.4D....s.d.&V..%U..TvFf.......................!1..AQqa."2........R.Bbr..#3...Ss$%..4t..Ccd..DT.5............?...I.Mv...e..ji...'...D......y..i...N.V.....'..bh*F\....).FZ.MZ.T...F.S.I.iSJ..@...8&....w...h.rK..z<8..?..vv....d.X..Y@..Z.f`M.."..1B../.F.}.e.<...f.#..]c.......V..y.r.k..v..o..?;..gH.F.q.(.B[.F..5G.E.y..H.......eJ..vC.4P.["X..X.*J...l.F.xW2.m.}..+.S.o.dN...d..*...".....ca....o.....U.Rl..ed.y...y.a.z..'9Y...9<<.?....U...++...O..Y?...H._.E...?..?...D..D......Z...SLW.J......=/...j.G.......o._....Ly .#1,..d....mE.$J..Eyw.'...j(.H...*...{.I..xQb@.>.{X..\..3.&..P.;J^.G.A.0....D..0d.#..M....%_0............Q...'.J .x.}(...}........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lavender\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):16656
      Entropy (8bit):7.5378456144542305
      Encrypted:false
      SSDEEP:
      MD5:EAC080668DB16A0181535E80D6F12763
      SHA1:828400468CFDA91C5BCF3814FCB6AEDE1A19291E
      SHA-256:A7F0C0578B8A305DE791382EEAD74D2E8C853F3D7283BBFCDB5AA9628488AB0C
      SHA-512:72AC1C49FB3B91C5F3DBBC3D6DC170FDC13750397F6D0DA28FE8EA19D01F954A2F53189446533AFD76C5C1D061CC69023D4529C3D71C2833DC193CAEFB720F31
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d...................................................................................................................................................X....................................................................................!..1AQa....q.."2R..B.....b#S..r..3C.c..4.........................!1...Q..Aa."2..q....B...............?......n..(...[.P..n.d......B.........................F@..F...........:.i:. ....$..E=.,D.N..v..K.t..]...^.z..T.1Cu\H.@U$..o[......."-\.L...Q.....;FQ.N...23;..<.k...6.B1r..J..3C.;....q...U6f._I.$zj......n..(...[*........n..(........................Z ...J.J..`\.2...F...P....Q..A..v...p.m8..).K3..!.?..}..7....U.K\..[....e.9.?.....e...uXP.5S...%s.].......-5eY..nk.Z..<.e.2;.k.....;.X\...nZ....rY...(...8..I.4..s......=M...9...+K4.&...u58....W...uN.~.....nY...Q/.......?.,/....z.q.[..u.6..\..-.W.o.uX....5...M.~=..y..k..N."......6/+6.;:M-.wT.9...4..Oy.GJ.g.dnS.l...[.5.O.....p..%.jU.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lavender\head\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1504
      Entropy (8bit):7.1549303991113975
      Encrypted:false
      SSDEEP:
      MD5:AEA83AB86E91AE8A65A2173FA5216C6F
      SHA1:FB2B8344AB795AF95CA34402F2974F3BA9A2A7B3
      SHA-256:8DF35A71E160EDB437D9EFC56C3D122290CFBD05AB533CA6BD2098AF67314591
      SHA-512:AC7840A056D99527CCB1FF1A26CE4F49543A989AF3BAAC320A4E4DA3AC4E3E60D9513254AE05C0A914FFD04FDF39267A8F171E921352DD010729C73DA1E58C81
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d...................................................................................................................................................X.....................................................................................!1.Q.A."..q.2Ba.R#.3....................!Q...1a.Aq................?...?.6....u_M..IK^.-..C.E.u.,.g.tx/Z:ez.2.e....y.y..2......u._&..u.<w-..r.V[. .......L`q...zY,<......f..GZ.S..}....(..........a.. a................................AH...S.D..................9......K.....|.y...D.*.v.8S..#).b..........1............\.M.{....5_...T..7....~..]u.....m.rynO..+k.:.+..i.........b.'...-<.pJ..)....V+i...-...?I.&.x:G......W.....f<....8.;.._..G1_]...\.v`......;J..\.[,'......t...|Z.'........d..r....Nx.:...".]..].|...B3..*3...%....K.w.U..=.....S..N.]...~:.TT.8./L....3....s.*.M..zB...Yo....!. ..~.I..bk..q.r.9.):..^..._.J.,.O..,.?.....q...4..G....rP..F1xJ_Te...........|.......M.VK;,7.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lavender\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):14755
      Entropy (8bit):7.050457253133023
      Encrypted:false
      SSDEEP:
      MD5:44724AE9ABDFD3AF8692C6E7AC7431BA
      SHA1:865103323ED47028486FB244D6718ADCBCFA360D
      SHA-256:6126109AAAFDBB5B3CEF694444FD658FB902918832C3FE01A400582B4B4C9569
      SHA-512:64F083A759C0C9866A13D51A0558BB51657AD9B0D1A3B56B2C6B79A01EF75D4D7F3531D46FBDED4DB46737C1AFED9701DEEB45C84BC4F9F878E29765F2BDA862
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X......................................................................................!.1Aa...Qq.."2R....BbS..r#C.3....c$T....D......................1.!..AQa2q........."BR..............?...........................................................n..TT..6X.g..^.:j...<4..v`#...jU...NJP{.....x.N+...x..Z...]Ii.).-.H..2w..*..B....]$tFQ.N-4.(..R.....9,Yb&D.!.9I(.b..C.....q...M5....S.0;.^&........................................................|W|..N...F..p.E\*..si..*<U$..x........O...N..;}.m..k..F.aJ..u(.(.Q.R.8.....i.c....g..`eeq.F.uS...'c..T.).F..:.r.lx.<q........#.=jv..):....Vt.R..B.U=.VZ.mc(..<.3.....O..........2.M.....R......E....'..|.5....j..#Eq.*.v.!wJ.%O.B.i.../...0K...Z&..><.......F.....gV..;.*s.w=v..t...4.....9/w4...D.....Geeq..l.6....SO.b+y.1..y..Q.r..t..l

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lavender\nohead\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1378
      Entropy (8bit):6.582735917346661
      Encrypted:false
      SSDEEP:
      MD5:A6F9A99F40BE7E58CFD64BD7193FC678
      SHA1:939C8D9E5C07C9626EAB3208D67B69E7E316E5C2
      SHA-256:FF2C271DB5D24862DD68B53DB55822C66ED0BFB019A9998846CBCE5F41D7198C
      SHA-512:3C21497B5507F372A8F5A1E204A644CFB7FCE6300854D7165DA55C5D27D493E7AB3F40086D5B5832C1DA474108A2317AE7D9B57F4096DF87018ECF81A630059D
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d...................................................................................................................................................X.....................................................................................!1..AQ2..".aq.BR#3$.....................!Q......1Aaq...............?..R.........o....{.X"....k.....p[...c.d3.3.3.b...3".es3.t.]h.[...546;.......A.R..U.4|.K....V.........h..jq.mU..es...f..f.$......................................................./djx).-|.K..B...u:.s\.4....=..U.m....0.....1-..g.w.z..k...W._.k.F.....D.!j.......p..?>..u.\..a.M.;;r.2.mt.q......fb...yNq..,.~|.sS........VY|..d[C.........Svq......dQk.6...-..1..W.q........%vw..D.m2.vVa.KQRf...Y9f..Q........N..k\.k}....:#......fn....1..u..b...f...>..].U.z'....u.\z...6.)...]r...w....0.......'.....].;;..U+.....[.L$e.mIi..."..13..1.6~.R9.t.].F...j..O.....h.+..Z...|Y..^4iz8;Bb|..8.o.....=G....]..6".../yg.k.<..<b?....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightblue\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):2161
      Entropy (8bit):6.897007541465739
      Encrypted:false
      SSDEEP:
      MD5:76BD9B34B3C3087A0F6830B484EB0B06
      SHA1:8B1A1E47C787CD1378E414F1E66BC85398548445
      SHA-256:D7819B6CB90984DA803B5682CE0A2958355D826B5C6DD56987D1802B68843E80
      SHA-512:536D145CBC1E403893A5274D80D243751C12916A30E95838C134F21E27EFFC590CFEDC2696DF24E17F960CC8779C1C52983FE11E46E00B9A6A791BECD024499B
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@...........................................................................................!1A...aqQ.....2....B..Ss.."b..#...3Cc.......................1.!AQaq.........."b.2Rr#3C............?.....................................q....!.........".'.cRtV......-W.V.*-.1n9.];W..8P.tC=.....p....U.g[dFucw....ha...}.o..j.e...L..8_......R......g.Fv...og.{a.+.D.O#0..wBl.^.e1.z.*.....D.>.z).................................3...H............fzJcTN.....K.*.;.......s/....C2.z.WB.M8.....5.Ye.LG..{e....c.{..fg9...g.6..c.>.F...HQ..m....a.?OW.S..^......k>.+_>....Dh.W.l...y./.WtL.cdv6...Fyc....<.^i.Ni....?.....wg...........e.....I.v|.S<.$.....f}..'...>g..'o.......z}.z_..S?......@..............................t.3.]#D .............).Q:*.8U.K.*X...>0.Fu.....Z.2......~......gt8F>.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightblue\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):22493
      Entropy (8bit):7.805817720364373
      Encrypted:false
      SSDEEP:
      MD5:0FF48B3F94419229E4F72025C548D20B
      SHA1:7724557F6CF27279C5A40370D35029E5FC61CB15
      SHA-256:C6A4E8733FD563F86A9C20D6BE1228C7AFC60FDE7F097D49B7D85BF26024E3F6
      SHA-512:C73678911F53341A647630CAD5BB832A3B09B78958D4E938FD593CE9069DA9F70B94B49F4664CF6831511668A6BB01D57F52B9802289F45F6F705A8F404F5CEF
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^............................................................................................!.1AQa....q..".....2R.#CSs...Br..3.....$4T.b.c...Dd.U....&..7w5V.'.t.%u..6fGg.....................!..1AQ..aq..S...4t...Rb..#s.$Td"rc.B3..2%5............?...w.~U..V*.t.ZI.U..E.^..f...|.. .......6&..-..7;.\....YVe].&5...3.wK.v.b....\..mWs>I9N.Z.KK...Q2NR..W{.%.2........n...M..I..egM.wX..&r......T...m.N.7*....Y.-..FP:M9...Vl......nWt..!8.s2..).......-1..Z....U.kK,.+ZbKjLW=Y...^o-}.#.N.......F.5...U.Q.UZ..|u...G....Z]...c.1.....^o.J..-'.".t..LZ...{.....I.Mk..o....s.W.D..+'..Vi^..X..n.<..\.h..O.&U.#;E{.h...v)/.J.7....+.....v|..U.^..?"g3..t/..3-.:e.o.F...3+....].9.d5..Xg9U..t..%;.m..r....\x-.3..h.')..F.L....;.hVf ....5....r.D.*#....:.OM!#Z.UW|.....i.UW}hF...............

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightblue\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):29790
      Entropy (8bit):7.930808148389421
      Encrypted:false
      SSDEEP:
      MD5:34363136D896A1DE743489E2AFF7D849
      SHA1:2678A41EEC6D6D7F3267347F5EA2F7CA770323BB
      SHA-256:AE4355BC29FC0B409605FAF5C69664A97A44C914E855B474B24281D17B7DCB15
      SHA-512:2711C50013F9B763E2EB7EED136F120DBE71B45ED0669655B07393E75F4E704877E7AF473133469A012FD13D6BC50F2F715E8244395061A0067A480778759448
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d...................................................................................................................................................X.....................................................................................!Qa...1A....q......"R.....2b......Sc..U.Br#3C.$..E..t.%..s.D.eu......................!.Q.1Aa.....q....."2RbS.B#.3C.............?.....T&...,g....q.]).#...6W^d.....(hKR3-EKYn..<...5....j3.Q]mer.KR."...jA...Z.....6.I.QY.Y......'...GSUu.KR36..KR....Z....E..h...R37..D......SJZ...QR.F...Z...B..t*.."\...pU-H..j.j..k..N..R.&.d..Wj\..T.J..jD....Z..o.BZ..MV..-KR.+P.....I.."UER.D].(.e...+.[:....q...jT..R...R<.......j]CSQ....554.KR$...Z..B...\....\.uT.!rT...!r...-H\....!rMA;.-H.......Z...jE*.........Z..X.AT."...KR. ..jB.....VfP.jE.*..".B.3..#QlM3mhKR7...!.-H.D&.....*."..m.x..q1....W>&$.e.YVv....2.(.......q.........o.sb.b.,.I..:..2t..L.\..sYEK.<._2/...>..w..x.u..lT....I..icK.?..x.d.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightblue\head\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x29, components 3
      Category:dropped
      Size (bytes):5157
      Entropy (8bit):7.786674290717775
      Encrypted:false
      SSDEEP:
      MD5:1639D56B7A8E192820879BF49F5ED9EE
      SHA1:0217734FF0829FECAAB23E41CBB4C5C6A8A79A15
      SHA-256:14564C11E82CC8836F98DA64E1A973F0E7FDC894137E3FA49C4816FD6E273455
      SHA-512:309FD89AD475AD71E6545E8709AA58365737ADDEEBD9576D38DF1AED8C4A9A09C92AAE2007BEB7364D80B934393371D9D1A7C013CDB18C76CEBB5F6B06BE6019
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......d......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c138 79.159824, 2016/09/14-01:09:01 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6674D68B272BDE1185729E47A30E431E" xmpMM:DocumentID="xmp.did:429C3D27B26111E7AC07CFFEB6586F4E" xmpMM:InstanceID="xmp.iid:429C3D26B26111E7AC07CFFEB6586F4E" xmp:CreatorTool="Adobe Photoshop CS4 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:3b006139-8043-bd42-b03b-f3eb29ce49cf" stRef:documentID="adobe:docid:photoshop:98d497fb-b260-11e7-99a8-d75280bfd2e4"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d.........................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightblue\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):27668
      Entropy (8bit):7.929380020340665
      Encrypted:false
      SSDEEP:
      MD5:24103F71A86C20089528C96C0DBE1445
      SHA1:007D7A930DCAE7684477347F4F2BD58D4EE5D184
      SHA-256:8542E195EF15DFD3ED9B246D3539295F266A19F3BDE524C3F41B99ADB6719C11
      SHA-512:94267AA20FB17E2DB9AC31BB20B17E108F99C17F181C8F1612D9ECC9AC1375703B2EC7AF3795B7C4AB379723C4C764A137025FB21DF3E60859D0480CA546EB10
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d...................................................................................................................................................X.....................................................................................Q...!1Aa.q........."R.....2b.....Sc..Br#3C.....s..%.....................!.1Q.Aa....q..."b...2.B#R3.............?.....Y.Kc.c?w.O.~'..%...R...]z..17..Q..DfZ....z..#.p.R.-K..Ev....E.Ei...KMX......m&...i.x....B.......U..Dfmc.QM......,."".v4W^......W.....M..j.T.f....Z...DMS...."%.Q].....V.&.~..&......i.]D..aJ."j.iP.\..!..W"..........Sb.B.j.....6.DJ.YO""....l..5su.^i... .?&....R<.).CSQ...P..y6S.....r"M.*...\.!X...!X...WU.....]....T.....*.Sb.B.wl\......."-IE..J..b.@..........+."...B.r!r.V.D.P.X..ufe...",YV.%...q...E.4...Dn/..C.\..D'5.....-R..DX.e.o.;..&>5ta`.R....4.J..z.:a.Y...s....3.u..u.M....]...Z)..[P..:jO=-X....5.T.....".s...o..[..55b....Q]X-,jp..8...IM.S..]..8.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightblue\nohead\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x100, components 3
      Category:dropped
      Size (bytes):3137
      Entropy (8bit):7.576846140355196
      Encrypted:false
      SSDEEP:
      MD5:BB54271B1F356D565828D45F6EE2F75E
      SHA1:ECD46C5EFB5ADC5356B161EB6A90D0C6CF886E51
      SHA-256:E257434CDFFB8C6231AFF131E260CF0E193E1E5CC123EA9CCDBE75E390771CA4
      SHA-512:3EBD1CFEB325F44BF88743EDA3FECC65837883A613C208CF4BA1611AAC528854728DAB941D76843A018883326460D14693355E3C0716F86F0E3AE1CFEBDCA17C
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d.X.............t...................................................................!.Q..1aq..R.A."2.bB.#3......................1!.............?.......J...Tf..". ......%`T..A..8j..yg..@A@3B. (..2Q.f....E...o?.s.....{_.q3Z.Q.... 2....@d.H).e.J.......`H..u|.V:.2..(.@.`$...@.%.J*..2P\..J.&..T..#@....(.(Te.2T@e.*3 .{$.J@.c...7..`.`3....X...4HA%....Q..U.y....4.2P..Q...(.$#-...*=._.....Lz....U}L..... B...y.5...$.T..........s...%k.......@QW..`........%r.&....5.2....3..2Q...j3.....I..HMw.._...@.p.....A,.X.M@.ST.D..%..W.....Lhl..,..D. e..Bh). n.......f=}n_.{v.&+Q.0.e.202.$]R. R.d.,..(b.X.N.)....W..cD..M7W....]gy.........1.a..PH...D..\...-.%sl.!:.7$hHA%4HA e...B..2.T@z.....Tf.o...V ...@. .)(9.....PH.u..3^Y..m.. fB...J... 3L.A.=..S..IZ....t....J.........H....J&.P.. . <.:.,.`IGM=..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightblue\nohead\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x29, components 3
      Category:dropped
      Size (bytes):5163
      Entropy (8bit):7.785429578841785
      Encrypted:false
      SSDEEP:
      MD5:BC248F2A852C56FBF317A1D94343DC5B
      SHA1:E146F4ADF572A110A5BF595A5D76F49F0A52A6A6
      SHA-256:EB43EBD03ECFA0A2666FDC2A44713A4D37A2F8E6382FE4FAFBE671B4BF6B3DCD
      SHA-512:779C150C3450625412DF115CB0C7B47EF4DDC91FE57DD0BBC7608A6AE01C4BC81B9DE3162D32BF7575C454078C7D7C1BC25843C27749138BD582064503734390
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......d......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c138 79.159824, 2016/09/14-01:09:01 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6674D68B272BDE1185729E47A30E431E" xmpMM:DocumentID="xmp.did:30530D7DB30E11E7A0A98322205D38EB" xmpMM:InstanceID="xmp.iid:30530D7CB30E11E7A0A98322205D38EB" xmp:CreatorTool="Adobe Photoshop CC 2017 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:3b006139-8043-bd42-b03b-f3eb29ce49cf" stRef:documentID="adobe:docid:photoshop:98d497fb-b260-11e7-99a8-d75280bfd2e4"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d...................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightcoral\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):19809
      Entropy (8bit):7.597026816911842
      Encrypted:false
      SSDEEP:
      MD5:AED4EF05E25171A46CD3E83E8D1BA70F
      SHA1:78C849BAE547BB93C425A44FBCA11026131AB86F
      SHA-256:032D6D92EA118F8F7E0DA4305FE5184524E6F818B99ABC2106B22346E8D36758
      SHA-512:A1E0C339A98E59E7C19E436A4DA8E290DCBE51B6F88E7A5A37C001E6BD11E7E705B07803E469F54520A607024A282EAB3FA2C6519F06A9753CAEA905311869C2
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X........................................................................................!1AQa...q.."2R...Bbr......#3CS..c....D.s$...4T.%E.......................!1..Q...Aaq2........"..RB3...............?..........U..........U.*......................................S..F7..r.J...-....fy./.m]..GL-i.uPY...&..w..[.(=L...T..-U.!U....f..K.j.....L.y.m..'./.Y-t..\g....MU...Vw.[.;..t*.DL.W!...IF*...E...w'..^.4.Zc_......Q...V...IP....*.P...........P........................@&.D.....*............0>;...[.;....g.6#.W.&...h.....c....)..tp.k..<+..1........../...P.wk6.q....N.....N5.Z.MR.....1....{....e..g..'u<=;.by.....v.....-:..D..x.9W}M.......=jyH.rw%...;P..wl_.q.we....1.OF..fu.]...c.....6S=.....g..f.r....\Q.".....\.._..&Z....;...sU..N..<..y.p...k.....2|.|&.D....L.,....x..=..-....k"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightcoral\head\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1788
      Entropy (8bit):7.285118265675547
      Encrypted:false
      SSDEEP:
      MD5:A8E5BBE0FE21BA97F466616E59FBC0BA
      SHA1:31AB0213E0893907F131D99B29E86A057EF64D33
      SHA-256:53256D07FC3902F9CE0C47BF2B8C865E36A705574B3259C71E95985225A6064B
      SHA-512:CF6FC41486B512DB3D7576E127A9599FCD6555A9A5B41180A54C97724F3698E9DFC7E4F37311815A6A934966E12C06AD3B4E67774DD99565CBE8D9ADD2DB84E3
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......P......Adobe.d...................................................................................................................................................X.....................................................................................!1.Q.Aa.2.."..q..Rr3.....................!1AQa...q....."2............?...?..D..F..lS...b.....].8.n.{t[c....O\<<z.....[.+...+..Wl......,w(.R.'.........Ko.aj...sR..Y8.n.r.Vd.^.#0...(N3..`..s[..D..,.(...e..-...j.....f2....7.. P..........................................5.......0.....i0...l..=......v...........9;xb.....wk.)...V...B3.F.....8.m.wK.,.....8DD...t.......<UoR>+{kGf.){....M......6,....z./F....w.1.X....).ggm..^=lU.......R...R.2.yK.]..5.<.1.L..m7..p..R.R.R.z;..)Z.Wk..ZQ..&..N=Ir.8..i.T.........FU.lGQ.y|..J..y}.#...8.wb..u.1z|m...M..cY.n.*.U..V.1.;.y..$.}:.....v.\.G...>%n~.....>..}.H.J.{....N]W^..1.g...57...!....[.CYl......F.g.W8e..&g..8.E....M....]>f....J.N...u

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightcoral\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):13525
      Entropy (8bit):6.892773720094933
      Encrypted:false
      SSDEEP:
      MD5:BD6C5AC0437B9C3124CBDBF2B56BC7D5
      SHA1:3D89051A7D1C37AE32481523E260DB1D0F004F1D
      SHA-256:E0217A600EB0E56B65C286322FA9755D422DD236B305BFAFDC7EDC3B410B4178
      SHA-512:D18F64AA0A5191D392616C7EF05DF3CDACCDBDAC28F90DC3D1F76CA9526A0058AD248554A24B1AB42458DBCB4C868CAFD5D6F6F28BCA4D72FEE052965304E9B0
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d...................................................................................................................................................X......................................................................................!..1Qa...Aq.".2R...B..b3S..#C..$r...cD.4......................1.Q!.Aa2.q.".........B.R.............?...........................................................Y.+.QOeImF3<./.m]....{.....n...n.~%I.....*.Uo..o[......V.".z.4m..Q...KkI..d...x....Z.L.Q.....\.".&.J...9..w'...&..6*.~....t.o+.T.. ........................................................e.z.z...........n.n3.....YK...........2.i4..F..6.Kz_d.^J2....aC>.........4Z..c...t..mKKYV..I.S\2U.v....1........x.rv#u.'..B...ar..'.w%.....)<1/....O.._..I.....o..\.[..Nj3.AN.r.)4..V.H.o,1..W...w'j.GQ..p.F.eU7,....(.................Q..;Zy.m._n...,.{.pjt.5_s~.U......Z.?.]7..=..y.kZ.yS.._..[......=.....gI....w..rj.jRq...Fn]..f/.....z....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightcoral\nohead\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x100, components 3
      Category:dropped
      Size (bytes):11064
      Entropy (8bit):7.937725029860836
      Encrypted:false
      SSDEEP:
      MD5:30CB28340AD21E46957555F1896C27C2
      SHA1:5FC498766A7B62DEBCCB593AA7BE6AB42E9190F9
      SHA-256:F4548DE1C3C6D237FD51DE3368D70F4C1E62F1C554F78F4D91154801BEED390B
      SHA-512:47F48EB8A2C1544820B5E5F9FFAB823055132518E534EDB3948432488F0092639379751AFF7286FE1EDB792E43D426F179A6FDA056BE0C1D55B3BAD8B0495BEA
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d.X.......................................................................................!.1AQa...q."2...BRb...3S..r..#C$...c4D%..Td.......................1.!AQ..a2q..".......B#..RC............?.......P...P...P...P...Rs.)5DNd(fB.d)..g(.*P...U..B.`.#0E.fB.d)5(P.@V..A..R...;T...wJ.i=.[q.$.M.Q&....Rs!.p...Nd) .P...gE...b.u..P...bP..!I.P...4.!J..=*Z..8.T..JNd(fB.d)!.|.P...3!C2.3!I.F.P...P...P...P...P...P...P...S6u.Z..............(.....T6dJ.....kK5).bZ.\..Qi"...]..........B.j..Rs.)9...U(g.. ...g}.F....M...VgN...Wr.F...S.)d.n(....*Y.D...q>p4.....Z%..5t!G.M...Qs..K..W.U&.j...J.H..!C2...(n...UF.....Z.L..J.H.':.`....P...RC.gD...Nt(gE......oD..B.t(gB.t(gB.t(gB.t(gB.t(gB.t(fD..B...y.....'.....W(...'.N...?.O.....j2.....Zx..u.M.f...,.....)`..EY....VS.z%...2.C

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\lightcoral\nohead\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1461
      Entropy (8bit):6.73410566768816
      Encrypted:false
      SSDEEP:
      MD5:A99DA706D4E6F7E2F063B800A85590A5
      SHA1:9A8C8E4DCADA7BCDAF28C6D171A824C278393DA3
      SHA-256:EADCC34F7B963A7DF55335B92E3674AF116F9F28F70E3E79023A3CAA1E03CD5D
      SHA-512:FC9938C579D254A80F015BE21B8707F4B960DD48101F6968C15A6B28BF3218415B3B7E0D3E7482DBA368745826BFBB4F447BAF8CACC5BFDCCAFD1032BA8909CC
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d...................................................................................................................................................X.....................................................................................!1..AQ.."2B3.aq.R$......................!Q.1Aa....q....R...............?....m.K..:vi.7T...-..c.*...U.2Y.....q.k..+&P...2.....JP......mN2.;4..JX.,.f.9F+2xEeX[U..rR_4..L1..j.?......_..&[UuwAY[._b.1Kev.D.............................................................A..#...]L...D].g.....tN.Uc...d.!.OV-..4.....~.+{..k...._....vo.0O.U..q9EINSx..BE...u....'2...v.r.V.O.6J...v.. ..3.....s...........$.R...[j./r.X..v(%.\z.,..\.N8..:k.....M8Sr.v...)..w..9..zw.,..X.....%U.....W.a.7\yJ..\.\.I.N8.......h.}.ok[.-z...\.....R.^.....&..G.b..y...|...g+.TgC.~......1.._..O...:}.5V...z.b..#..\s..q.?.S.&.L#..w..]...<......(We.hb.0.m..Y.I%....cQs..aj.....US.t.$..V....X.;.Z...e:WmCZ.].

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\mirage\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):2340
      Entropy (8bit):7.13803192763371
      Encrypted:false
      SSDEEP:
      MD5:EDB84B75FABA00D18F6C45567F20214F
      SHA1:8D2E5E70B23D57622E4D1EE7523B4533DA313ACF
      SHA-256:57A50B06D55F6AF2FD88C33D75847CBB407B18E34AC6E86AC1267D27F0462CBF
      SHA-512:715894624BC078C4D6322F2E35FBD6614AC3F05BB7D3D7A558A037506B5F20C08716FED3D344DDFDE503D09C4E97C32844A8DABE69288F909C2ECFD46B361F28
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......F......Adobe.d.................................................................................................................................................@........................................................................................!1..AQ.aq........".2BR#...br....3.......................!1..AQa.2q..".B.............?........................................J.......W(Tq.|..4".3@....Vf.U.M...^.H.g.(..QY...t..m...^...uXf......O.......f.....~.........c..W..<..^9.....?t./r..K.......i....7....^xs........l.M....w..o.8...v.o...Gm.J+..]..xv3...M.&..k........k..J..u9....m.../D._...i........t....m.....\c....?%......................................(....2.........3*!.(..T.$nj.T.g..&.p.f.].Y,.2;k....w...YG..k0.nX....%.8....1..W.d.H.|...w)J(.......Ks........~.P..._.z......:J..\..uL_...2.....'..']..+............5M...nw.L%.I,-..)v.5.k.^..[.-eW.^.._..<.j...U^..N<...J>U......................................(.....(.*".#U.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\mirage\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):59232
      Entropy (8bit):7.9740468129227455
      Encrypted:false
      SSDEEP:
      MD5:C06F3DED86F7B42F79339A15DFEC974B
      SHA1:7030B152631F560C28B8BE63316086D405696055
      SHA-256:71FB7F3A5EC9BC55E09F10763A9679B512CF07179689282D21BAFB7F1D644E83
      SHA-512:AC6B85F37D24717BDA3282BBE598E7F979168CC2F08FC3AE05DD60926D8E3F11FACEA8F5BC7F23F2EEF172A50EE85219FFEBF5297BF0F0DC9524C0069175263A
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^...........................................................................................!.1..A.Qa"q.2....B..R#..br3..C%..$5&..Sc.4Ue.s.D6Vt........................!.1A..Qaq...."...2....BR#br...3....CS.$4..cTt.s.D.d.5...............?.....'Y.~>...f!#...o;V...P*l.F...........-X*..Y..X...7.....0..)U.r.....nH7.$......`..R..Z'-.`.*.....$y..*..@p.S\.,.C..`?..7...x...Z...ve+P.1...x'...PH........\C...U&..%...D..6.UwY`..f.A|zR..## "_ ./. .~hN...c.p.M......>..D....sU..G.U.^...?...|$u.X.W...y.....}..~..^o..g..x:. ..... .l..I.....2`1.d....MG.>.u...w%..G.*...9.1.lj.$.\......?..k..=@.y%O..A..c/i......}R..@..4...}:.Z.oG/..;F...]...{.n..s.<NJ.......E.X...>..t.WMr.k.c.s..3..Oq.s.....@U.2zw.u3y?i...[-P..r,.C....2G@...".v..>2o....o..P....'..@.. ..W...@...=...M0...m.)Pr..L......y.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\mirage\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):35189
      Entropy (8bit):7.94612903118016
      Encrypted:false
      SSDEEP:
      MD5:A64AB8EE69BA28BDD0F5A850D4E8A58A
      SHA1:D42FA24F5DA6BD27ABB93743EB1A422D26B64DD5
      SHA-256:DFA892F5B5BA4387DDBD42E282E2ACD830D561750FFBCF5E2E6D804AAF3CDBB1
      SHA-512:63E871755B4FCF52E868240F35000F0E4897BB360904DC2D6FE1FABC78AA3E71328CC53DA84ED77F8200FEEB317A6C9CCFEB79FF372FD535F1D97EB9ED3F30BB
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......U......Adobe.d...................................................................................................................................................X....................................................................................!.1AQ..aq".....2...B#.Rbr......3.T..CS..cs$4D.d.U..%E......................!1Qa...Aq........."2..............?....}H..m...~...q4.QP.,...T..~2.f..^...mKD:.T..o.<....:CY.... .....P.@.Cq.Z..<...=..P..c\...=..CT...M.=.}P.?...........|..{...U.oQ.O...W..G.>.iO.jO.._z}P...Q......+......_....=N._z.L4..j......CC.=@.....o.5.._z}P...Q....a.|.R\).o7O.5>..S.u,nH......."|.V=.Y.S.S.Z."c.{..O3.R..Z..j}1u.^..9..mK....:........~m..+....\.t..n~8.....J...3...c:G....?]....\.<......j.l....j~.,Z.....U....~.&.y..SW...O..?.......wz}0..:.;.......a....SW...O..#.|......z.LMo......wz}0...........T5.:./.*}.....o.|....m....C.2?..~.....c.EO....a.o.y........TMo.....m...CC..0.9.#........a.{........._Y..m...CX

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\mirage\head\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):3247
      Entropy (8bit):7.8248493068120055
      Encrypted:false
      SSDEEP:
      MD5:F9232F3EC034B56AFF5635764EB3C1A7
      SHA1:C82B71B4942B58E10B4FA4565C837606331E1613
      SHA-256:826E310098219DA7653A9553DB57723F7554E294425DE3B66DD8240E17672FAD
      SHA-512:A37112ADBF07FCAB03FC673458E09AB96C91E5AC99FF17CC2FF62B1DF089F2CAA14D806CBAE66A26F069F0CDFE0D517CD740A2E17095B9529DAA6F55E86E69EB
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......U......Adobe.d...................................................................................................................................................X....................................................................................!1.A..Qaq..2....".T..BbC...3S.Rr.D...#cs4d......................!...1AaQ......................?...A.\e.....G....=...t..{..9.....s.....g.5.:.$.hhhv....#..&..y*..?+.m...x.%U...t...~<.I...#r..x....jz!.u...k....5........9.w7.."...(.+G..zV...\....o...N.Md.f+..G p.r_F..]n.7..<...-. ..6.i...}<.....d.m0......Djw!....r..g.p...ocw....^h... .n..i.(.)...5...:J..)...qj#.._....V....,.........f....x.j....i>7'.Mh.F.~s.7oW.&...S?.v..5K.....8.i......zqCT5;..w.n.P....zqCA....v.......%.....CO.....v.8....?.I.zqCS....I.zp...:...Q/.....?9.f_....<.R..>7.N.h.O.e..8...Z..K...0.u.O.%.G.N.iy..2......A.=.......5>s.....8a.u.S.e.GoN(j|.U...Q....X....\.@...}._Wi+......._.z..oW...c3...v...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\mirage\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):28363
      Entropy (8bit):7.93979187355021
      Encrypted:false
      SSDEEP:
      MD5:958A5675CE5AE4F59F5C74A4BDF0A379
      SHA1:D780233689BC343CD848D3784C19D85DB976043A
      SHA-256:8E65E5380E00AD4878243ED199EB3FC046733767FA084BE48A97B777976F8863
      SHA-512:7F0D7C1222E6A772420E182BC0D95EA6DFFB82E51497401D64C7A8E6E225D8BA3B275BFA27A81534412378AF3865DCB9F124AB477BB9CD901EB148F5989386FF
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......U......Adobe.d...................................................................................................................................................X....................................................................................!1A..Qaq.."2.....B...Rb#..r3...C...Sc$.sDU.4....TE......................!Q1Aa..q.....2"B.............?...@ .......@ .......@ .......@ .......@ .......@ ........&....S..T.P.<Pf.....6*...W9.U..A....k.....+..........[.m..?..!.J.*.4.rr.jp.,^.......[...#?].r_.^.[......j..7...;T.TM.....#.M...<..-]....Xyu.......@{..7.,...l.!.H.O0.hwo6..f..@.!g(.~...c.$9....5\W.%..S].u.+.....j.wOd.).d.X.k..f.....X......@ .......@ .......@ .......@ .......@ .......A.D.(c.x.F.(1E.0..pa.%.9.*.YPc.x...@...RI@..X>S...n6..'.9.2(.........t..9.|.Z-N..~.2......^V./Y..v.h6...>..n..y."c.).X...&.....w....?..#..o6..7..L.....U..wH|....I7..K.[.......X.`.p7.6J.[+#...$:.+....m....9.;...vm$./.I7P... l.La........5[..M..R..H..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\mirage\nohead\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1788
      Entropy (8bit):7.218889160188017
      Encrypted:false
      SSDEEP:
      MD5:5F63C344176A953B1A2D149818A136F3
      SHA1:52A44929B0605456BDB065F700563F2667F932B9
      SHA-256:D6BB2342461EA4E33152B8E21D189A5746AD1049A65CF273DF55FED071D6CDDD
      SHA-512:094C1C17F59D536B8D3C684DC1B7471798B04623570769A468A44898C92A36D807904B9C69205E16125A63DEC6E371E070A3CA211E9564A7CD102F918611F16E
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......U......Adobe.d...................................................................................................................................................X......................................................................................!1QA..q.2.".a...b.3S$.....................!1A..Q..aq.................?....1...c...u..D....tr.9JN.......n.c.g.......4..o.....5|v&[.#.=..|6.....q...VVdU.G%..#)e...wz........j..uj^.G...t..d......z7.{(......X.~.......}6...........Q..nJ..Nr.......2.....l.v..+..._T..6-.53.......g..D.."wY.h.^..m_.&3..-.. ._... 5~J%7..V.@............................................<....^.dm.v...5......s].Q.fr..>f5..'..m.....!;pk...m9.{riwKG.=..Yy........\~^.x.g+.*5E;.1.c.d.R.%9m.=........;.......;02sy>Z..s../..Ke..F...-.W.i..N.&6.O.3..9qX....Tq...o".,....WF.knU%.....T.....Y.i....3..."8.+..=..>...Gkn:8........g~\..0/....'J..5dW.\....k.SInM)'.q1o....`......5...l.w..sl$..k.YN]V...-..\\.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\orange\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):48978
      Entropy (8bit):7.960661025508702
      Encrypted:false
      SSDEEP:
      MD5:BD781437B23DB94B5686406A64D958FA
      SHA1:2EFD886D564E013D73A87E9ACA3D6323FF921560
      SHA-256:20A00F93E3B4055EC7F1CF6805BE40366829D54C0C719F19D8881910B4918BFF
      SHA-512:A164B2BA3397682144EDD6B239BFFDE14138621EBC240999B5E8B7F795260B91B701A7CAA7B75F7255EF001208542B6843F3FC4154CA7C6BE9CF3D73AE7E9036
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^.............................................................................................!1.AQa..q."...2B...R#...br3.CS....cs.$...DT%U..&.7.4t.5...'w.dEe6Vvg......................!1..AQaq.".......2..BR#.b..r..3S.$t..%.Tu.csd5&C..e.6.4DU............?...xL........7cXr.f.M&..>\*...K..T\.......2J,...{.A.4.B.q..Pl...v.Ma. i.i.{j.k...{.{.A.FR+...c.Y..WiNC......>8.....E.t:.M._-...\o..E[.S.9"..c.nt.3M..O....../m.j.xG..*w$...{........@...\.GW.t.0|.T6..&?.{UW/....Q....k.G<.M8.S...s......F.l...4k..X...drB..<.Yx..2...e.J.;6........[...2ud5...X.E.>T..c..[n..b....m....-N...]n...K.%#.Q*(..GnTV..bM.f..<..w..../.Q.95E]O..t...?.-n.F.:....x^.....2.:.n..a.}O.1..Q....O..V#~..s.a...a..U.02u.~9/.5...J..}...j<../....c..3l....|w.|i....GLk.#].P&.[......;..X.n....4.,..].[.'..H..z..s.>.cLs

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\orange\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):24862
      Entropy (8bit):7.679973990127073
      Encrypted:false
      SSDEEP:
      MD5:393AC6E3324BA6B3359A1E2537FD6C26
      SHA1:BD682C3811377C581C4775041A0A8B572D109487
      SHA-256:87CD34DBC415ABA2701775DC418E878BC9F04D9563F5DE76CB989B1637B2E818
      SHA-512:8021BDED886435C025639C529DD0CA5782F06EC2E2D81F6F905972668DB340D6B1D9E59BD4AD834894F00C578CC43897BBF2BA976315CE3D5CA7DC66F389AD9F
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d...................................................................................................................................................X.......................................................................................!1..AQ..aq"...2R..B...b#3....CSr...c4...s.$........................1..!Q.A.a.2.....q."R..B....#3.brC..............?........... .....n.U......... J.0&.... .@(.Q..$(.Q.. (.Q...D..D6....................u....e'vJ).R..F.Eft'z.u$...|.&...+38M....8:..E.c0LL-TJ.@U..[.aj:....6.....Q.(+.T..ew..[d..T..S.K.Eev.).IW*.&....L.....-.3.......F^.*..r...-fp....................... ......H.T...........$..".....J................. .......J|..;..p...ci....7.9:..#'.Ue.....[=:w...'..w..5.~./.......m~j6wv......L..d.O7U..X..#...J......1\L.............N.>.....;..m.xi.~1.+K^)..|}'...z.m.u.z....h..vcq.N....#8.v../S..L1J44..3.;......);z......;m...o..%v{.N.e5.t.mj.m97F.R...g.f{.i.u.J.~....v.)Y.oF6.v.7%...-=H..|.gBw_..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\orange\head\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1817
      Entropy (8bit):7.414312493744897
      Encrypted:false
      SSDEEP:
      MD5:1B65EDF078F9F20586671E1EB7B8DD75
      SHA1:3D1FDBEFB30BD32900B68EE79D7029A0025DD73F
      SHA-256:34CE29FCAD88F01F689FAD93E61AABC8C885F92B9A4D73E44C20FEBE78C32D18
      SHA-512:D176250DB52CA4C48D5BA10D9792FBD802272154AF3B3C6B0207CCA672080F7B60F29595EC6C70D9539B38D0B6243CB016EC2C43D5F1767F52AD93DA617C7BD3
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d...................................................................................................................................................X.....................................................................................!1.Q.AB...aq"2.R#3$......................!1.AQaq......"2...............?..Rm%........JX.8...S..._&.&....#8...f!.(..P....ytJR.e....b3.np.....Y.c(..q..$.[..D....$..D..&&.......R.}..c/s..[.&]+...N.)....f&..+*P...@.....@......*k............ .E. .@0..@0.a.....q.(...........*~.P.......)@..<_u....[.j.....^....x.uv..9\.|..n...A.c......|x.8.$.o.>\g311U7._...}.Bq........\....!.\K...=.k..)E=..$......b.....n|.o...q..j....._.....W.g).;.'.......\g,...}...r........z../......Nw755eR.....Y.r.,..u.......:...#...Sd.V*<...)..}V3.c.7.9..5....N8..]t..#....U...Zp............2..*c...N..q.I.....>._O....|{..m.d...^...1.........{.oI....yT..a_.Q.(.3sKYS.....^.....j...~...c5._..u..W6.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\orange\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):19695
      Entropy (8bit):7.363378392643415
      Encrypted:false
      SSDEEP:
      MD5:9AE1C209389C17A63E884093F4342564
      SHA1:0CF6A29C03796F04EA580A3127C7D0352CA0A8CF
      SHA-256:523837337DC0292BEFD5E2897886ECC301F6D985F438365CF53996C0C20B3E83
      SHA-512:FE370745DE0D27418BFD4D6CD0BE3B442491CFF3A539CE5265C394837A1CB9767239607A57E8DDFA11682596E71332C027AA331E4594A7973D0592A257AE3975
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d...................................................................................................................................................X.......................................................................................!1..AQ..a"Rq...2...B..b#3.S.r..C4.$..c.......................!1...AQ.a2..q....".BR....#3brC..............?..........................................................j.N.S.mh....N..p.I.](..M.#$Vfp.w!v.puO..D.a...U.AP.@V..Z...,.%f...b&T{....#,.^u.V.9.U%%T.R.QY]..k.U...Bb&S).1ro..d...0..=.....e\.&q.Y./=v..F..$.......................................................p...ci....7.9:..#'.Ue.....[:i..O..w..&....?W.'.w..#k.Q....&....gn.#%.y..(r..1..-..WI.tLW.9.k?......Z.;...-....)V............c..?..-z.m.5.z.....v...oS......1...K...S.R..#......;...q..........n...}p.+..Bv.)...+kT.i.7R..#:fg..4..{R..\c..n...qJ.z1..Q.,$.i.FN.K..:....5.M....Tq.w.]t...Ln./n,;vg~.y...r.b.\Z.!%\k........r..5..S...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\orange\nohead\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x100, components 3
      Category:dropped
      Size (bytes):16194
      Entropy (8bit):7.957073546145858
      Encrypted:false
      SSDEEP:
      MD5:45B9B861D95ADB6FDB1D66FEC0FDE3A8
      SHA1:A1174F317757072BC0BC0366397277BDEB71B3E4
      SHA-256:A5CBF4DA078A5C266377DDB5F1C920350612579C10A197A74FB4B27477B82468
      SHA-512:FECCFAFDC4D6CB61C7528B6399DE5DF5475C69B5324D061128DEA24E921E1CDCC16860902CD6C1C768C4ED0FBD0D47DD3EA93C20202DF67B8284D379CC7A47B8
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d.X.......................................................................................!1.AQa..q.."2..BR...bC.r#3S..$..c4....D%.......................!1..AQa2..q..."....B...R#3b....C............?...._0.z.(\.... r. e...H..B.,B.H]GI.?....5..d.g.......B\....e .....q..r.k..V...=M<...Z..a..3>....:.sF...\..P.N...f.+.oC...2.q@.$..3)<.....p$.M.h.4.).....P.NQH..T#..:.n..F....hF..C.._L........6b....*dq.D..ZQ...=...n..AsFf.5#.F..0.V.T.$V..G..-M#..Dq...G.....u...or.5..[.]..r/-N.C....=^m.z.6..|...E;..Q)..Z.T;Z.gP.k..C..[......gP.|Wk:.L.f{.k7H319`.Q.Jk.Y.$8...u.5.v...20..m!.....Q.)f..QA..rI.Z.ju...MB.A{Fd..ifm.....=.PZ.Cs...n.....@..f.Dj{.....D.y[.L.t..U.eI..o...;G..4uN..f.uH...8.R....Z8..-.n...~....q....z.q-..[..=.....P.k..Z.J.v..(..]......(u...m..4]..'s..c.v.\.%.]..!s6...9..2..F.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\orange\nohead\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1599
      Entropy (8bit):6.862940085164303
      Encrypted:false
      SSDEEP:
      MD5:6AD516FE30A118F237B673F0B705B3AB
      SHA1:D22A5AF8BB46B8B4A02B62A0C2D84529083A7167
      SHA-256:56F618D5C212B9CB15C12006D09EBCE636E67E634298DDE90024AB93E27EE64E
      SHA-512:DE755902F68D4951702428AD38E89FF850DA33E7E8E095DD9FF5D727108C48E77AF1D000E6075B2CBD1C0626E391F97B6DC611C426042A2D7EF8CE63682D97C1
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d...................................................................................................................................................X.....................................................................................!1.Q...BAaq2."R#3$......................1Q!A...aq..."2.................?....K/..._U...K..f......f.&....H.L.f...(..P...8.S98.]c....E.[.Jj...u.8.X.N.5..w$.[..YD,..a$..1+10...ze.r.._W.~.;w+....J.S..f.ba....."@...................................................../......\.....?t........9.v.:.<..vn...A.c...qX.e=x.8.$...../31.c.p..\k..Mc..u..o.._.....K...>j5...''....9...c.31;.......L~......y6.....>=....E>.y..k[.1....=..9LDW..Q...U......bs....*...g......i..9.....}........Ty73,.f9..V3.c.7...yN?w.....3....Lo..B..*.+s...Y...,...arXLE..bc_L..y..t...:..P...........J...7..>....ut.c..<?Y..NxNc1..;..W.......c74.....]z.-kFg..;..Gj.g.../..Y....9:%r...p..eG.%.K.).wf..Di.3.b=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\powderblue\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):4380
      Entropy (8bit):7.487841447376595
      Encrypted:false
      SSDEEP:
      MD5:988CD24951B90652D4EC33A14B92BCD0
      SHA1:F24913FB43DA95B6B46A7A383395E523C10144DB
      SHA-256:9E40129BEC6D75DCA35B8910541C3AE73E4BCEA23E079C0187A9A4416ED8F8E6
      SHA-512:2931E4456BF063EE54E54C05A736E1A54A84EC9A16BD5F9B4AA92184B0A98B71D3317A4AFFE5C7CA47623CAC6685996F757DC417DFFAE740568335F546B845F8
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@...........................................................................................!..1AQq"2..a#...3....BR..b.Cc.......................!1.AQ.q."...a...R..2#..Bb....34.............?......................................../..f...............,.:.V..wIx3...m.#>..7.i.[.+N..%..S...5U...O....].=Z.].xQ..n&?j&..':...n.4\q..zz...u;(..N5..:..aDD#9.J...j.G/.M.......#9Dy...r.E.x....r..PIw.....IX.fz(.........).n\...q...w.?.l{..?...v*Q.e..iQ...\...4.l=...w.5.._....V....:...H.T....rZ.+......,......KJ.O....g.....4.>.%K...5L.3.{|..;.X.7r...._...i.i.......;..h.....6~.f......|.G+..[s...../~q.|..6..ZP..q.-...|S.g........S..\...<e!..m.{....M..m.t..C..7.G.c=^.>._.-....a.=...A.^.........................................l..p..........:O....h.eA:._.u.'..qFs".k...oDHZ....b"Q,....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\powderblue\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):42738
      Entropy (8bit):7.960448818689994
      Encrypted:false
      SSDEEP:
      MD5:B53081E3C922F506CD65160CCC383EC3
      SHA1:68179D30BEC57A9987321029228BF63621A6C36A
      SHA-256:7ABCCCDB6C632A52B8C41F5E18BC9361BE2EB28928E47F1D88DF389AF38DFBB6
      SHA-512:3C39A49FFAB72A14F46D7621DFBC0F4D3E43F19D8011F9D1C2029C6321187178F439AC6D4D0B9B79CB71273522482E2BC9F934D9955ED4DFFF9CD5C61BE28618
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^............................................................................................!1.AQa..q"......2..BRr#...b3C....Ss.$U.&...c.4D%E.6v..T.'....eu.Ff......................!1..AQaq.."2........R.#.Bb.S..$.r..3stc4T..C..d.%5.............?.......]4g.Q.kp.E\..........."...!...e*Q...~j.R2I...A..Hl..v..)2...j..mde..D.dE..U.H.h..Ib...f.z6..$....^.K.b......so..6.qx.....Uh..rr..$....B.....U.o"..c.5su.k.."....uYAq9.}.....Y.".v.^.6..R...2u.*.+.;..o..r...c3.JB.,.......Ux.m%..:.c.Mi..'.!VGQv.@..fM......N.rQX.i^.V~..8$.&Y/..aV..H.vo&..U.6..+.........K.+.|]z..8..Qm.4...f.W.]J|.i1........W$[T..1.....M.5......D.6L'.e.....T..Hj.....<i..?.U.EpE.K.&...._..QO..e..f?..m.Q\.j..$.K..O..E.''.......I..:W..d.d...I...O.J.$.o...>..*Xs7.oY...^.F.No....}4.".......H..0.).H9...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\powderblue\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):20518
      Entropy (8bit):7.659605064759726
      Encrypted:false
      SSDEEP:
      MD5:3DDC9AE9395280F17E5003076F8221BC
      SHA1:3C1CDA38A92690C3EAC7169914AEE2D0A2B804F4
      SHA-256:5DC5506F2DDBF259B48E26AB44429804571A2DA19FA4A4BE7BCA63CEF6A790D4
      SHA-512:4C911FC5E3B13DFCCB7FB621F52A756BDEDCF4746D1F3135DE14E337CA3106BB92F2C114CEF3F4BF1A4498A88DD386A53597ED2740D047A2CF0885F37AB6BC22
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X.....................................................................................!..1AQa.q....."2RS..Bb.....#3C..r..c.DT..$.........................!1AQ..aq.2......."..BRb.............?...T.....".AD.Ct(..V.Z.n.-\.FaI*...W1i..RY.Qj...s..3.KFaHf....aB..ZYS..Kf%).Pf....aA.PfKh..w8".*....Z3.C0.YW..*"*s..0..(3...0.^.-%.;-..aHf.....T. .......P.'AE....f.[;..VRw&...0..g..^W..j. ....[.Y."-.....r.N/y...\f..W.6...*.R..Vc..j.......I.1...L....P...6.L.....$...j...[..Rw-[.{..pUe..I.#..)..s..X...DZ..urC.t..N3..M4.3c...7<YD[.sc3V..t.TP.@..!....)..R.r.30...R..ZKC.i-G".h..%.3....i-\...K31E..........mR...l.,.,.,.,.-Wq.e....".3...i,.......e].t".0..3...0..w.ii6U.}...s1Iff(.3.Y..-..*.T. f...`..f)h..RZ:..GQ..Y9..:......T.(.....m...L.V.!.p.ej.......n.u.V;>.....z....c..<...1..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\powderblue\head\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x100, components 3
      Category:dropped
      Size (bytes):9925
      Entropy (8bit):7.928715112371731
      Encrypted:false
      SSDEEP:
      MD5:F662B671BBB0D62F97EC0244D20F15F6
      SHA1:E298C9ACF7FD0FB516CD3D5E2856EA15B70540B4
      SHA-256:7E7727502BE18C692F63240736E3629E5485BD162EC83A89A3E122511F8276A3
      SHA-512:700E51E07F5ED70BC22E3C680A25C087E94537E4C434663F6DDCB3558823ECAFF15E94AA12C8CA9EC4AC380246FCC5BB4BD01D68CF99FBACEE5AB53B76A04FDC
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d.X......................................................................................!1A...Qa.q.."2..BR..#3S...C$..br...4D.%......................1.!AQ.a"2.q.B.#.....b............?...........................P...I(PB....E.X&.T$...GU.!T.*.I".@.U.!T..$..t.g.......:..G....U.2...T.|.5#...0PI5..A...E +A:.nB...P&"P....$..d*.B.$......`.Vd'..M.......*Y%.H$..$*.GT,.PHU..PHU..9H.K2.Y..$*.B.$*.B.$*.B.$*.B.$*.B.$*.B.$uB.]V.R.A!T..A!T..A!T..A!T,..B.5...Y...9..e.Y...+.....PH....2A4,...UQ#P...I[.?S..E.$vH....c|..ZU9...sV.j.fI..y.$.RK8...p.4L.&..L.n..tH.hI*.Y.T,..V..4.......-.B.$`.$.PIS.h...J..EFG;....4F...r.$y.........R..$..d.I*.T.$*.B.$*.B.$uB..).G. H.........................Y..I03v.c......8+.C.....B....).A. h3$..d....*.H.*.H.T5!T...V...2pH0...%X3...*.J.uB.fH.#.X3.g)......#..C2At....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\powderblue\head\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):2426
      Entropy (8bit):7.6725475567501755
      Encrypted:false
      SSDEEP:
      MD5:107091E724E49B26373932897FADBAEE
      SHA1:3C9B2EA2EEDBF47C78282EFB2F59EBBB8A1F2B1B
      SHA-256:D337039C72AE5A6BF2A5E09F85B82743D45F2EC37B27BE587307BF1F1FA1EF30
      SHA-512:E04174C04F995C5087954731D5E01B9A61BAD4F90885D9C0C72EFE6701EF93AEC04A63C133D00C570C90A653983B4056A5BDD23E8CFBEFECBEFF871DFEDE79E5
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......P......Adobe.d...................................................................................................................................................X......................................................................................1a!AQ...q"2..BRb.......................!1.AQa..."...2R..q..b.............?........|.m..\.....[..7.%r.v.*_.8.z.#...qXw..x2lb>.Cq......C.....T........}Mpr....d9.[)F.R.z..h,....z..&..q.VgK......4.g..M<|..(.fO.&...Mc..c.~....x..>.B.+lu.........2.....F@. Q.(....A... .@6........V........l ...xe...%!;.....6..ZR....y..}..F....l ...............$'a.6....a..@6.....a.n.....M..a.7a.j...lH...a.JD..d..[..D........e\[eL..IiL.W)x/.w.b.J.y..qss..p.q..O...W...k.k...np.r...IK..X.u....l....|.MF.iio..oO.].0.6.......T...8.[.%Mq...r.%......X..._J....0.jr....S-..z%o.'T.y..S..q..;nrJ.\#e-.7.vI%.e,%.6Qt.=...=b.w_X.;m..w...?.T..[..q].N.(q....Y(...m?......o.....R..V.......w.Y......|6..n

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\powderblue\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):12979
      Entropy (8bit):6.996520504097308
      Encrypted:false
      SSDEEP:
      MD5:AD524D99C8FC4D6831A8B93863BBCB0C
      SHA1:002F5FF4222E013B4B790A68D63347809AC29BDE
      SHA-256:BE668802CADCBE20AF73E37B8AAB99C15E70EF86AC08D51FFE368FCA4B801696
      SHA-512:C2A3C6BC22922145B4F793A93023FC3C1E3C605E2CC833330D7BD71EE35AD99984A1AF07FE7D2AF1EA62644BE0E127873EBFC555CB61FE7C8DCAFBBB1EBF3F21
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d...................................................................................................................................................X.....................................................................................!1.AQa...q."2..R..Bb3S...#..C.r..c$4.......................1.!QAa..q2...."....B..............?..................................................l.pD[-..<.j1....|X..[[.4..y....9DE.<..R2c.k=.10FQ1p......3.6<4..:G/..D.3.Dys...1.,."..-i7L..j..D.......N.Eu.D.NQ.k...t..f|.Y.y..;L........-yk.nz.8..f..a..................................................}.wzn.6..p.q..y..._....=c..=.8.W._...g.g1........?...q...........*M.o.=..|yt...D.c..D.53ux.....';.....|LO....q...H.<.7...V..kk.....|Z..g/..>...2.0.W.........bpW,.T.....[.1f...r[.I...I.....S.....o...'..?..v.....y..5.8..M..E.GU.i...:.....+...fu...}.q....q.Y".-\......mb.n.t....G......|y................k...s..[{.1.}...Y.V..f....x..N.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\azure\resources\variations\powderblue\nohead\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x27, components 3
      Category:dropped
      Size (bytes):1651
      Entropy (8bit):6.899189537413496
      Encrypted:false
      SSDEEP:
      MD5:742F42FD393838C6B5FFEDCBC3608B96
      SHA1:26C3D03CA7198233E538C76B791127EFEEB84934
      SHA-256:B02E5C9A0B6594694F5E4CEA95754D8CFDE04D1A8FEC1D2B15702A16DA2DD9D9
      SHA-512:EF4FDAAC35FB3BB8080B018CE4F19957EADC988BC2CD072C48A6B2DD95F105396DEF04B055C8257523582BF8FB98D7AC79AA31B7693375D27C584552803759D3
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d...................................................................................................................................................X......................................................................................!1..Q.Aa"2B.q.R#3$......................1Q!A...aq......"..2R...............?..Rm$..p)V.7..5,w......:+^.....fK?....BE.g.r.L.e.....P..J1.X.ssY.".+U.M..;.k0.h..r.V[.2.V..b..)/..10D...V..xyK../.n)2.n.bx....o).110.Z&..#I.....................................................8=..Z....^.....?._E......y..=8.o;...mS.P.V;(.).Ab1.............Bk.........c......u.0.~..(:.........j..9EK...5.?=.....L~q...O.....}.u.n...'.j.k....n-a.........E}q..'..Z.....1..sS....J.S......b........C..}.nxr....x..c8...;[.T[4.M._..e;1.]..q..w3.^1.3.....q....Lv7|..m<.vb......<.e..X\...A5.3.t.|..[8........Gm.V.u..kk....#'t..^..wzs.s...t..t.c.......(....(?_.Fr.EFt~?.(..;.+8...w....h..?..tO...}.5

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\classic.ini

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Generic INItialization configuration [InitialDialogs]
      Category:dropped
      Size (bytes):6537
      Entropy (8bit):5.444078986155615
      Encrypted:false
      SSDEEP:
      MD5:D0EED3AEAD914B96C61737F295AE7EEF
      SHA1:979FE297EFE9FAEE95CED7F55C3B744BC9240321
      SHA-256:B60CCBF77A84E8706088D5C7299CD080AC6CFACCBCEC836A263093FECE32BECC
      SHA-512:E0DA5BBC46E47E2C178F8A2DD95D1706C5197DBB3B9E81E82AA744E739B7F7082D6065579F6FFAEAFBDEB622E8DCE4B07D64E1A14798D52136B366D359FFCDD2
      Malicious:false
      Reputation:low
      Preview:[Settings]..DisplayName = Classic..;WatermarkSize = 402x318..WatermarkSize = 705x460..BannerSize = 560x449..Highlight = 4px dotted #FF7070..AllElementsInPreview = true..VerifyRemoveDlgCheckboxBBox = 25 150 320 11....[InitialDialogs]..DLGIT_INSTALL = WelcomeDlg FolderDlg VerifyReadyDlg..DLGIT_MAINTENANCE = MaintenanceWelcomeDlg MaintenanceTypeDlg CustomizeDlg VerifyReadyDlg..DLGIT_PATCH = PatchWelcomeDlg VerifyReadyDlg..DLGIT_RESUME = ResumeDlg....[AddDialogs]..; Values: DLGIT_INSTALL, DLGIT_MAINTENANCE, DLGIT_PATCH, DLGIT_RESUME, DLGIT_ALL_TYPES..WelcomeDlg = DLGIT_INSTALL..MaintenanceWelcomeDlg = DLGIT_MAINTENANCE..VerifyReadyDlg = DLGIT_INSTALL | DLGIT_MAINTENANCE | DLGIT_PATCH..VerifyRemoveDlg = DLGIT_MAINTENANCE..VerifyRepairDlg = DLGIT_MAINTENANCE..FolderDlg = DLGIT_INSTALL..SetupTypeDlg = DLGIT_INSTALL..LicenseAgreementDlg = DLGIT_ALL_TYPES..ReadmeDlg = DLGIT_ALL_TYPES..ExtRegDlg = DLGIT_INSTALL | DLGIT_MAINTENANCE..UpgradeDlg = DLGIT_INSTALL..ShortcutsDlg = DLGIT_INSTALL..StartM

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\AdminRegistrationDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3580
      Entropy (8bit):5.204657299945409
      Encrypted:false
      SSDEEP:
      MD5:C14037C7A5157981F0D371BF263F5524
      SHA1:3516AD94DAB37E5FF7EC39E0784522D1BA4402F5
      SHA-256:F15BC001C4467F37506992961D5165EBF23345D8EB678E7FFC2E6F7A381348C2
      SHA-512:DC7C3816D8D64D4BFDD38A7A56AFAFBC62F99CEDDC7FB1083D0A8BD55639913CEF1AF7602EFA954902DCCDB8B99796FDF490989B45746F56A1B0EF0E921735B9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="AdminRegistrationDlg" Control="OrganizationLabel" Type="Text" X="45" Y="71" Width="285" Height="30" Attributes="3" Order="100" TextLocId="Control.Text.AdminRegistrationDlg#OrganizationLabel"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="OrganizationEdit" Type="Edit" X="45" Y="105" Width="220" Height="18" Attributes="3" Property="COMPANYNAME" Order="200" TextLocId="Control.Text.AdminRegistrationDlg#OrganizationEdit"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="CDKeyLabel" Type="Text" X="45" Y="130" Width="54" Height="10" Attributes="3" Order="300" TextLocId="Control.Text.AdminRegistrationDlg#CDKeyLabel"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="CDKeyEdit" Type="MaskedEdit" X="45" Y="143" Width="250" Height="18" Attributes="3" Property="PIDKEY" Text="[PIDTemplate]" Order="400" TextLocId

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\BrowseIISWebsitesDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2591
      Entropy (8bit):5.277787492090172
      Encrypted:false
      SSDEEP:
      MD5:D26272B19E6579689EF94A1F5F0C4A09
      SHA1:70BC20CB4A4449B66DCB1DE7547F91D8B09FC720
      SHA-256:036032556E9A9F57D7F76B66C0766482A96C7F7771B2BE6DC773B4F74BE981F0
      SHA-512:240BA543A3B27D6CD57900F98263860790B1D83C2F611DFE494043A86F6AF66F1F4562BB8127699E1C8CF6849A22CAC445C6D403DA46DEEC368F3CC204D43C98
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="400"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="BannerLine" Type="Line" X="0" Y="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\ConfigureDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2337
      Entropy (8bit):5.2896703961871685
      Encrypted:false
      SSDEEP:
      MD5:F59E86FA6B89299E05F2BCC26B35A995
      SHA1:65737C0078298CB2BD0EB48727ADA1F78884400E
      SHA-256:DC6078B62F316A6F51DDA2E5059B45B7F7D5CE8C6F2DDF8BFA3DC79DED5A8A88
      SHA-512:6DDEC87EDCC7F22B08C3AAEA41C3263CBEB64BE6E3014CB3E9A96ABB2A0E960D690E74615A063326A039680EE3261610673BEBC67CAEBEC4972A521A15E42FDD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ConfigureDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="ConfigureDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="ConfigureDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="ConfigureDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="400"/>.. <ROW Dialog_="ConfigureDlg" Control="BottomLine" Type="Line" X="5" Y="234" Width="368" Height="0" Attributes="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\CustomizePage.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1545
      Entropy (8bit):5.297685104703456
      Encrypted:false
      SSDEEP:
      MD5:F509132D37BD0292C1DB35CE6B3ACD8A
      SHA1:65CFE416998336C1FFCDE7DD54451087B1A7BBB7
      SHA-256:878602D1F3FFEF17BACC7C0261D5959E38CEEC547715508FE225736D41AE2A88
      SHA-512:8F73A48A58D2F131414D57CCA59FAD4E17D44A622449C7EBE8B026422A2BAEAF9B61F5CEF50284919BC8A547CDCB141E56344092047D10E7D7EE95BC467384CF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="CustomizePage" Control="Background" Type="Bitmap" X="0" Y="0" Width="343" Height="155" Attributes="1" Text="[TabBackground]" Order="100"/>.. <ROW Dialog_="CustomizePage" Control="Description" Type="Text" X="15" Y="15" Width="314" Height="12" Attributes="196611" Order="200" TextLocId="Control.Text.CustomizeDlg#FeatsShortDescription"/>.. <ROW Dialog_="CustomizePage" Control="Tree" Type="QuickSelectionTree" X="15" Y="27" Width="314" Height="113" Attributes="7" Property="_BrowseProperty" Order="300" TextLocId="Control.Text.CustomizeDlg#Tree" ExtType="QuickSelectionTree"/>.. <ROW Dialog_="CustomizePage" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="" Order="400" TextLocId="-"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlEventComponent"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\ExtRegDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2892
      Entropy (8bit):5.261676293555624
      Encrypted:false
      SSDEEP:
      MD5:BF0E3894A28DFE71D62E62C45FAC1777
      SHA1:57D16761BD1C0376B7CB57DB74E565BEDF86B970
      SHA-256:71403B1299031CFF9A7362ADEDCD782087A58B9DE7B7C961343A45E53F14E6AD
      SHA-512:8BCE9DC42C9F6B6FB6C07A2F90A0C37C0FBB865A063E7AF17148D5F657C1E0BCF23C0EB113550018E15E2392AC13795D9FE1199883463035CA30DBDA6424F11F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ExtRegDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="ExtRegDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="ExtRegDlg" Control="Buttons" Type="RadioButtonGroup" X="35" Y="105" Width="330" Height="40" Attributes="3" Property="AI_EXTREG" Order="300"/>.. <ROW Dialog_="ExtRegDlg" Control="BottomLine" Type="Line" X="5" Y="234" Width="368" Height="0" Attributes="1" Order="400"/>.. <ROW Dialog_="ExtRegDlg" Control="Logo" Type="Text" X="4" Y="228" Width="70" Height="12" Attributes="1" Order="500" TextLocId="Control.Text.ExtRegDlg#Logo"/>.. <ROW Dialog

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\FileAssociationsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2494
      Entropy (8bit):5.222709490086181
      Encrypted:false
      SSDEEP:
      MD5:DEE43ECCCD38D22013766B4BC2D142E8
      SHA1:3D82B90C8E0A57A04CD2E2F1E07421E6D6C99935
      SHA-256:EDD680DB8521878FFEB9901E0EC96889850D8E6169BED9D70EAEDD431E62CD3B
      SHA-512:7524D35F40D33778F171DFADB82161518CDDECFDA523E7F3A35BC7CC72F773F6351EA88F264C311FC18546A7946010C19481797CCD37F6219180326F6A31D47C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FileAssociationsDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="FileAssociationsDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="400"/>.. <ROW Dialog_="FileAssociationsDlg" Control="BannerLine" Type="Line" X="0" Y="44" W

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\FolderDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3387
      Entropy (8bit):5.218678515327803
      Encrypted:false
      SSDEEP:
      MD5:0DF914068343E93DB0995E34144484E3
      SHA1:017EA6EC8B8C6B0C84DF30C88E11199BA5807D83
      SHA-256:282EF8014803CCA8F6A5855DB8E70EBB875CF857A52D1E2894F0035204D53209
      SHA-512:E8BEFAAF421197B124ED2925B0089ED4F05CA305A9181910BD7226F0AB2BE728E1739726713648C48DE965B5C277E0A322549D41A8625C759F0BF66F4506DB7E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FolderDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="FolderDlg" Control="FolderLabel" Type="Text" X="20" Y="114" Width="348" Height="12" Attributes="3" Order="200" TextLocId="Control.Text.FolderDlg#FolderLabel" HelpLocId="Control.Help.FolderDlg#FolderLabel"/>.. <ROW Dialog_="FolderDlg" Control="FolderEdit" Type="PathEdit" X="18" Y="126" Width="252" Height="18" Attributes="7" Property="APPDIR" Order="300" HelpLocId="Control.Help.FolderDlg#FolderEdit"/>.. <ROW Dialog_="FolderDlg" Control="Browse" Type="PushButton" X="276" Y="126" Width="90" Height="18" Attributes="3" Text="[ButtonText_Browse]" Order="400" TextLocId="-" HelpLocId="Control.Help.FolderDlg#Browse"/>.. <ROW Dial

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\FolderPage.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3524
      Entropy (8bit):5.311099349331082
      Encrypted:false
      SSDEEP:
      MD5:F4608AD2B88F9804811F6292291C066A
      SHA1:EA8549D1B129EADC7D47193CBDF30D914E8C575B
      SHA-256:491F88077E38E655FDD2EE020CBD87E00D27FE91C05A1D87DD9B4AAE81885BB7
      SHA-512:523CD40F747190E071190D20B79BBDE0168268D2B1681B3C2E70832135F87C45BFB2B5C7868E07AFC67A66BB52BF3F10A6955094A840BF93510918FD493CC07A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FolderPage" Control="Background" Type="Bitmap" X="0" Y="0" Width="343" Height="155" Attributes="1" Text="[TabBackground]" Order="100"/>.. <ROW Dialog_="FolderPage" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="" Order="200" TextLocId="-"/>.. <ROW Dialog_="FolderPage" Control="Browse" Type="PushButton" X="251" Y="52" Width="88" Height="18" Attributes="3" Text="[ButtonText_Browse]" Help="|" Order="300" TextLocId="-" HelpLocId="Control.Help.FolderDlg#Browse"/>.. <ROW Dialog_="FolderPage" Control="FolderEdit" Type="PathEdit" X="15" Y="52" Width="232" Height="18" Attributes="7" Property="APPDIR" Help="|" Order="400" HelpLocId="Control.Help.FolderDlg#FolderEdit"/>.. <ROW Dialog_="FolderPage" Control="Text" Type="Text" X="15" Y="15" Width="300" Height="30" Att

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\InstallDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5360
      Entropy (8bit):5.295131630109966
      Encrypted:false
      SSDEEP:
      MD5:661942298DFD509701B41BD7E8E8FC5A
      SHA1:F11E5B339914CAACC7850E313A93ED2663B1EECD
      SHA-256:3C4768FB4568BA6F56AE4DCEDA8BC294828F9E8986354E4FA1BD34238725456F
      SHA-512:B326B0A4893B3892593BEF919FEA18C2BDE241FFC64550987B1103A3B57799F2D0749766D7E11055644A2561A02A8015AB8332C0E92829FE6144E81B7A4F39CD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="InstallDlg" Control="InstallDlgDialogInitializer" Type="DialogInitializer" X="0" Y="0" Width="0" Height="0" Attributes="0" Order="-1"/>.. <ROW Dialog_="InstallDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="InstallDlg" Control="FolderEdit" Type="PathEdit" X="18" Y="109" Width="251" Height="18" Attributes="7" Property="APPDIR" Order="200" HelpLocId="Control.Help.FolderDlg#FolderEdit"/>.. <ROW Dialog_="InstallDlg" Control="Browse" Type="PushButton" X="275" Y="109" Width="90" Height="18" Attributes="3" Text="[ButtonText_Browse]" Order="300" TextLocId="-" HelpLocId="Control.Help.FolderDlg#Browse"/>.. <ROW Dialog_="InstallDlg" Control="BottomLine" Type="Line" X="5" Y="234" Widt

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\LanguageDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2470
      Entropy (8bit):5.387259196192556
      Encrypted:false
      SSDEEP:
      MD5:5E61035C48BB05418E633A68567135F1
      SHA1:8C07BB0A747F6857D727FAADF406753E896A453C
      SHA-256:50CCFEEEDB5AD440FEBEDF55F01040990E94B6539A2C210E70E9B4E3E802EDBB
      SHA-512:1FDBF803F2FF80B89670B4E8B69BD04EB24133F39E2C888BB9C61A677581951FBEB720245F43E4BEAE907A66AC7FE4C955A23082EFDB23D9FFE5B568D8591FB2
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent">.. <ROW Action="LanguageDlg" Sequence="75" Condition="AI_BOOTSTRAPPER AND (NOT AI_SKIPBOOTSTRAPPERLANG) AND (NOT Installed)" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_BOOTSTRAPPERLANG" Type="4" ValueLocId="Property.AI_BOOTSTRAPPERLANG"/>.. </COMPONENT> .. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LanguageDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-"/>.. <ROW Dialog_="LanguageDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-"/>.. <ROW Dialog_="LanguageDlg" Control="Back" Type="PushButton" X="180" Y="24

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\LicenseAgreementDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3560
      Entropy (8bit):5.253926277145056
      Encrypted:false
      SSDEEP:
      MD5:03A1A1DCF8FB7F7013D7C33AB88C8361
      SHA1:20C66C0C5F4B8F40387D7D77FF45D43220DE3171
      SHA-256:20F495E106A0BF8A75FA5B63D523826745E264F3CD5AF12DBF4E4A6A41639A88
      SHA-512:39E61120506222BF7BA8CA2A0622E07AD63B783FB9337084BFA90CBA2D69B022D050238D5E9243417AC281BA27E0EC215D4332727CA19D16F3286805FB07404C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="IAgree" Value="No" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LicenseAgreementDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="300"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="AgreementText" Type="ScrollableText" X="20" Y="60" Width="330" Height="120" Attributes="7" Order="400

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\MaintenanceTypeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (358), with CRLF line terminators
      Category:dropped
      Size (bytes):6756
      Entropy (8bit):5.2105600015652325
      Encrypted:false
      SSDEEP:
      MD5:924CF6E17F5C5FE32953FFD3DA5CFB8D
      SHA1:D6290520355F99C93FA6FBBC7F4D4B622C9101B2
      SHA-256:868D0187EE87B6C036577917AADC118A7BBF1433BAA2F0B80AB77A14AB5AD5BE
      SHA-512:B10AE9B76CA720B139587A8EFAC72523596E8C92DC258FDEF306BB08E0900326896FA85EF25A2F130D8DD693CF66EA5B3005A07D60AAE02817DBADB0858268B9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MaintenanceTypeDlg" Control="ChangeLabel" Type="Text" X="105" Y="65" Width="100" Height="10" Attributes="3" TextStyle="[DlgTitleFont]" Order="100" TextLocId="Control.Text.MaintenanceTypeDlg#ChangeLabel"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="ChangeButton" Type="PushButton" X="50" Y="65" Width="38" Height="38" Attributes="5767171" Text="[CustomSetupIcon]" Order="200" HelpLocId="Control.Help.MaintenanceTypeDlg#ChangeButton"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="RepairLabel" Type="Text" X="105" Y="114" Width="100" Height="10" Attributes="3" TextStyle="[DlgTitleFont]" Order="300" TextLocId="Control.Text.MaintenanceTypeDlg#RepairLabel"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="RepairButton" Type="PushButton" X="50" Y="114" Width="38" Height="38" Attributes="5767171" Text="[RepairIc

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\MaintenanceWelcomeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2179
      Entropy (8bit):5.215959642608206
      Encrypted:false
      SSDEEP:
      MD5:6C11584F9C1CC9F64D264685DBEB6658
      SHA1:D7F6A67ADD5916CDE654CC67F0CA86868B5DE4FC
      SHA-256:D812DE394563F70F57B949CA27039CCEF6857642546946D10635BBC9545FB1F4
      SHA-512:C0827E985F5954CBD733B19424367D391C190C65E2EA55A7CEF344923022C4B554E12676FECC66C5A07CD8BB7C2F705E0BB5DE24A6CB244685BADDD0ACCF9BB3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="234" Attributes="1048577" Text="[DialogBitmap]" Order="300"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Title" Type="Text" X="135" Y="20"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\MinProgressDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2106
      Entropy (8bit):5.2467608637286896
      Encrypted:false
      SSDEEP:
      MD5:2A268C9B3A0D83C8839A15200AECBA0F
      SHA1:DFD5C26AB08A4DCCA68744BA6E2F8378990AD432
      SHA-256:09792FEA4B7598D7C426FC778A4CD4A4CF95EB6003B1B17372F6C296665AB999
      SHA-512:A7CF781EC3046E5582D9AA1BA820E843C285B3D770E4A1A2AA717BCFA820B50D0D74F2AB7A99E07BA49D11556D675835D0E59F9FCBEEE6419B8B6D8831281BC9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MinProgressDlg" Control="Cancel" Type="PushButton" X="290" Y="50" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="MinProgressDlg" Control="Back" Type="PushButton" X="166" Y="50" Width="56" Height="17" Attributes="0" Text="[ButtonText_Back]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="MinProgressDlg" Control="Next" Type="PushButton" X="221" Y="50" Width="56" Height="17" Attributes="0" Text="[ButtonText_Next]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="MinProgressDlg" Control="ActionText" Type="Text" X="70" Y="15" Width="275" Height="11" Attributes="3" Order="400"/>.. <ROW Dialog_="MinProgressDlg" Control="StatusLabel" Type="Text" X="25" Y="15" Width="45" Height="11" Attributes="3" Text="Status:" Orde

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\MultipleInstancesDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):7064
      Entropy (8bit):5.388403187710321
      Encrypted:false
      SSDEEP:
      MD5:FC25E90C89B5DD9CEE5780266509B51F
      SHA1:5CDA452C68B8AA14C3E88F0EF0316063C86DE0CC
      SHA-256:A57F98293C2D49937AB15BF514DF4766AEEDCF674BDBF4310AEACC2DD1B92816
      SHA-512:C3F2F7D45F7F6926620CAAB81FA2A771818D286FFD53E7BB0C5A8D1149B588D8BE90C429F131595419679386E17B9C184D65FA056E110AA997DCE10FECBD1459
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="MultipleInstancesDlg" Sequence="450" Condition="AI_BOOTSTRAPPER AND AI_EXIST_INSTANCES" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent"> .. <ROW Property="INST_RADIOBUTTONGROUP_PROP" Type="4" ValueLocId="Property.INST_RADIOBUTTONGROUP_PROP"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCheckBoxComponent">.. <ROW Property="INSTNAME_CHECKBOX_PROP" Value="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MultipleInstancesDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="MultipleInstancesDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Widt

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\OptionalFeatsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3289
      Entropy (8bit):5.294256100377915
      Encrypted:false
      SSDEEP:
      MD5:B96BC4961740C5F1A7515F2C5478F95A
      SHA1:A0900E997B3478CE75EE40F19C815E6357F5ECAD
      SHA-256:7E460C3A9E068022A7CE234AF0C572C274017EE2D4E5881DB1C2439E0C80810B
      SHA-512:822B0A9C32AB1E2C934C68F0BE2F200C5DB20D386AB03A48E66179555DE9C942078EE7B074E89666268BABF7FEE38362EE015AE31C41147DCAB2B1A9E734413E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="OptionalFeatsDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="400"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="BannerLine" Type="Line" X="0" Y="44" Width="372" Heig

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\PreparePrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2723
      Entropy (8bit):5.264497504475739
      Encrypted:false
      SSDEEP:
      MD5:D353B954E27436FC70A0FC276F34DA36
      SHA1:3C67826EC43A6E07DB2A1A94EECC3E475FCD34C6
      SHA-256:16614799C9E4E13B732262747185EC0E95A1DD4CBE78F6EEE890E81B1261D2E5
      SHA-512:5E7CAC5D5301074446700C715F540F7F12EC13B9CB950E52E88D3F66A202E4A2BACD71E72B60F0D57B1E50A4B60C11316D07DB35D43DF51E206C236EB04368AC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="PreparePrereqDlg" Sequence="150" Condition="AI_BOOTSTRAPPER" SeqType="3"/> .. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="PreparePrereqDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="1" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="PreparePrereqDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="PreparePrereqDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="PreparePrereqDlg" Control="Bitmap" Type="Bitmap" X="0

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\ProgressPrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3322
      Entropy (8bit):5.250581665856808
      Encrypted:false
      SSDEEP:
      MD5:6A101D96EC095D1F4A6FAB1C9349ADF8
      SHA1:18A6395D4783CD1C7EAFF05C66F54041C8AB70EC
      SHA-256:2E3E094CE79338C2C135BDEB1D0D62C25520997135E0E41883755CB40850414C
      SHA-512:8FA850EFC00F1303BAFE56B6A263C9B5E9A214FF2FDBDDF880E89D32C161A898F67A88C6FC2D68AF44284057C2DBA2EBBCFB3EA3538306009CC064EFB644ADD9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent">.. <ROW Action="ProgressPrereqDlg" Sequence="300" Condition="AI_BOOTSTRAPPER AND AI_MISSING_PREREQS" SeqType="3"/> .. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ProgressPrereqDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="1" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Ba

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\SQLServerConnectionDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):7122
      Entropy (8bit):5.335355003160097
      Encrypted:false
      SSDEEP:
      MD5:C7D6CBF6724A4D1D9388B92199843857
      SHA1:C8F10C634B3F1A473CCBF952351108C5CFBDE831
      SHA-256:2B432A0BAF0602F5BE587F9CCDBD57D63570F5206E43A0004789B30CE5B6C7FB
      SHA-512:91ECC6F8DC4A32371AF9736E3E65F66905AB247752C9680A57A4054E5ABF123F8F5C9E000B5EE3B17C7E3A3590D6BC2C0769BB44AF5E73D8C5F9C4A77A46A62E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="12.6" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent"> .. <ROW Dialog_="SQLServerConnectionDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="100"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Title" Type="Text" X="15" Y="6" Width="200" Height="15" Attributes="196611" TextStyle="[DlgTitleFont]" Order="200" TextLocId="Control.Text.SQLConnectionDlg#Title"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Description" Type="Text" X="25" Y="23" Width="280" Height="15" Attributes="196611" Order="300" TextLocId="Control.Text.SQLConnectionDlg#Description"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="BannerLine" Type="Line" X="0" Y="44" Width="372" Height="0" Attributes="1" Order="400"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Next" Type="Pus

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\SharePointLogDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2327
      Entropy (8bit):5.259396431549462
      Encrypted:false
      SSDEEP:
      MD5:188C9274BD28A93C50817D2FD2D5B9FB
      SHA1:36024CAD8D2FB10C7299E53450E03F6B674400C0
      SHA-256:4A2545CFA21B4634521CE77309E7FF2A9FFA0083B42491757B18EB2D7BC94852
      SHA-512:A234C5B5C081A0BF1E591245456245BB0A868DD4885437C92B39712025E3E874358344082BF0E42C175FE5AEA09DA5DCE39967224193359829C87E778C47B5B1
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SharePointLogDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="SharePointLogDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="SharePointLogDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="SharePointLogDlg" Control="BottomLine" Type="Line" X="5" Y="234" Width="368" Height="0" Attributes="1" Order="400"/>.. <ROW Dialog_="SharePointLogDlg" Control="Logo" Type="Text" X="4" Y="228" Width="70" Height="12" Attributes="1" Order="500" Te

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\StartMenuShortcutsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4367
      Entropy (8bit):5.278663270835211
      Encrypted:false
      SSDEEP:
      MD5:B0E6159A917B4B3B6E9B8D2CCDBB2A1B
      SHA1:D0FF31315D25F77224035268BD919999D1231148
      SHA-256:3FAA35D27400A58AF00359CF44ED4D111F2F3E439E59362FB8A0B2C3F41460ED
      SHA-512:5E9E35EB0A5F1D04D4D8E158CC2C8793CA4D0392D5056C096F253C59CBE7311A9CF8C100F43F240A8782AC6110E34811C55836987A5DC76339A5B7A603172AC4
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiComboBoxComponent">.. <ROW Property="AI_SH_DIR" Order="1" Value="[ProductName]" Text="[ProductName]"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="StartMenuShortcutsDlg" Control="ShDirDialogInit" Type="DialogInitializer" X="0" Y="0" Width="0" Height="0" Attributes="0" Order="-1"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\TemplateChildDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1147
      Entropy (8bit):5.304121802244006
      Encrypted:false
      SSDEEP:
      MD5:4473001DDFDA6E5916C74AC2F2FBB24B
      SHA1:B295AF15F830E002E2D154BE761C131816EA4E51
      SHA-256:18775B643A60D894A5AF4D9689C919CBB6254097577D813B4756E60541DE032C
      SHA-512:07A2F7CE4FA6E3761DBB7C6F7776337AE198F042C91320BDBE8868077F29734FA30608F6E28BEFD947421327A38545BF4134F7CFEDE23369FDBFD1482348E922
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateChildDlg" Control="Icon" Type="Icon" X="15" Y="30" Width="24" Height="24" Attributes="5242881" Text="[InfoIcon]" Order="100"/>.. <ROW Dialog_="TemplateChildDlg" Control="Text" Type="Text" X="60" Y="30" Width="230" Height="50" Attributes="196611" Order="200" TextLocId="Control.Text.TemplateChildDlg#Text"/>.. <ROW Dialog_="TemplateChildDlg" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="" Order="300" TextLocId="-"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlEventComponent">.. <ROW Dialog_="TemplateChildDlg" Control_="DefBut" Event="[AiStopPageChange]" Argument="{}" Condition="1" Ordering="100"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiDialogComponent">.. <ROW Dialog="TemplateChildDlg" HCentering="50"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\TemplateDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2197
      Entropy (8bit):5.232207743757331
      Encrypted:false
      SSDEEP:
      MD5:18B58656F050E6E492ABAA022D39FDE1
      SHA1:AC8BF98519300F0B44182974725CAA4CCE0FEA84
      SHA-256:5510571570DBECF2EA7ACD38F12BC7C85169D6ED15A8AE6869A994430235CAF4
      SHA-512:86B50B3F4C45E82A90FA9750EB542F230E0116A69D8BCD7A5912BE0250E1F6732D9EEBEAF4C66AA1DBFE6A3531045E70479A8AF065825D81530DB4477A181195
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="400"/>.. <ROW Dialog_="TemplateDlg" Control="BannerLine" Type="Line" X="0" Y="44" Width="372" Height="0" Attributes="1" Ord

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\TomcatServerDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4008
      Entropy (8bit):5.260299093527671
      Encrypted:false
      SSDEEP:
      MD5:6076DB5990BA41BF679CA928A1D50177
      SHA1:2E609EE9BD56B9643DB0A1A26D4684D3A6AB0FAA
      SHA-256:259F9F8CD096388E1DE2AE8332257557F0245B521950AC1A49D4D1F2F073A1B5
      SHA-512:113466340509085E81C6E07A4EF48403771E355FD04D42BD571E0252186AD5374105564A30B3C29E9614D432341D9AD32BD9C0E5624B641660568BFFFFD5794A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TomcatServerDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="TomcatServerDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TomcatServerDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TomcatServerDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="400"/>.. <ROW Dialog_="TomcatServerDlg" Control="BannerLine" Type="Line" X="0" Y="44" Width="3

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\UI.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):58399
      Entropy (8bit):5.254947189751398
      Encrypted:false
      SSDEEP:
      MD5:9550A48D682B02D2437F7C49030CBAAA
      SHA1:39BDE8C63D1BB95FB1B6D93F73144E55E846E931
      SHA-256:8B96B7DAF84A041726592B07901D0FBF6D5E3A9D15170F5A5119BA9DACA7B359
      SHA-512:027A196233FA73FA736D2F0D5A03A0129C1362CA03F9ED9F4D67C397591DD5FA18D5A529F29AF926D247B71495016D553AE8D19EB4B9DA8C68208B5AE6075595
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="completi" SourcePath="&lt;AI_THEMES&gt;classic\resources\completi.ico"/>.. <ROW Name="custicon" SourcePath="&lt;AI_THEMES&gt;classic\resources\custicon.ico"/>.. <ROW Name="exclamic" SourcePath="&lt;AI_THEMES&gt;classic\resources\exclamic.ico"/>.. <ROW Name="info" SourcePath="&lt;AI_THEMES&gt;classic\resources\info.ico"/>.. <ROW Name="insticon" SourcePath="&lt;AI_THEMES&gt;classic\resources\insticon.ico"/>.. <ROW Name="removico" SourcePath="&lt;AI_THEMES&gt;classic\resources\removico.ico"/>.. <ROW Name="repairic" SourcePath="&lt;AI_THEMES&gt;classic\resources\repairic.ico"/>.. <ROW Name="New" SourcePath="&lt;AI_THEMES&gt;classic\resources\New.ico"/>.. <ROW Name="Up" SourcePath="&lt;AI_THEMES&gt;classic\resources\Up.ico"/>.. <ROW Name="dialog" SourcePath="&lt;AI_THEME_VAR&g

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\UpgradeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3940
      Entropy (8bit):5.324531588400661
      Encrypted:false
      SSDEEP:
      MD5:B4F276E31055E8F8097AEC6C32B448F6
      SHA1:9CB76F4FCAB9C8F2316FD82F90CD9CC5EF958930
      SHA-256:DE764ECE581AE443A56EF8BFEC78E97DB68762F42FEAE56A7B5F67B712F6D673
      SHA-512:54E17C0145E1FA1492D12B0DEC76429DEF058B5F4DA28F7211403437D6D34303977BA19617A7B36288D4B28F9827D614F0367804BD30772DF42575726D8EA90A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_Upgrade_Question_Yes" ValueLocId="Property.AI_Upgrade_Question_Yes" Type="4"/>.. <ROW Property="AI_Upgrade_Question_No" ValueLocId="Property.AI_Upgrade_Question_No" Type="4"/>.. <ROW Property="AI_Upgrade_Replace_Question_Yes" ValueLocId="Property.AI_Upgrade_Replace_Question_Yes" Type="4"/>.. <ROW Property="AI_Upgrade_Replace_Question_No" ValueLocId="Property.AI_Upgrade_Replace_Question_No" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlConditionComponent">.. <ROW Dialog_="UpgradeDlg" Control_="Question" Action="Hide" Condition="AI_REPLACE_PRODUCTS"/>.. <ROW Dialog_="UpgradeDlg" Control_="QuestionReplace" Action="Hide" Condition="NOT AI_REPLACE_PRODUCTS"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="Upgr

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\UserRegistrationDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4182
      Entropy (8bit):5.2399031901911695
      Encrypted:false
      SSDEEP:
      MD5:C6E79FFFDBAA68EE85C6DD51FC07BCA5
      SHA1:D15FFAD4A06D9FA0257246F8C0CF074B42537378
      SHA-256:25D415AF73ACF3A39879D27C89481EBC7AFB84BBD4F0A8D506B6EBEAFB1AFC7E
      SHA-512:234A8B225F92886E85B5F848D380D533C8E881047D2C3BF69802CCFB72B1A0EBCC0A06A9C38D1975BCEAA8F9B22D261B4EFB59F6620C531D2F4952C02936B0D0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="UserRegistrationDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="UserRegistrationDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="UserRegistrationDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="300"/>.. <ROW Dialog_="UserRegistrationDlg" Control="NameLabel" Type="Text" X="45" Y="73" Width="100" Height="10" Attributes="3" Order="400" TextLocId="Control.Text.UserRegistrationDlg#NameLabel"/>.. <ROW Dialog_="UserRegistrationDlg" Control="NameEdit" Type="Edit" X="45" Y="85"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\VerifyRemoveDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3260
      Entropy (8bit):5.354960322593446
      Encrypted:false
      SSDEEP:
      MD5:1FBC664DAFCDA0D20B418B6CB56A3ECB
      SHA1:CEB123BC461B5322AA4E247D5A80C49B6BBC14F3
      SHA-256:B106BCED70E6F687846A5DE9E90BA749FD0A0DAF130188B71C93F12955DF8CE5
      SHA-512:173F66848291835FDAF1888E0796B7171578AB57B91375D27D4A94056E781ABED1A91C42982F6F39524C044FE4A40C9607219922C2B0B632C2167620465BC005
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="VerifyRemoveDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Remove" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Remove]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="400"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="BottomLine" Type="Line" X="5" Y="234" Width="368" Heig

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\VerifyRepairDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3413
      Entropy (8bit):5.331120025168078
      Encrypted:false
      SSDEEP:
      MD5:5681A44120EC89069E97FF3BB732AE9D
      SHA1:6FB342E7502C18FA72AA61BFECE224995B6BE43F
      SHA-256:4A67F20C256D225D78177FD4380085E21A0E00328885486B0026685DF7D1E283
      SHA-512:AD1C4779C205BD497276B3A4D3512E9FF64747E918CEDF1B970C481D02F1254FB6998FED3E32D3925A987FB2E1473B27C03171B90D5BC7C6876BC1CB6AB0470C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="VerifyRepairDlg" Control="Repair" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Repair]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="BannerBitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[BannerBitmap]" Order="300"/>.. <ROW Dialog_="VerifyRepairDlg" Control="BottomLine" Type="Line" X="5" Y="234" Width="368" Height="0" Attributes="1" Order="400"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Logo" Type="Text" X="4" Y="228" Width="70" Height="12" Attributes="1" Order="500" TextLocId="Control.Text.V

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\WelcomeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1887
      Entropy (8bit):5.258274575618153
      Encrypted:false
      SSDEEP:
      MD5:C5E7E36F498B6639F34071A8F8502E7A
      SHA1:EF1E878E2B6F761D4A4F8A753069738E5C419A98
      SHA-256:793F4EAE28A5FBEDD939C6E2A17C8CB4A9B2DF2BF3A814D8DC0D80A6E64C0419
      SHA-512:AA14580C53F4BD7E0CEBF0A1CC64C4292344597069227883EC377D325C5677DE33C1B25D38F85DB0D02EB473FDB0A9ABCFC70FE7AEA0D79ADD4AB89832B2CACF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomeDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="234" Attributes="1048577" Text="[DialogBitmap]" Order="300"/>.. <ROW Dialog_="WelcomeDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="Title" Type="Text" X="135" Y="20" Width="220" Height="60" Attributes="196611" TextStyle=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\fragments\WelcomePrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2206
      Entropy (8bit):5.346144094717532
      Encrypted:false
      SSDEEP:
      MD5:65D869C38B5E2ACF35210BAB5C655B93
      SHA1:13548BE5D78921F09EAB45DA1641ECCC10D83EDB
      SHA-256:D0603D255E22CF09EF88B6EED9BA24E9577E94A4CD18232EE58D1F701C047B42
      SHA-512:115EA5615132B65ECF63650C6CE493A4F98C7C0D42F2CE3E2588FD38D00475658FE2AABBDD218BFB9387C1B2ADC4063EEAABE4D014B108D00F44E8DAF8402B50
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="WelcomePrereqDlg" Sequence="250" Condition="AI_BOOTSTRAPPER AND (NOT AI_BOOTSTRAPPER_RESUME) AND AI_MISSING_PREREQS" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomePrereqDlg" Control="Next" Type="PushButton" X="236" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="100" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Cancel" Type="PushButton" X="304" Y="243" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Back" Type="PushButton" X="180" Y="243" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="W

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\New.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 1 icon, 16x16, 16 colors
      Category:dropped
      Size (bytes):318
      Entropy (8bit):2.034441580055181
      Encrypted:false
      SSDEEP:
      MD5:C23CBF002D82192481B61ED7EC0890F4
      SHA1:DD373901C73760CA36907FF04691F5504FF00ABE
      SHA-256:4F92E804A11453382EBFF7FB0958879BAE88FE3366306911DEC9D811CD306EED
      SHA-512:5CC5AD0AE9F8808DEA013881E1661824BE94FB89736C3CB31221E85BE1F3A408D6E5951ACCD40EE34B3BAF76D8E9DD8820D61A26345C00CDDC0A884375EE1185
      Malicious:false
      Reputation:low
      Preview:..............(.......(....... ...........................................................................................................................................................................................................................................................................}..................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\client-serveric.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 32x32, 16 colors, 4 bits/pixel, 32x32, 8 bits/pixel
      Category:dropped
      Size (bytes):7278
      Entropy (8bit):5.612261366304579
      Encrypted:false
      SSDEEP:
      MD5:3820DAF5E20ABF76DB8F68E1F328241E
      SHA1:202B760EF7823870BA0E591B8C2DA2D8A25D215F
      SHA-256:6561051275429DEF4FF6D70F59094830FF4594BB00DED639F65E97F96868FCE4
      SHA-512:B2BC9578B47B44286214198C5A5495732BB56093EEF7DF2F259C8444891096FA616131EB474C130015B3343211178E3987022629FA9429737DB3DC17E1426A0C
      Malicious:false
      Reputation:low
      Preview:...... ..........6... .............. .... .........(... ...@...............................................................................................www...www.......wq.....ww.........pppp.wp.........pwwwpwp.........ppppwwp.........ppvtwwp.........pvwwtvp.........www..t.wwwwww...pvww..pwwdgww...ww..g..g.o......ww..w...w......wwwwwwt.....fff.wwwwwwto....fff.wwwwwww.....fff.wwwwwwvo....fff.wp....v.....fff.wwwwww......g...wwwwwwp....g..v.w.....wvffg..wv.wwwwwwwvfg..wwv.wwwwwwwvf..wwvf.wwwww.wvx.wwwff.wx....wx.wwwfff.wxp...wwwwfffff.wx....wvfffffff.w.....wp........w.....wp........w......p........w......p........wwwwwwwp........wwwwwwwp........wwwwwwwp.........?...?................................?...?....................................................................................(... ...@...................................................."../$..0#..2&..7,..(%..?3.. !.)'#.+++.....<6&.?9(.222.555.=:0.:::.===.@8..D:..A9#.F<#.@;..B?8.iO..I@&.F@0.D@7.NG0.NG6.DA8.A@<.IF>.OH8.XN4.XP

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\exclamic.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 1 icon, 32x32, 16 colors
      Category:dropped
      Size (bytes):766
      Entropy (8bit):3.3484862648999827
      Encrypted:false
      SSDEEP:
      MD5:3DBA38E7A6085876E79F162F9985618C
      SHA1:F89B4B20EB5379BA139BBED4FCB4246C7707A8A8
      SHA-256:593F94EF1405422B3E453F4422B22C990D84303668D60344C6FD257318E92428
      SHA-512:E8F1EAC1A9009C06DDD1CF99F876819B57B4D2798D02F93465487DD2FFFE3A4239F171FFB02D98DCA358BC47420205A2CC0877ABC02C6B21269C3D07EC78A836
      Malicious:false
      Reputation:low
      Preview:...... ..............(... ...@...............................................................................................331............332333333333333.33$DDDDDDDDDDD@1.2DDDDDDDDDDDDD..2DDDDDD@DDDDDDC.2DDDDDD34DDDDDC.2DDDDD@30DDDDD..3$DDDDD34DDDDD1.3$DDDDD@DDDDD@1332DDDDDDDDDDDC.332DDDDDCDDDDD..333$DDDD..DDDD1.333$DDDD#$DDD@133332DDDD34DDDC.33332DDD@30DDD..33333$DDB32DDD1.33333$DDC33DD@13333332DDC33DDC.3333332DDC33DD..3333333$DC33DD1.3333333$DC33D@1333333332D@30DC.333333332DDDDD..333333333$DDDD1.333333333$DDD@133333333332DDDC.33333333332DDD..33333333333$DD1.33333333333$D@13333333333332D..3333333333333"#33333333333333333333333...................................................................?...?........................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\insticon.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 32x32, 16 colors, 32x32
      Category:dropped
      Size (bytes):2998
      Entropy (8bit):4.4065352120502395
      Encrypted:false
      SSDEEP:
      MD5:66C842AF0B4FC1C918F531D2E1087B82
      SHA1:CEB74A196559DB607824FDDC51D1243E1DEE491C
      SHA-256:48278165490487EE414BE65E20501B19A65EDAF1B6F473EB7D8C55023175EC88
      SHA-512:F7DE9BA9107DBB6C71B4F585EA54B571F469CF2815A3AB0DB2A408BA3ED794A5F0C21A987CBF5AE93197B7E5B6BFE3E78A75C2B56B5BA836C236B31563A7C560
      Malicious:false
      Reputation:low
      Preview:...... ..........&... ..............(... ...@.......................................................................................................................{...............w..........p..x....w........x...w..w.......p..xx..w~........x.....~........p..xx....p.......x.w............p...z..xxp.......x................z....x........xx......ww.....ww..w....w.....ww...wp...w.....ww..............ww..............ww.........p.....w.wwwwwwwx......w........x.........DDDDDOx..........vfl.Ox..........wff.Ox...........vflOx...........wffOx............vfOx.........~..wfOx.........w...vOx.........w~..wOx.........DDDDDOx...............x..........................p... .........?...?...?...?...?...?....................................................................................(... ...@..................................................................................k...H...%............z...b...Js..2P.............k...Hs..%W...U...I...=...1...%s...P.............kk..HH..%%....................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\removico.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 32x32, 16 colors, 32x32
      Category:dropped
      Size (bytes):2998
      Entropy (8bit):4.922835628524122
      Encrypted:false
      SSDEEP:
      MD5:20D25E871A244B94574C47726DE745D6
      SHA1:1FB26622978ECD2D00B107D83C1AD61366452214
      SHA-256:88DD7EE9FA22ECDBDC6B3D47DB83BC3D72360AEB43588E6A9A008B224389CB1C
      SHA-512:AEE04C9BE3C65676ABF2C8E20E9F6A954539C23E9BD4971539D3A86B45C7C85A5E62BAEF0C465345909C602C5B70CD86B7112B3F24ED9DA69EC27D81D59A7F71
      Malicious:false
      Reputation:low
      Preview:...... ..........&... ..............(... ...@.......................................................................................................................p.........................w......ww............w.f.w......w.....vvf.w...........nffl.w....w......w|.w...........g.w.w....w.......g.|w...........g.w|w....w.....g...|w............wwww....w....g..tDDw.........~..w..w....w....~w.w|.w...........ww..w....w.......ll.w..........~ff.tw....w......vlgtw.....wwwwwwwwwtw....w.....wwwwww.....xD\....wwww.....Gwww....w.w.....e..p;....w......v_....{{..p.....we....g..........v\!0~v{.7.p.........o.g.p8p........{4o.?..............o.8..........0.3F........................?...........................................................................................................?(... ...@..................................................................................k...H...%............z...b...Js..2P.............k...Hs..%W...U...I...=...1...%s...P.............kk..HH..%%....................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\repairic.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 32x32, 16 colors, 32x32
      Category:dropped
      Size (bytes):2998
      Entropy (8bit):4.667661526304198
      Encrypted:false
      SSDEEP:
      MD5:D234CA0358B21BDCFC5E3F9B2E7C7A22
      SHA1:95356780EA21C43A129FA560365FE5B7A216CC8E
      SHA-256:99D490C2BDEF5115F306A595964663540370141F65A25C5052352155F2603F68
      SHA-512:AE47D796C758E53FC7AA183CD8754EE382ED19A6B2F1834167E896F3A31260260F9B02E20D5403557B78A1C36FFF1423B8A742B20970C20F169F9D3AEA48C4EE
      Malicious:false
      Reputation:low
      Preview:...... ..........&... ..............(... ...@.....................................................................................................................w................{..................p..........x.{.wp........(...{.w.........(xxx............(......w........(w~...xx........(~......www....(.z..xx...w.... .........w.... .....p........ ............. ....w......p... .....wwwwwx....p..........x...".....DDDDDOx..........vfl.Ox..........wff.Ox...........vflOx...........wffOx...wx.......vfOx....w....~..wfOx.........w...vOx.........w~..wOx.........DDDDDOx.....w.........x.....w.............................................................?.................................................................................................0...........................(... ...@..................................................................................k...H...%............z...b...Js..2P.............k...Hs..%W...U...I...=...1...%s...P.............kk..HH..%%....................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\serveric.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 32x32, 16 colors, 4 bits/pixel, 32x32, 8 bits/pixel
      Category:dropped
      Size (bytes):7278
      Entropy (8bit):3.9947793014053063
      Encrypted:false
      SSDEEP:
      MD5:6656BEF24A488A0D27F8229549FF575F
      SHA1:3B0B241267D11D8B59422225440A0B3FBFA3872F
      SHA-256:E068335D7BA43F91021F1EC40EAEE76B4A92981E3FEFD6CB1A5EA1C1FD5C5DEF
      SHA-512:0F1C6888065BD7C4DCA864DD6879DC9A9F536DACA54970EBA840BEC01DD39CB5F4F02D29879FEBEB2F43A035A3F61C73962C19D5DA68A534286217F177B0E766
      Malicious:false
      Reputation:low
      Preview:...... ..........6... .............. .... .........(... ...@..................................................................................................www...www.......ww......w........w......p........w.www..p........ww.....p........wwww...p........wwww...p........wwwww..p........wwxww.pp........wwxxwwpp........wwxxwwpp........wwwwwwwp........wwwwwwwp........wwwwwwwp........wwwwwwwp........w.....wp........wwwwwwwp........wwwwwwwp........wp....wp........wwwwwwwp........wwwwwwwp........wxwwwwwp........wx....wp........w.p...wp........w.....wp........w.....wp........w.....wp........x.....wp........x.....wp........wwwwwwwp........wwwwwwwp........wwwwwwwp....................................................................................................................................(... ...@................................................... !.&&&.))).....111.555.:::.===.??@.AAA.CCD.EEE.III.MMM.OOP.QQR.UUU.YYY.[[\.\[\.]]^.__`.`_`.aaa.ccd.eef.ggh.iii.kkl.lll.oop.qqr.sst.ttu.yyz.{{

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\aero\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2818
      Entropy (8bit):7.557030636792007
      Encrypted:false
      SSDEEP:
      MD5:CE1143E3563DE4E200BA7F4953B3807B
      SHA1:D3D4522A4BDCB68672047EB7B830CDE532EF34A6
      SHA-256:A5EEFACA044B04460A1CED5FEC2229545EDF85F01E1D6673E6E14D06B3108C2D
      SHA-512:C2FD5457D1A0B67F62D6F6D789D906702FE943E11C6E05A9FE77C2D633C347229F90444DCC78104311F90CD9F868B867940C84F28952A92A7B3FD98E6FD9B166
      Malicious:false
      Reputation:low
      Preview:......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222......;...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(..9o..i.w...+.:..X@..u..y..x=.......<..p.ZV....`)f.).K.C.>..A]..-t...6..^.k.F.L*6...g.t.....h......m~...V.?1.aR......ds...K.dq.2.....kxnb%..5.. ..0Eq....F.i%.............]...'.C..r.L.R....?+.0.....L.P........D....c......N.<......|......q...p.c..E.|

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\aero\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):11791
      Entropy (8bit):7.714862515787816
      Encrypted:false
      SSDEEP:
      MD5:553DF955CB4B2E7BE5CEF99CB8EC9254
      SHA1:370C2F61E886E53D8FAF9537040DAAAFED330137
      SHA-256:F1FCB09DF932AEF09B24EEA796286CEAEDCBCECCD4D8F4536345163C4D3D9FF7
      SHA-512:D31D4FC9080C794901B9FA3D3AEC998A1B274F4C11C02362B30D2FBAF013B877198B08BB6D96FDA68C7E9E329740090609A7D65249BC7E6209ACE24FCFE3C34B
      Malicious:false
      Reputation:low
      Preview:......JFIF.............C....................................................................C.......................................................................<.........................................................................................s.........q...X.................o.\........+.o.nV7@..................1.......J........................@..........&.ct...............!..s.........q...X.................p.\.......U:FB.....+.o.nV7@..................4....8...:u..1.1..x.{.......V..B.n@...............9..n...X8....{.<7=........Y.@........................C.l.`....E....G...|s<....O.......R..%g..{...................n....MO5.....~R...V..>...U$hW..}..S..X.[..ep...............!.h`.a......S.ynV...a2.,.x.p.d=..t.s.[....V..ep...............!...mv....r.........v.as.&..o.....|g...L...T....e................!.i`..B..F.c.<.-g.}+[.'t....[.....+n..%O.m.........................z.o...../l..,.[}Q.d.3.r.w.,.....P..W.n.~...........................w..@...y..]3_.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\classic\banner.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 500 x 59, 4-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):470
      Entropy (8bit):7.149089773017237
      Encrypted:false
      SSDEEP:
      MD5:07AAD6B7461A99CFE32005A0BF5CEF02
      SHA1:60417933F20E55C1125D7B3B14F52BFEEBE48EB3
      SHA-256:47E2ECAFAA241CFBFF631DD3A774EBC4AF5F9448EE6186034FD56DE9F79C35F7
      SHA-512:CA58DE544A0E4D5A944094FB0B550BE9057A65AE03B2C93583FB6DA16C6CB28A188A614E30B5ED9231DCBCA4893EE5CE346A2CE3B6AE28F5E261E6C0D4667991
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......;......1el....sRGB.........PLTE......................pHYs..........o.d....tIME....... .r....MIDATh...A..0..P2..X..@p.Dp. q.3...:.....Hai=.;N;....3u.~..?.t...>......Au.S..T.:.Y.X.mKx.K..8.[..}.t>l`.Q$4.....=.r_.a.%+..}V u7."....H.|.^%}.Q.z....F}...9...W..+....>=.*|.GR...2.u.`..N.?. .}...:.zh..c\^7....C....V.p.9}i.gQ.n.^#.rjs.G.4.%......W...{.H...Mt....9...{.`.Y.6.U.9...../K.......Nu.S..T.:.C....T.?.:Sg.L........GS.l....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\classic\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 500 x 316 x 8, 1 compression, image size 36830, resolution 3779 x 3779 px/m, 5 important colors, cbSize 36904, bits offset 74
      Category:dropped
      Size (bytes):36904
      Entropy (8bit):1.6592122603583341
      Encrypted:false
      SSDEEP:
      MD5:ABF1076064505DEE794FA7AED67252B8
      SHA1:358D4E501BB3007FEECE82A4039CC1050F23FAB4
      SHA-256:FB0D133F05DE6AA6A7A3491AE532191A60C438B35D9FF7BFEC9E63131F6F0C73
      SHA-512:9A4680A8D186C1D7550B5E03CBDD095B0C88B2E0249A3AF75FA0253D2C9A6F0AA1DD570ECF1A273683A14E6C7B5FB11678BE3DA439A3BF23EAB790372E96E321
      Malicious:false
      Reputation:low
      Preview:BM(.......J...(.......<..................................................N..U........................................................................................R...S..P..................................................................................R...V..M................................................................................R...[..H..........................................................................R...^..E........................................................................R...a..B....................................................................R...f..=................................................................R...i..:............................................................R...l..7..........................................................R...o..4......................................................R...r..1....................................................R...u...................................................R.......................g..+......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\classic\dialog.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 500 x 316, 4-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1624
      Entropy (8bit):7.654403153458359
      Encrypted:false
      SSDEEP:
      MD5:46FA0AD668E78005D77EDF6B5FB7496B
      SHA1:4036A5C970942CD49A3102049AC5ECC4E5435B49
      SHA-256:4263A062B4A277E7F42FFAFE1DE31209480514BD32D6DAE763590CF06F649AEC
      SHA-512:A13B90681AC25CCC60A1BC0CA2E2C7A700AFFA6D8D12095E2CE1A3C4B34AAE334FA245C17F39EF499E5EAA38767DADFF0834AD0A406C6535F523C462C6BC9E1C
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......<......C^`....sRGB.........PLTE................. &....pHYs..........o.d....tIME......)........IDATx...]v.@...., .X.sW.'. 8..M....D.....z.9..C...?../...+...f..I..]..]..]..]..]..]..]..]...Nf.'....l.o..dW.}..............^Q..=_..TS.B..........6..u..;%...z.O....._.....z..]...}.U...>~.o_5..n.....G...r...........n.v....=.7.x..)..p]........~z..7....U....|..w..v....1....]te.5.{~.6...6...z............|.O.?...>\..s..d/p..\;....[?..^..d..;5r........4!...o....k..:~...{l.....%Fi...ON.Mo..4......c[.:.7"...7...>.F..p....M|.of.....~...m.....S..I...K..xZ}...s..[....)..i.RG.L..[..\............\Uq.:.ki......4.R.P....SA.O..U....~.]A....U..]C.Gw.u(.xB2;.:7$..CW.ca...)..u..CW....U.....:t.!..j.QW}v.U..u.UP..n..JX..U_..\....(......Ya...]]I}5v....E.N.z.6.........].?o.+...]]H...U..:....CU.PU.l...=uO.2.".z.+..2Z2..N.......S...Is..og.R.^-......2..T&....u2.....O.n}.......S.X.G....H..WD..R.K.zb),c..%..w....Lt..zF....><.{.....#.....S...\.b:..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style14\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):12785
      Entropy (8bit):7.37300566574115
      Encrypted:false
      SSDEEP:
      MD5:8D5DE8960E1A6886365D3F1DC3F81FE4
      SHA1:A3EA4A68C7C59D41DAA2A12EC2DDD481BDA8FE24
      SHA-256:6E1731D0BC8CEB2BB5677D4B0C5C76CA5510602E0707B19ECB6E8D6F6F51EB8F
      SHA-512:AC81F511A8DCBCE9018569EA0C0FBACED44A3191466C77BB5AB5BC3AAC313D08643803D7D11619FA7F8CF10411E870E9A73246ED6F84CEA9121E78C3E150B94D
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!.1..AQa..q"2B.......R.#.br.3C$...S..4.....D........................!1...AQaq.."......2.R.B.....b.#.3.............?..n..]1.+...f*.lC.K...B..lQ...a.V...=k...').Z.&...[.t....q....Y.|.o*uJ<......M8...=)......*.6..I..s.q..ZVr...[LS..5.j..l.-.._Lm.y].J.T.[../...;X....&W...1XV.......s.....w...+........e.....v....99.\_i.f....t..%.).^..;WL..{*..cm|R..Wf./l.d...O.-.]...<+.;....6..Hi.Y..u.......?..v,w.,[s.ssd.^K...t...u...Q1.1.8~Q+.....4y.%...8.C/'.W.X..{6g)i.Xm.Zy#...|,...N.c...3......n.oC...tA.MW..B..i.TKCk..@....................................6....R...b..lt...j...qo.G..7..i.....Q..N.o..._.._..o...o........]/\..(.|Yw.].OU.o.[..3].:_...`l.-._.....+i...\._..Zd.X6.%9...&.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style15\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2515
      Entropy (8bit):7.103546897747188
      Encrypted:false
      SSDEEP:
      MD5:BF64D867FDD8E15CED4DEA8817828279
      SHA1:2D267F902DCE5A33F5AA584EB1D3490D6C8C0C4F
      SHA-256:B562EA27D2CBC42A3FA02B920FFCA40666AE7311425F412C212B617106DB8663
      SHA-512:C36AE24524725E84A246E10CA4336CA241505F98E4FC1191A8716139EB8263039B4A9ECE7F41743F10D8EE4B39C644A8D1F6844064C61E9A97364CB96D7F1B29
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.............................................................................................!1Q.Aa"2...B#...q....b.$e...Rr....3C4DTt...u7......................!..12Q....Aq"a.R.#...3............?....................................................g..W9*...E.^T.*}.......L.dL..W..]..:.\wV.m\y?.x..&...d.R2(..m.....UDm.JmS<.'..q...g.H.@E....mV+.Wc...TsUR.....e...wX{(....#.DU}......|kf/r..../.D..}.C\..J......m.....*...1.w.b..s....Q/....9....tk.f.xy.................................................."I|......+z.-...h.:#r...7...!.z.......%8t)A..."h....j..YevTK......H...^.....n.-.U..!a....3.|ZNl.T.|..w...m.E....o?.n{f.c.<>4]{w6{n..yP.....X..;..<..q..Y.+.OZ.O64..g-n.Z...6..F..v...8.5......k.'.;....fq.g.d[1=t_i.n..;.'H.V#....T.v.=...x..'=..x...7'%.6.x.6.<...'..?.........r

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style15\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):15667
      Entropy (8bit):7.608629154580598
      Encrypted:false
      SSDEEP:
      MD5:0A3DC498EA995AA3F5DA70F964AA3888
      SHA1:D6589F39E2337ECA9977CADA8ED7343CB6922886
      SHA-256:40872844741EFFF74B53F8088043A78AE51595B24642796AF3F8F1BD4FB0928E
      SHA-512:497303D0CC3871397045F2983ED1C4CBAEA376AA666D13256D4892F24324B2598D691AA5D5649C8CD468EE94CBEC97F5C87E0200809AF816FF31E68CC33B9771
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!1..A.Qa".q2B....Rb..#3s......r......5u.7.Cc..4T%eV.$d....t&S..6'......................!1...AQq2.r.3s..a.."B.4...C.R..b..#S$.............?..7m...W.:c..G.z.....^~.q..I........:..:w...b.GQs3..2.l..C..79.6W..pO3..../.....|...^Zf7.l:.?W.S...*..J""tf....K..ob&<S1.2oG.h.T..K/YE..S..+e..O..........].r{......f.n..R9...H.....$..`.X^!ES...d.e..%.J..+.Ra1*..._X./....i.:n]..}7......O...z.|.D=[......................................<........;e.<.ww""+.$.A....1.....x....b...6d..k.]/j.....)..d..1/\.G0.0..j....D.&bi...U>W.._a.^...9}N=8.m.2....}......&R........!..o.4......G/Lr{..}?....=n.Z..t.2...U.t.k.0F..&FT4.2..9.]&.1............r"../..y%).M....>....m.'......=_.[....I.................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style16\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2662
      Entropy (8bit):7.1463835412591035
      Encrypted:false
      SSDEEP:
      MD5:44E5E56A25E654CCFCEC670CC4595A60
      SHA1:C675FA37FC55A278FF83E35E95FD01D4EA7EFC02
      SHA-256:524DCE5128467466923514AA2F5753D0A5ADDAE41CE02A61802D17E5825F21DF
      SHA-512:E53653ABC1EBBD0822E93B19A66723A717449E368D61395D3BE1870F62D0487D9698B2726BEFB803195CE321E626315C7B6287FCA9C22B136226A8AC78725C22
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;...........................................................................................!.1A.Q"2..a.3.q.B#...Rb$4....r...%5.7......................!.1A...2Qa..".3...#q...Rr..............?.................................................m..&.?.p.u=.>.j...]u$.V.}.....'H....j.=.6.K...&: &&cF7..Mb.\x.X.:l.W4.d..Q.r..V.3.+.)7..c...?:7]....w..._.|........G......^....0[w....7]&.5.m./t....y.u..N....L,..e'.I.2Iw_...2f<;X...NY.bF....8.:$.(.Bu4...7|1.g../.j...\.2k....e..=R..u...=...f/.uz..t.B=................................................e....G.0.....|.J..[|...?..G.(.4.....7-...s.e~...pJ....G^.E.3:.bi.+..........+Y7".....o..I~..1DM.=QC%.6..G.....H._7.+.|..UM{+.x......Y.|."u..X..~?...u....T..=S<...:..qUH^[eU%........J.49...5*&...._..D..]kab.e:.N..}.].e.*..E=.......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style17\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):21840
      Entropy (8bit):7.864214897429939
      Encrypted:false
      SSDEEP:
      MD5:70DCB1306BEEF040D53EBF58F532C225
      SHA1:AE698D7D16BB8C55CF7B6841B91A023FC490552A
      SHA-256:EA4AC50D8FF462ACBA27F025F56E8ED3E5FC09D6A5A22D0805AE706E8087449F
      SHA-512:98A5D428BF12205475E9D8114B825ED195899D872570E5126470112F71B336931B0A0A503906AF2D2A832293E2208FAAD42DCFF9C8A209DD8385153EF6CB90CE
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<............................................................................................!.1A.Qa".q.2....BR#..br..u.....3cs.5.7..S.$d..e.C...4T.%E.&6......................!1.AQ..aq....."2....BRr.3...#b.....s4.CS............?....C#h.M....y<w.........U.x}9u.U.'+k..1....Y!.......#B.-.H...^*.....S}..bW.......y.yn?..*/ER.g.].E.&.$}A....^.........>....I..ZF...i...G......Wa..u....cx...J.-......hW...".^Kv...oGQq...q._C.....\.FE....f.`Ut.+./..\.t.2..X....a..w..f.W+7......7`.-...E9.?.l..-.]^.C.3_.m;P....C..y&u.....mk.$..+?.%.r%.d.....ASp.i.._F....)i_.n.k..8.w..M.l..Rs... .... .... .... .... .... .... .... .... .... ....aJ..jzB!.8..zk..(.....}!w43.......cKP..I..".V..R25.+...^.. .. .AI ..z..[.=)....f.6..SG....Us.XR..;..q.q..W..i...a5c....+^......)b.....->.0.J....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style19\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):23419
      Entropy (8bit):7.8691570016497145
      Encrypted:false
      SSDEEP:
      MD5:D4536703031939A0D139386E8DC4554C
      SHA1:7625DF9C4FE271EEFF85A98945C9AA57728D439D
      SHA-256:D7AA0DBDE1F09801791BBCEB77BF161DB01EA4F4F48D8B1DD498258D34B53AB9
      SHA-512:9A3192ADF89C9CFE59CEED046136D2D59C5A080FCE1AF9E431F8E59660C70F7A85C24192D3A7E5B2CA9095001B4E814468123CBC4C09C997CBF60C7E13F63409
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!.1.AQa".q..2....BRbr.#..3..u6...CSs...$T5..c...4Ddt..%Uv.......................!.1AQ.aq......"..2BRr...b.3....#s4...CS.c..$............?....g.......W#..A.@.........v........3..."...,Y..B.6..op<.4..\@Q...B2.<.....=.q.u+..x..\kj@V6T......]cO.=...u..Ek...S.t..Fk.....!L..bo../..?....bF..b.g..t.YB.d..i...=..&.QF.d...!..p2F:..||...,SKC...........}....W~v.....i.....!+Z.h.+.=*%.<2R.~.}.w..l7]37l...=..p...T.=........RO.)k..gS.k...|NvU...6T..W...>.s.....A.G.K...I9.. .... .... .... .... .... .... .... .... .... .... .... .....l.;.3.BB.Tl.y.........`....i.]%,hm.?.?....z........x.J.^]cMjJ.._kt..l.K;.v.....u..h.5"..n....&Y..G.].u-o.u...y.{..a......8..M.-..p...d.z...*.....Y(F>..x.fc....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style1\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2864
      Entropy (8bit):7.225266008968357
      Encrypted:false
      SSDEEP:
      MD5:E0D80038FE89C7F6A5F34E870EAB2EA7
      SHA1:D0FB367734D4267FBBF07635B7FC86240EC6DF72
      SHA-256:C3CE67395CCE296DDA89DC3E386A5DA7C2C9EE928EC60D099D2829E5E777C815
      SHA-512:AB77F0B4E3294828B5C62BC04104040AD6D08E54AC4066D46068057DD4530CB4599D190FCA82E0F0FD310896E9F97F05F13EEDC356036444F6B2C6E8A55A124D
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;............................................................................................!1...A2.QaB....."R.u.7.b..#3.t%E.6fqr..CS..4T.5U......................!1.Q..2Aaq..".3..b.....#............?......................................................dz..ee...l.).H.Er....5*%vlC...fvpk.....g.......C+..m........Z.*vg.h....3.{X.s...P*...DDv.#.`.)4.+...Z.Ww...>K...+.Z.}$rv.....y_..D...z...$D.._B..5.kS.B.}.;..nM..{.~q-o.;.s.=.O......jmGv.........o..H..Jh..l.G...9...J.....6z..X...e.yL.y..2....K.&...'.z`.....................................................;......fm...Z9.l...5Sr....]..............o......M_s.L.9.Y!l-|.H..I.......i...F.N..w.*..........(..9Y..f...e...9.6.J..3M..DQ...b~...7...;..B..I.....T.4...I...cbUV....'.A.5y.n[,|.........Q.6G>FH...c.d..)

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style1purple\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2249
      Entropy (8bit):6.938370645611828
      Encrypted:false
      SSDEEP:
      MD5:F67F81EC032B7F620C7DE63E628E99A7
      SHA1:376DF52BE2F525998FBFF29C9DD4FF5E2BA8A2C6
      SHA-256:2A281497CEB43C0484AD8344012BCDCBCB2060CD4A186A280848D7FF917AA900
      SHA-512:345C4730D1FD3EB37C82F1A5FE13B7474D98192AC81812B190809E64AD23A53BA43A9D06945C0B363CFC1FC306CC24D5D4264A9109592BD47A5A6BDFB44E103C
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;...........................................................................................!1...AQa"q....2Bb.#3C.5.Rr..D....$4t%.E.....................!.1A.2..Q.."r.q...B#.............?..H.................................................Q...^...Z.]H.]...wz-...D.+..lh....F.;&..i..jq=..vym-.[.[W=9.y<.....w.....%.V._w..K.119..s....R..A.....8..\7.X.2.....&..'........"".o.M..../3<YW.5kE}.+iWN(..J.F....s.^P...V..kT..h...{.......[[D.ok#...{\.G&.N.V.s.e.a.....<..@....................................................kZV...5.]...7sN\..it...[:..I.o?..On.....{t.9. .U.0..........r...Y..WT.7..Cw..)sr:c..r...qi....V......a..#$j.....K1.L...4._p.#i.)...k..-.._Ke..W.V.g..@.................................................3..4|~.n.......|..Fw=..N..F.dqX.5r6(.Ez.N.^...[36..e.}.s">....}

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style1purple\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):12823
      Entropy (8bit):7.4588688380242445
      Encrypted:false
      SSDEEP:
      MD5:36D060121ED7E2230F3EA56BEFE364CE
      SHA1:38A617CD50F0D3F94AB6E57A7ACAEF3E8561E28A
      SHA-256:193F1E6A191859DA26F10D12E5DBA79EADB2ADE6F12BCE95F1776C43263B6F8E
      SHA-512:EC31BDDADC5A3A0D98CACCD1DA2BC4C42DB8D3A35C2A646034B69A5C83A03A6DF088065CF88C763D42C0C3FA60F9B34520BE6CBA733FB88CA34CFC36AF064B03
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<..........................................................................................!1..AQ.aq.."2....BRr..#...4.b...3Cs.$T..56...&.St.%.c..........................!1.2.AQ.a..q..."R..B...b3.....#.............?...g....~.:..........Ly.d.........f7.m{..d[..\...o........TA......q.?.X....G...Y[.@........................................m.|........h.....f..C.r..F.R...........6..}2-.Q.M{..[.[O... .`........,{...#...,.. d.....................................v&.....Q..^........'m....-9...=.N.#..W+......}.D..La.._P..f[.=.5..[..z&-^.v*PuOiY.Y........1..k..."............P............"..r<.......H..........................................~.:...K.{an...HU....[v.AJ=O.....l-..{+N....b.{.|.=.]h.-..LJO.P..iN...S.dL+1.YT........Y....nR.rk.m.......(MQ........@..c..9.~..eni.$.................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style20\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):3326
      Entropy (8bit):7.348919767524453
      Encrypted:false
      SSDEEP:
      MD5:9369D6EC3DFCEBA32D475EFE2F27E247
      SHA1:51A52347A8DF7B499C5DFCDEEDC480F51B4B9C7B
      SHA-256:EE5F6E631A234538A007F99FA2C91EDD291CFC458E15EF4C6E73EE5E2BDFAA3A
      SHA-512:EBD6D677AC4A49C489317E5200EF03F0B0E95F41C8480E80D4DF14AC40246E12220A01632BA04BF43738D546854A8E2722EE9D84A34836A7EBDB529AB6654FC9
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.............................................................................................!1.AQa"2...q.B3..b.#$5.6...CS...c..4DTd...Eu.......................!.1..Qa."..A..2q...R..#.D..3C$............?.................................................?..r;u.....<.s...[.H.jw(...-.x^.I*.8.#....r.....f...?.A......{i..&>';....X.^..L,..7~.{~h..'...;.Kh..EEz.h..t;...'\.X......;cK5.n.]...rWX....+Y.QU+.{.".?Q...?.Q..s.c.t...i.6q$..v..,(.F..UmU1*Sg......u.9>..,.......~.4^o~.r.g.I..w...]_...}Ef.4..e.N..Rv.........gs..Xe\h...EZ".Ln.*F.6.R.[.c......L..\\:{5....5.n...}.................................................#.w....Z}i...;..].;.=.+..U.t^o..m,.S.F+.D...........m.O...'...;1L..i..KI..v.j...b.G.T.2-}M-'y....9..P..n7S.....O3.9.yp.uu..."..c..W*.;TD.R.u....:vh....m..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style20\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):18240
      Entropy (8bit):7.65863181488336
      Encrypted:false
      SSDEEP:
      MD5:03DD25C9A8A28EA252E8A488BF2E5490
      SHA1:C10E2E12FC8174D0D8A819AD3ACC481F7BE23D4C
      SHA-256:E3B1AD9A8CC508C240A2E6B41E16FEFCDD8009EC119377EDA8DD9DBAFECF4841
      SHA-512:3A0364649CCC58A0E2C9066C365DC00ED5CAFCCE041B796C32E54D5974FC9513589E3C4E7438888DBD2712D936E485A02B9E226CD5C0070A63E1FBD499608262
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<............................................................................................!1.AQa".q.2BR.u...br.#..6....3Ss.......Cc.$4..5...T%...DtdE'......................!1...A.Qaq."2R.s......Br.#34...b.$...c............?../S..-.....r..M.'.:/..0.:R+......e..YU.N.).[....Ml}.-.Ik..5=j.u..u]..!..S!i8BSan....6..E.L.A._]..{l.....i..4..j..1.e..l.,-..%.3j.fR.Zm.6h..Q.}.n.l.......ei.T%................................................r.l.+.5~-%sbo.e.....s6.I.l....iH....M...?...DwG....e..K2..w..A>&.,..Wv...4.&._..n&....c...i..oi...!.i?..5...gj..Z.X.N.d).+....WQ*..05...f...M.<.O.m.....Y.R.G1uD.........c...1B...EVJ...33z.UT....l..dBp.............................................tn...>I..R.9{.i..lo.v{.. .l.;Y.h.xY.J....0..F.H.....uhl...B....sy.h.....NF.F..D:6.V;&a....H.g.U....:....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style21\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2865
      Entropy (8bit):7.216783136594792
      Encrypted:false
      SSDEEP:
      MD5:B668C1C28443F054EE5D83638496CD60
      SHA1:A6D907905F72E95A9C6A3E5A29C5FC2E776134BC
      SHA-256:A8959A2532790D8488E5F933A6D56D3AAAFB3B9E078D850AE17EFE3964F35077
      SHA-512:9AD87FD91B3963606C1C99E2823BE3D6DA9B75AD2E680EEEAF1A21E5A6FFCDB930365DFD278098C0CAD5E8567207D4BF5140DA0E9E655A158F305FD10359D72B
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;..........................................................................................!...1".AQa2.qb...BR#34..r.C.e....S..$5.......................!.1A...Qa2.q."BR.#............?..H...............................................;.t.n.v....$.j..Z...r._.....D*...I....1D.TD...(.\4....5..k....>>.7...u.;{..~....r.q..U[..9...2..V.......ey..{..9.....#...m....4X....u.~N.f....O1...Ip..\1..z5..3&.j.]...[...y-..cdb.L.q..........)<....cF:...s.T..5[\P..V..m...l....[.K.....W..9\....Z.L.n..k.My...../.o.3.Z.O...jW.A..>>i...>................................................C....x.8...iE{; Y.T..]#..W...f.9.......S.......J.9*.F.7'{^.s..(.<.{Kq.P.9f..;k+m..2K..$.K...Id.R4sj...".....\EzO...c.|.[.[{Ui3.}.;r=..v`.G)....8.{......".QX.=.O.*...G.&+...D..W.B.m.d.Y"z..Uj.....)R..O.N

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style21\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):22642
      Entropy (8bit):7.88935758702194
      Encrypted:false
      SSDEEP:
      MD5:5B8ACE950833CEAA970CD02C9E4F8AB8
      SHA1:BD604CF516B5721B6E74CA4A684DA385E406A582
      SHA-256:73EB12E926BA7B5D0273E528BDC51AD7BCCCDFE75B960CF6C31713C14C201096
      SHA-512:4336DC8C4E2964CC7EAE11D03F108843C7DB1B1B4233B7C63A104BE32500714D96242F244B9A156BBBA562BB4D5429D978C37FDFAB26E370784E542612B94275
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<............................................................................................!.1..AQa"q.2...BRbr#....u....3Sc$.5.7..C...T.%..s.4Dd......EU.......................!.1.AQaq........"2..R..Bbr..3.#.....Cs............?..o.mqv6'I^=..w._.A.EG..W.[.-+H........)y."![.............!M..V...%...'..H. ....u....Z...q...{..aa......^..F5...K.v.CjK{.;J..R.."8KK..Y...._.Gr....&...TW.....^.p....6...l.%u.E[#|..E..$MzTO..d.J..B5l.....z.tLa.;W.b>U..A.de.8.$.)....Z..K.Dz.}..4..dBV44...B.....L..V...g....1.8.n.T.MjU..y.+}.8...H\...tM.b.....B5 ..8.4y.....][5..v......c._\T..+K.[-..h...HG..hk...|g......j.>.....Y.a.....H.t....V.{..V&....<";e]..ft_.c-..^.d..c..>.....9.g..6<.G.9.}..^........}.........cw.|&..oF)?...TE}./.3.e.0.....V.k..e?.^....J.........=......."...4....o..M.|J

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style22\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):22278
      Entropy (8bit):7.89077973905124
      Encrypted:false
      SSDEEP:
      MD5:FB5E1DFDEC7AD640CDCEE7BD1AE7CF9E
      SHA1:E15113C06F28D5B8B6917F1161BDA5D4F7737468
      SHA-256:B746FA9E60C6B6F94DFA8BE942F033548D26E702800F16B8DC9FBC1C1335BB33
      SHA-512:C6AF3C556AFBF4BFC3DDB8BF7B3F884D5EDF2A854EC0F55982C7C4BB4B72692F5C900906A330BDA9BBE5EB312F9E343F4BF8703C1FC3CF2815BAAE782F2D310F
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!.1A..Q"2aq...BR#..br.3....CS.u.7.cs.$4....DU.Tt..%5&.....................!1..AQ..aq.2....."..Br.R3.b#...............?......$.?._U..]u.dPF.9.uYn.Y|O.cj._tLE....L....M....../fn.....{{......+.w.E..%.%.CZ.U.OE..Ym<!.u..7._.c\.%n..D\..Z8-gU..)./.e._..s1s.6...;{vn......k..^N..Kk....OV.~Q..^..pXn_6.X....<!k..{..n......mon.oio..d1...O....o.gcn..._.9.+^......i.....S..,...;...N...^.t.....a.wQu1.w.^...Ar..^M+Q.y.GWv..4...........n..>.......~......@....x..W...E-.C.sv..MT|.09..`*k.+E.9...c.R6..[_Q<kP. w,..K..2i.7....}3^,.I.l.l.}....Ym..!..9.....G*....b..|..9l.V..}...E..:G..y...z.bf.lEg...m.......|e.nB\.....c...x........?.n.Ug.zm.k......~....~....n..|~^..<.sK.],....4.A.QE.m..m..b3p_._}.."n

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style23\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2643
      Entropy (8bit):7.141664267582439
      Encrypted:false
      SSDEEP:
      MD5:8EB23C1FF8CC7EEBF3DE8AADA21BCB4E
      SHA1:89A9E6CC7B6B3FEAC83EB7062CC5E96EF51C51E7
      SHA-256:02616B2566F78A1127CEF739774908A8EF94326CF88ADF2BC3CD04C60AF767BC
      SHA-512:036DF657D061A17585093712282235A9DB640A75D60D0B4819F402F79C47F5F94E1C60F3580976713A05CE30D688FCD2C3E2CA1DE3DCF9774D4E32D7ADB58F2A
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;..........................................................................................!..1A..Qa."2.q.B...Rb.#3$5...4.r...CSs..Ddt......................!.1..A"..Qa..2R.3$q..B....#.D............?..H.................................................Z.y<...Q_kip...Eze|m...g{...*z.G.T^r{.g.76G}...&.i.Z.toF.2;."...g..pU.Z&~N..X.F....<..F\D.W+..l.r-:S..........WA....S.....f...tJ..2..!s..y|sw...\[l.....G"...%....!..1|.,.[...7..}...]Y..bm>G.m...e.2....v..#_.\&8...'..L8g]..,.n..=.V..[.W]F.k^.Q$....Sy7..1v......i....;....WN.$..<.#..U}...=Y..................................................-.>R...^..aw...b...>V9.w<I.....F"q.Z3.m%Hr.&....I`."J*.5"T_j9...N......J"[....x9E.....%..5.....#[.0Z#.aI...d..'`.,..k....DJk&.^.TDO.Qs..c..u_.wy.$z.......:J..$i..=.2.N..S-...r.+^...7.b+.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style24\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):16260
      Entropy (8bit):7.838650347417505
      Encrypted:false
      SSDEEP:
      MD5:F781CE8D9ED4E4047E35F64B05A5BDF8
      SHA1:52AC6403596BEED8C23E66686505EDD26F3D84A8
      SHA-256:CC3B65698B891DF3C342AABD166EBF1DFD18A218E37F569E023C27E1E64775A9
      SHA-512:DE2AE917BE6BAE3F7580048E62C423DBA12EEE3CEC7A659EDB2C55CD153B15DB8EADBAC6BEFA01D4C4E37386866CD3DBDEFA981293BD3D910921610226726768
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!1..A.Qa"2.q..B...Rbr..#....3S...cs.$.eu7C.4dt....T%5.D.........................!1.A...Qq"2r..a...BR#3..s.$.4.b..............?..^..e..gN..F......kK...X\...CU....]u..../....e.N....{.vV...vDy.M......+W..Ek]85..t.....d..7b.4=j...d.......O........;S\.#>..|+.;.3.$.y.......%.#\\....RV.t..5.3<....4.......5..3....G-.*t..i3...!<....o..I)...|.QY..u.{9.W.B1....~....t"[.7%_V..;#...7.\......Q.KTs.-3(9.y....X.>..%..x.O.N....Y....;a.sx.W.=.BCy...t}k........-{...f......{..d..*Z.coW.%.>..O.\....1/m.....>..U.>f..#..;....A.........................................-m..qY..._JH....5Vy.......e.x..V.7.j..........7.:.*..yz./..S..[.n.....oc\9c^8....]e....2..[.......k..B<.F;.7.K(+1.KT9?..J.7.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style26\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):18389
      Entropy (8bit):7.872064765594523
      Encrypted:false
      SSDEEP:
      MD5:6244DF8FAA5885906C2B7A0A9B9B5301
      SHA1:6A6250F1F821E2B69352C930A20FA3A278BEE591
      SHA-256:98E1815D2CA0B730C0202A545497DCEF3324718A50F686AFA6951D8B5F88415B
      SHA-512:A38A88C653C3A2AEA0062441863AF22D1833F104D493C1CBFF58290A198105B7E026C700E388FD6ECA7E16EB9F33CF7186ED7D9853A2DAB634690371A0EC11CE
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<..........................................................................................!.1.AQ".aq.2..BRr#3..u....b.S.%5..&f....Ccs.$dt6....4..7.DT.eF.U'.....................!.1A.Qqr.a."2.3.....B.#$Rb...S.............?..h......[..g....k.........^.OM&2.......`.f.....k.c...;."...ma>...+_.....f99oOjq.J...)...=..{q....5].1:.e.$x...smfs8TF....G$..n.].8..e.@l../.I.s:%!...i....n"..+%..mv.:....s.m.f3.j.s....|.b\.3..m.;H...IX......xqXS{...-...R..s...._..c.]........M....wZ.b..[.#k.r.O.+n[.....|..6..0.. ......w.v.pt.tF!.@..i."..c|d.m9..Z.......T)-Y.=o..aYG.2L..d%12f.97m=...1..V.sy..tl.DM..W..`.v......}K......1.?....1..T.9..i.....iO......B....g;......._...'......A.^..s._........6.?...D.....de...KH..^J...{$..Y.-.\H.ngKV{.....r...5.G.|.../>P..a^g.lx}r..~.$/.]b...............

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style27\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):16107
      Entropy (8bit):7.6055320516006315
      Encrypted:false
      SSDEEP:
      MD5:CEF757A3D1A127D56DABBA9E2A90FCF4
      SHA1:A06A81369FC6513939C8417CBF514A0D2BA9F13E
      SHA-256:5AAE0E36D8DE95B7619ED3242FF9A454C2ADB520D935B78D53940E808D9C361B
      SHA-512:60219AE61F71002CF2892BA9F9809599C219E0B8C9BE1D38376BBE8A83263BB078115A58FBFD58AEC29CDB32BCD9693DEADD23B4BC9E8998DF8B35C0E3E01B03
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<..........................................................................................!..1A..Qaq".2B....R#.$..u..br..3Cs.T%5e.......Sc.......4dtU6..D.....&.......................!1.AQq"2.a...B.....3.Rr.#.b..............?....l4}.k.;...F..S.....-....1......=..I.b^DB...A...j.....DSg.....|.......5L?:[.....=.....!6..2%.4.Q)..+...:....Ll...(9Z....5......t....V..s/-..v.t...c:..lf.u......v.....K-oy..L.......TW.....Hr.[y......H..,.R.S......^%:.i.......&%l...^K].M..f..F.}..~q\,.....'.!u...#.\m:(.D,...........................................2=WF.%...i|{.c......:+^........GT."{i......]L.jf1.axmvW.#.sl2...el..F.&....1..E.g4Z%..."`.JM..da..9..,...)"dw....M....R.R.JTr..`_k.,..@........................................y..yK..Z_....y[;C....n.pJ.dI...i...eme.4.jbR`.rj

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style28\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2456
      Entropy (8bit):7.057976036493983
      Encrypted:false
      SSDEEP:
      MD5:12FF325AEAD2CAFC3AA5B196B4DD9C08
      SHA1:29FE38AFF2459003F20A6DDE06756EED1567CAFC
      SHA-256:19DFAB696BC00F9391B9239808F602EE5F0541255D8F2EEB925C0281F1F17046
      SHA-512:2AA5CECE82B83E10E551078C96BAC28026D49F32441C7A6535C15536540BD191A4D923744BF0D1B00C5750BC489A61DABBD5D5871A42A54BF970C09ABB0D7615
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;...........................................................................................!.1A.Qaq."2#...Rb3..Dd.....B.4.6...r..CScs.$.&.......................!1..A2.............?.................................................S.^B`..Q..+.].'..e....C{......WS...%..[.%.....qB....m.U.....KkvA....y.O.F.......{.0.]Y.oo..).....E.Y_.!8....n...s3s.'...S!..%....S..u)....2.....>4sm-U.*../G..S....+U..l..K...w....yn.U..-..d....U+U..9...N]~.!......................................................~.3..d...w..#.;2.K.-... ..c....-.....o.^...zu.g...Q...qK..m..X%}.2.q..b.....W...m..dRS....#..l:.-.U..k8....B..~F.q`.2.,.:.E..N.t/.<.k-|ONo.^.g.k.l:.qLcn-...A*.8..%........\.V#.r=..bQ._.r%........ui.^U+.P.Ty. ................................................et.....+.-..x`.0...6...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style29\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):16105
      Entropy (8bit):7.833093982916979
      Encrypted:false
      SSDEEP:
      MD5:069DBDF425824F04E38237D755C9AAAA
      SHA1:390D5FFCC3810105B56FE41361DFD8CCF7DD9D04
      SHA-256:A63C543094B86EBC7FC6220E28C55550A953B0F12F5CC886DA1D25ADAB67AC16
      SHA-512:528CA796F4AA04699DB26FA1A09B1D2ADE2558CFA358F02F59731ABA9727AC4EB6A107521E332E62B43161FE382E4A51915BD25280AF97D22C49ECC50AC8023A
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<.............................................................................................!1AQ".a.2..q.BR#.u.......br..3..T.%5....$d.U6..C.4t.e.cDV..Ss.......................!1A..aq.2..Q...."Br3...Rb.#..............?...l..M..w......<Iq..+...1.+l._.0.C....=.n`..?.......w;.$...j..}..+.B....#.M........mSG,....R..cn|..iw....~.v]....P..ej....[.0.).{.W".2H.A.s5.A...4.... ...i./..CJ...$.z~.H...c.\.......MV{.]lR..=..1d....p..B.d..!s......;./=|.Cj.cn.Z;r..s..._..C....rnc......8.z.V.,...N...5...../.....,.....D........................................9G...-$e....R[.b1.#.=....7..g.!......q.{.I.$.%j.xm..Q.V......I.|d...>2....@#.]...,pp.Vg...%.E.wq..&.w.[J@.c ....H^...U..|Mxt...P..qT.w..A..U.A.eqD....sA~.z.H.pm.D...|esti)...|d..3....v.....T}..NJKM4p..\.7..N),.tn.N...5

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style2\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2458
      Entropy (8bit):7.078542659399763
      Encrypted:false
      SSDEEP:
      MD5:012481C8DF8E7E8F41F71C23BBA163A4
      SHA1:B202C29429AC67AD66A4DAAED147D599BBAEB752
      SHA-256:2F2EAFAD28FCA4C1EAB0B7494ABFB53FFBB372742CE3A4D7EDF1A38707BD90F8
      SHA-512:64533BF6DC6A92BDFD89CB068934245ACA943D84CF49C7E07E8762AFCEA5BC76BA99CAFE220A55F44C2B56814E282C5CFB2A6373B79A4C1AB11A22C4D41FB52D
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;............................................................................................!1..AQ"2.aqR.....B.#3C...b...7.rc...$d.%u......................!..1A..Q"2..3B#.............?.. .................................................4..,[...u..?.....e....,...EZ....hi<.y,.c*.=...M..D.....c..SG..w.nla..."I.-..Db.S.....]..W.`..e2.'r~.....e.TDjp#UZy\.*.%.>S^.Y@Y.R...E-.q..rqbj1S..a.KZa.....7.."...F..u^..UM.'b/.%...\.......S.....P.........x\].5R....K....0.................................................nR.J.z.A.....?..Oe..}.....K......TDcSmWv.7..K<..;.g...Ll.R,...DV.;f..<.......g...x...<...(.........I.^r...oe.L.}q.q$..j..c..{...u4...^...K?..&vDx{.2.YZ..2EIX.]*..-...$L=..DY....8..Ku.egi.ly....#^[.\f.j65..._..u...p.]...=z...........~.......x..8.................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style2blue\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2726
      Entropy (8bit):7.134887910720385
      Encrypted:false
      SSDEEP:
      MD5:22E0FF081E9E40304EB1D2C113AB02E1
      SHA1:B9952AB360C5D759608779F81C8EA3CF8AB5DDE0
      SHA-256:94D396F8ECBDE0E0AC1C13209EA99AEDF09276A593311057BF6FE4979A7E25D6
      SHA-512:6080BE1B87F044EC3AC37F787C45D597AFD94195CF378535FEA23DA73CEB16B8EF13DA39392C68347F8C94027A1C0B4ADE91A70FB33C36AA2961B68F02B0B618
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;..........................................................................................!.1..AQq"2.a.Bb.....R3..r..#S4.......................!1..AQ2a."...q....R..bBr.............?..R................................................T.VO{s.v.....G).L.>.g...+gd.....O.yb&&2.r...c....TF.W....U.!..kza.Y..+.)i#...{v..+EE.r.O5.....F9"/..... .{.%..X.>(.W...G...p.\..m.s_.=.g...+m.^.<..F.n.;|k.../......;...|....W...]f.|Zq.U.Q...7y.....j|......s8wP...............................................)..x..b.l..->....LR3.0.........O....7.w.j,..FU*..^.wwg.M5.O].>_o.....sFt.6ldr$.;....L.....W.......c....Vc.^.Y%bA..F:..jT.....InR....X..h.XU.\."+U5.U......E...C+.....+...Q_}.WU...}.}.O.....;..g............q4...W.Fg.......+.1.}Z..>..T/j..&i~..o6...?.N..i%+.....I...^}P.....................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style31\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):9976
      Entropy (8bit):7.617170864873125
      Encrypted:false
      SSDEEP:
      MD5:1BD6B3824DA22FF2BD04918C96C77C7F
      SHA1:D2BC54A34905A1004BA1B9653D10E524F70A2D3C
      SHA-256:DEFB85E32B4CDA935E33E9049389C5EFBE9E56F4BDC6AFE71AA312DB253C325D
      SHA-512:75C5117A52C927000A86423731D840D2D8B5F8BDC407A96B5B021ADFAC41C6381F9F7302A70653603C22CBE25DA2F9B722CF359AAB241D908E3587FDD2C4ED10
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......<...."....................................................................................!1.AQ..aq"2..R..u6...Br..#...b....3CS$4e..c..T..sD..%EU&....................!1q.A.Qa..23....."..B.............?.....8w..Ua.-m...7.RKYJr.W..I..*.O_K...p'^~..b.......W-..+l....]J...rft....>L.....|e5..*...........{1.......J.x~..n8.b..#...uA-\1.:....r..xt..E.&..my;6}.~Z^%/E%.J/...hK..[:......FUY..v...w.=.x.G......\m.dj.....n....T.W.u......~Br.b7+..<....m..S.hI...!d.......gc..?.....L.,..........._.....i[...Q9w.?......s...w....=..l.........................................A1......2...UcB].~..c[...t/.x.O.....D.m..f..6.....+.....u..m1..u....0...&h..m.N.../..*-..R.6N...........l'%de.M.)s..}..V....1.g...'.{v.e....N....h.[6..x.ox...XF.\..T....K5[:<.e.um...NFu.y:-:..U+}sI9zu$w..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style3\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2097
      Entropy (8bit):7.312361260348455
      Encrypted:false
      SSDEEP:
      MD5:8A641136CF5E449B2E06EF856655A7D7
      SHA1:714BC26C86DB6E469819C4E2F836B787173D3742
      SHA-256:029C3A71FCD263452FC9DABED56331FB87FEEF323502EABED32380C1971D3508
      SHA-512:CB576C9C48F0354C73EF20BC85C746897CB29D09F397B48D3075DA059733E1A5270E84A49134B1F1E4DD0AE00B2E4D8B55DCE3C1D580ECDE995FABD7B13B24FD
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......;....".....................................................................................!1..AQa...."2Bq.Rr....3.d..b.#.4.E6s$t%5u.......................!1.Aq..3Qa...2."R............?........................................................D.B.c..V.\.'..3.gl.d,W....DUTjm.Y^$.4.;r.O.!T.:'.T.VK...QQv.=...r..|....[`c\.K.UUU.j.r...F..F^.:~..t.b.GQh.E...9Q.M'V.[......F..+8.v.kv.]..u.#.N.|..Y.b"C.&.....k].....:.37.L.........q...o.8........uI.:&..1.c.z.V...g..sd.h..X.F+vQ.m..wK]................5.7.Q...*u..v^\..t...z..dM..z..g.5r5~.Q....M.o....GO.&..&..c......G~f....G92.].F..W..?!.X..h.H.5UZ.x.~...{.j#P.0..q.....@....]_j.`...<.L......................................................5..8..'...\.X]......W~:/.....4J.T...a.G..w.'.=..2n\...b....>vKX.\Lg*%...U{V.......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style3red\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):1981
      Entropy (8bit):6.735346573663372
      Encrypted:false
      SSDEEP:
      MD5:D336BBC65842E9A89BF21037AA19FB1B
      SHA1:AAB07ECE1ADEA93DB63E1598B2469E685142A8F6
      SHA-256:A6B25568D6ABEFF285546759178B5F65412BBEE299DEF3FC45BE493504E4B550
      SHA-512:59DEAF94C645E977FEB1A97D9A87F96A13A2E43E0797CCD4AEC17C1DF802B3FC5A03379A936ECC3CE0BFE668AFC2436C91EF5A35227D5EF0461281B3A60BB034
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.......................................................................................!..1.AqQa."2.....b#..BR3...S$........................!1.".AQa.............?..................................................B.....X.Y.W...9....Wb.+c...n4K.x......tqir.P.x;%..$.#.,.N+.._Pv.,..L.o..,....-..y$.?.Ir.X.......G._v..%...D.*..O...F.F).4$$................................................w<D..k...lr.}#.K*..f.k.w.9.3(.......i..y;...G.....J6.cV-4yo_.s.2...m..K.vI..V.#..|.g...l...>n..~-.T#m.......J:4...f|2q....V..s.e.Fk.......3.R..q......6D...................................................*....o....K_l....Y.<...J...[%.hd..n...l..t..\"..Lx.1^..7...n.2.AG./M_IK.6...9.;..|......6..?^u6.2.>.......SK..595....*..k8~.u..Wq...[\,..?r.....%.c....X...........................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style3red\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):17626
      Entropy (8bit):7.137982600869583
      Encrypted:false
      SSDEEP:
      MD5:3ABBDA463067B1820A1F7F336A584E8C
      SHA1:7C6F7D6D0A83A1C20263C3D0550174DEF6BFAF40
      SHA-256:FBFA8190117BFC97D09CC3806BBB45933A10EDC86760E4B9512AB4A5C11F6FC5
      SHA-512:484F7D2011E1AB2B0EE5218E388572651AE9E583AFBC17C2A58DD41E4FEAFB0BE383FBB884AFB66538104DA1CEC557F9FCD0B4BD57E4F1A4FC8460986A269466
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<.....Ihttp://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 4.2.2-c063 53.352624, 2008/07/30-18:12:18 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:dc="http://purl.org/dc/elements/1.1/". xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/". xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/". xmlns:Iptc4xmpCore="http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/". xmpRights:Marked="False". xmpRights:WebStatement="". photoshop:AuthorsPosition="">. <dc:rights>. <rdf:Alt>. <rdf:li xml:lang="x-default"/>. </rdf:Alt>. </dc:rights>. <dc:creator>. <rdf:Seq>. <rdf:li/>. </rdf:Seq>. </dc:creator>. <dc:title>. <rdf:Alt>. <rdf:li xml:lang="x-default"/>. </rdf:Alt>. </dc:title>. <xmpRights:UsageTerms>. <rdf:Alt>. <rdf:li xml:lang="x-default"/

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style4\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):1941
      Entropy (8bit):7.2309613705414035
      Encrypted:false
      SSDEEP:
      MD5:B8E76F4D61DDD9228FFD50FD442EA0F9
      SHA1:B4C88E6B17F4D884888527040207E25CEFFAB711
      SHA-256:6580D2CDCA062D71402901CBD91F5C5D556935E7D68E5B8DBB317A3E567215EC
      SHA-512:2A64A5249B65A14B9DCD62BA2D3DA84CA51FD27C10A115EAE0DE3E18F535E18AD787D862492D1DBAC969F158CA98E518DCFDD4EE4261F9225DE4E1FAAD1A0226
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......;....".....................................................................................!..1AQa."..u6.q..2B.%.U...Rb...#3$4t...E.G......................!A1Qa.3q.."2.....R............?..........................................................o.S..5z....{.....j.......<..*_#......+7.J.+%N..9.Ak(R...>*:....j.k.....q..z..nQ.j./2R..$...r.....q).#].%(V.}..|.u.u...]....k..gI.....i.\..s.?P.SS......s.Vt.......X.W.?.{...?h..1....._..M{...$......&;.....u...};.6o..O...:.....j...u8;.c..'&..Uu...%.S.m.<...f...gz].%...O..&n..fb..&v...V".......{..y.L....................................................4.....*....r.....a.B.A.y.K.J......;..............B..vNoJ..zv.^$R.....g...w.\.^(....}....Kp....n...P|.>Y'.#?...o..n..N8..L.."+.#.:.7...G..b._.O....vm...Hs..........m;.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style4\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):7580
      Entropy (8bit):7.496546597202945
      Encrypted:false
      SSDEEP:
      MD5:5EB61A750D14C147D70CCF35979AACA0
      SHA1:C262C2E21785E1CB6077989B0DFE76F2262A3D6B
      SHA-256:D8EFEEA32BDA310E90F25579DB244716CB9D8279F5A964A3EE18D68BFF011C78
      SHA-512:08FD22D6B1E50D8CBBD37F32BD13F13CDC0A8F255E57BAA5A4116781715316036CF3B42B3C6F43EEE0B21F54853810DE62BECD3A471B1F8053F0ED80C0FCB1A8
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......<...."....................................................................................!...1AQa.q"......Rtu62Bb..#s......%5..r..3.4TU.V..S$Dd....cE.F......................!q1.3.AQa2.....".BR..............?...................J.....O.\R...~..~..............=.-..V~Svi9s.......................................................KQr>...B..P*T.. ..........HON....._..o.h..#cR.F..\T.....9....Q.je@..*..P......}...K._......N.~.~/e..............................................2..i.k..'0..jX.`^.z1.d..t#5p.....BS...u7.T..ON...ODN.|.g...4...9.M..&.|...b.3....[.5.+N.....4.KX.T....(.....|J...~OG..V..(.......\.1J.,..GT(.....87..Ymq..x.Qk..6z.....+u..l..ZxD.~.&"...p.oj\...<x.\.bC..8(t%(...j.o'..,...l]JV"i.&)3.L.#.e./E...*.IKA)h.2..%.9Y.p...r&..r.../....oN's....n...p........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style5\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):1857
      Entropy (8bit):7.19845689639884
      Encrypted:false
      SSDEEP:
      MD5:31EAA943F0F61331567C73CECD5FC64E
      SHA1:B75FD5F8B9A82804EC60976FAE71E877DF444812
      SHA-256:AF1871895090CAAE109CB6CF31803AC9C5A970E2316F91DCF5C6687F0AB0248E
      SHA-512:38A6B220BD6F2051C1584D8A0842C6A2F3B3D16035721112849D96EDB40F8FE15AB7F344580E8B9CE297104A9D84C5CDA9F1B8CE40FC2F7EACF9CFF503DE2352
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......;...."......................................................................................!1A..Qq."B...a...R#.d..2.t...$E6........................!1Aa".3.QBbr..............?........................................................F..M.W........9.v.@.(.}...)..5..]..?D....Si....)R.}.....UE...W...%49.Mz....d..J...X..T.".....ocG.j.j.Y.....)zf"+3......2.3J.(m,..MJt..|.Qs.g...J......d.51"..DLLV&&?Xbbc.Q .DkQi..4........JW.NS..1m.TEGL.....r..RM#....?J..c-^.m...*..^PzV=...ok\....}4.<.........................................................g..9...cO..W..>...V..Kz$.](.Z.S.N.^v...w.G.#^...C.5.j....1.._..o.ir.".R....g..2Ys;...w...ruq."...k....V.\.l.\NLMcR.N]:.............Gw...7=j.LH.k......k.......uX..n....,O..7]3..H.#m.[.R......._N......Zh.t.Yg.].My...VV[+]..dr..Ws+U....U........Z.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style6blue\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2410
      Entropy (8bit):7.016746220589124
      Encrypted:false
      SSDEEP:
      MD5:2CDE7A7F244556F592FE2EF5AFC6A3E7
      SHA1:ABB191C1DB9EB2957FA66DC56320D16BADEC6594
      SHA-256:0EF5AD464AA8AE425825881437339E6318BA8E3E175EF0224D8E476B22F81A8A
      SHA-512:FCC7BE612EEEEA65F6ED9F62983E96D373DB2D86DE2632C9991949F75B29D6A0F5023FE6DB4322512D5101106D4B053CD73EC529027A24912D8B82DC3D942731
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;............................................................................................!1..AQq"2..a...Bb3...R...#.C.4.%5E6......................!..1AQq.."a.2.#3...Br.............?..H..................................................*.....+..n.ntb.$..MJ...3..}.b4..O}..g^...2....G.$..G...q...y..;#.E.w.w..8..[..).z....HE{^.,8wMna.lh..n9.d.+v.ZoSm*.q.(.O#.....tU.v2..d...I$.......J3.`c<x.;qWm.2..K.(~..n[.u.q..Y..^.>G.^.l...................................................*.k...>R.y/............ow+.....V.+...O.i........t.....]4/U..<...f.N.Y".......9u......)x.r1..Y5...KR...\..Ip...C.....J7..CcR.q.W.....|W",E,.OY.#n..\......................................................T.w.0..a..(.....|./6.+g.....O...L.u...nW8S...v.....9\j.)U.....m..y/.U...Z..Wh..?&.y.....h.fJO.G.a..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style6blue\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):19338
      Entropy (8bit):7.866390074328459
      Encrypted:false
      SSDEEP:
      MD5:D78F51FB19616DE47EFC12EE30E75674
      SHA1:305047BC646915A5B6DEC451B84D099D8179361E
      SHA-256:01D088316C7083B6A25714C5F1B7C6A4C903F523DBD68E56D729E4848E646A9D
      SHA-512:11F3FDB5C294A9750252C6E92881C16F70E68DFF3FCD5EB7969054B543DDD3C75BF33B72077761179DDAD294CE6DC3BF9DA53E81C347EB82935A6E688BB78A77
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<.........................................................................................!..1A..Qaq"..2R.....Bbr#.t.....3C.$d....Scs..T..%5u..4..Ue6..D.&...E.........................!1..AQq.2a..."r....B...3..Rb.....#...4.............?..-..ZY?$./...7...S.<_n2..mfj:.......+.=kk.J.......pp\I%.k.\.F.U.....e.9.i.t...!t.4...:W...DMf6......Cd....v.t...[.4.{.eBk.eme6ka....^........Tp...bF..'.2.+...M.....;....B.F[.<SfW.B...5....<...c.q;.5..PT...Z..6Y)..S..............qXg..[I.o=.2.....[S.H..R..3y.|......+...8...p.. ...p.>Q..5..IQ.D.7...=...b...G...."...f/qq.bM}....F/............. .A,..3.y.ujw..J.m.#..LW?Ze..1.y.%.....~.....R......6.+...5.{i..w.of3^...t:..ae.....|.......[9]..,..3..W....~...x'.8..0mFaR@.U~.=..t.i|.bz..{..M....9[:s..+.HH..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style6green\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2072
      Entropy (8bit):6.776733571711659
      Encrypted:false
      SSDEEP:
      MD5:0CBCCB5CA1B212FDD2D8C0B21E8399CE
      SHA1:C9C6032D36A92DBC39E2FACD54C394A3A025995B
      SHA-256:4ADD9119F01A474D118655164F936F7484977C7250A214DC18DDD05622E7D0B8
      SHA-512:3BFEB1A4F597DBE39946F05BBD66EB2A7F690E721D6F99E891F0659CD03FE1FEFD9A07F20B095451BB67686167E26077F43FF15C19E42CBBC57D3C7DF7FD418B
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;..........................................................................................!..1Q.Aa"23...q..r#..R4....Bb....C.$D5u.6......................!.1A.a.."2..QqB#...r3.............?......................................................=l.....'.u+E.Z....c.R..q.]:wK,j.u\.w"}-..........$GN....,.:.....w[dsJ5...2..5..._J./...wR4Z..kv.F%..Z.+....[j...f.d.~:~....2...Zw>/.3.-i..3.-.R..}{...................................................?&.v........S$..........^G}....~.m.{.2\.b.1..I....5.Ip..m....S..>zR.[,.'...0...F..K`..F.....G6......J.......Y9xy..-...}C......................................................u....y....I....dE..Tew.......%V.....blBw..6<.V.f.i..s.J&.ec;c.MD.TDM.t.4ko.:..-VX.*+.J..".z..:....*..._....E.g./7W.9|.../..3.........................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style7\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2454
      Entropy (8bit):7.3866569148464505
      Encrypted:false
      SSDEEP:
      MD5:6C5724E6425BF36A9E51CBD95B1861A6
      SHA1:C4045430B41FFD73A3F58A6E41C2056A77A2F893
      SHA-256:A68666E96F88830F6D608EF3FC0B3B96826807CF9C67BDF9F832A409BC151852
      SHA-512:087EBF13FCB7F7096D974C7D05C5EAD0BF3E47E741F03188B3EFA65C7EC7226B520FA6D65B64593713EE81A44549BAC320C332C82C7CE9C76B817D217601431A
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......;...."..................................................................................!1..AQa..2..q"BR#........r34..b....5e..........................!1A.Qaq2S..."BR..$.r.3.b....#4D..............?......................................................................u.rZ.../|Us..O]n.iN...Q8DH...~G..8..c.WV..+.6....R=[xP..h./...-.8.1....#U..V.}....RTqW....\.T..<....p..I*......bW...........H.Uf..G..lr....[.U)4.r...v...pM...........5.N6.8%\2|`..)p.*.t...:....2....{E..5-.d......TD..W.I-.W...<.:.5.....jV..O^.!P.=......Q..S.9'......ji.W..J.P...6\O...G"..W.-..|C\.^F.k.Q.o..y|mp|..0p0....#.f..].K..5,.u..mS..`NX'E.w....mG.j.Ng.ZS......K.g...O....m_v.wo.....?.......6....='o.}+..?Q..(.................................................................0"%W..l..p.fb3.....Wb;......p

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style7\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):11205
      Entropy (8bit):7.618440296439002
      Encrypted:false
      SSDEEP:
      MD5:C5279C5534CD4D0B6C046451AA0FC854
      SHA1:F1C07C41B7145104C78396A2638995FD40F55B17
      SHA-256:9C44745B7DCEE21460BDDDDBFA926FE60D2680E38BB0CE65354CBD7A0445B97F
      SHA-512:363548F65A2D06E6259015F528458FB14A7C8324A9D264DE2ECA3CE64FF65F15F599A704E1F293B6709BC9FB71868B6BC2ADDBE854353EBD56B99450DEABAED7
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......<....".....................................................................................!1A..Qa".q...2.....B#..u6.Rbr..3....Cs.TUe.S$D......d&t.E......................!1..AQq.a"..2BR.3...br..#...............?...r....7}.1.k$.J...t..Kn.....t.t..j...\#$.......j.-N..Z..'..8....%V.kU.......G.....Y=.l..z..5..6.5./)=..4....V.....7...2J.e...4`....zQQ{4#N.Rr#..T.....I..9w.g&..W..=t+.y....*.\.6.U,.....t%X../.P.eQ..M..Q..q.E.......%...j..[.$.Db..a.i..J.GDE...\.D!:..[K^.,.*a...<...G..:...c..h........+?.K.F.:...wO.9..Z..6)..3r.................................................8s.m..:.L.q9..n....r.....|.-w.2...u....Q...8.-=.>...64J...a$./^fx.V...[..q...5D`R.m).-w.m..\..&.WI.vO.%)Gk.'.S./>....S..mF1..CN.Y.\.(~..c...i.Q............8.K.g..2........[.........QK..:S...b.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style7blue\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2737
      Entropy (8bit):7.170463279323772
      Encrypted:false
      SSDEEP:
      MD5:DE1459AF81F7D448E39553C663DC2426
      SHA1:29B786B17B8AE102EB613970F305ECEFD9CE61D6
      SHA-256:4F23824737A445244CB3DDC615EB26DB9463142B170BF8ED9DF1605BF23C26EC
      SHA-512:A3B26F33BE15EAB0DDFF9790E179E3138580345335F05CD3094AB2889D381BEBF1F170D38865822C91C9254880556AF1BFD40018654DAB52A0CD1F6021C8CEE2
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.........................................................................................!.....1AQa"..2BR#q..r..s$....3b.Cc..4d5F.......................!1...AQa."2q..C.B...b..3.............?..................................................^.d.....<....%[.+....(...+.]/dq|.O..c.e..w.z.sO:Y.7|%.k{.*U...{f.k..&.......^F........4.w}$Mj#.............i.....Ef.e..z.^..Dr.V......s..um.......r..d............Q....lD.._....sZq...2>.^.m,.s....S..<..oN]l.;...............................................].u.....<....%[.*...5....m:&.p..V...N....a.O(^s...=.nz7q.b.....Y....\...&...>.6..*o........L.E....r...{...:......-.[..)....lvFB...'wOO.+.4e.[2.o....."s.5...b**.t/..g.3[r...0...D......R..E.V.6.2.#.!1.3.q9>.m..g........8t.................................................k.]M....p

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style8\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2339
      Entropy (8bit):7.418211458574631
      Encrypted:false
      SSDEEP:
      MD5:64B175EFD4AFD1CD24FEA952C80D1554
      SHA1:5174DF814689E080ACA25FBC846ED704C3467D41
      SHA-256:E5D012E30E3F471A15C3E28F04439167C6247DB355D2EC75A47FEB3E3EDCAB12
      SHA-512:DAA8B6A73E7632495FD830C71BF2AC389D4F0FC8A267EC760E72B2B5974B9AA781406D22C5AC92468902544526CACE7C4AACD6806173E2B679F43EC4E527D338
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......;...."......................................................................................!1A"Qaq...2Bb3..Rr#..4t..6.D......c.dE.....................!1.AQ.B..aq.3...2bRr.#.............?........................................................4.y......H......]..*..9U.....n.Y...z...+S.{...C...'O".U.J.2.5.?H.K.....%..L.H]"c.{..2L)......E4;k..p.....l....(.^.%...[.5.=..H.Z.....TsR.....[.u.Z...ggr..M....Wa.Wz+..K.X]5..+.X..=....r@...q"".T..B.<?.[.y...:v1..I......r......[tE6N.)...g8.d...?o-.e..)aX..X....z.'=..Z..-...n..Gp.I\2K.Z9.UJ.m...MedV..5y......&Op.$.t.X...nG..R..D.U;....Y..`..".i..U...ZG.%..E.k..1..U..6.Z.E$..h.......s..Y=.#Q...".#.b...yYi...w}cQ.._#S.......DwY&kv..W.0.$....,X.....w....]..J.tSN3n9.&1.p.$lQd.j|.0.._...y.e....Jq.@.Ln..._..P...........................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style8\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):12260
      Entropy (8bit):7.8651572824235005
      Encrypted:false
      SSDEEP:
      MD5:1B46F35E943BA70C0E99F62F90D8F509
      SHA1:8EEA5DBA1A4D602CCE89C82A62D6FC551192EF2A
      SHA-256:842D87A30C84D1D9C4D71D969CD69A4B083C374A43501B7D1BC9B94E1D564D33
      SHA-512:2F7289C1F06F5CB137BD6A36B654C6A3E5F87096A6B8481906CEC33A795FCE410ED8A8381ACA1A27282B9ED58FFC9BE14B5850035B1B8FFF7FB66EC0E2ABD9C9
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......<...."....................................................................................!.1.AQ"..aq.2....Bb#.u6..R.3S...T..&...r..C.$4t.U....5Vs..d%.....................!1qAQ..3...a"2.4....B.r..............?..t..$p9....s..Z8......,....%..B..b9Z.%n0.Cxq..^.....c...!e{.......;....d.p..:...3sBC8.....%...q.N.%.H{..(.5.Vg2PA....n....?<......~.zs...9....rF[.k..8lk.4#8=.'..lN=y....9.....yeV.C..3.c#..K..=......(7X.]....f{c.........9..:I.....Uk\...c..........>uc$ss.....r..OH<.J......4..;....5.r&x.....?"20>V~ .\............TIa....8......p..`v..m1.......,`V../v^q.q..Z.,.y.`!....:O.~K ...GJ..$.......q..acG}+.....V)w..6..rOV3.=....m...........)..D.J{O..3.........??......N.".....................................................&t32f....H.h..).6...?.Gc:..,;.Q.M..g..6Vu5..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style8blue\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2485
      Entropy (8bit):7.044463214020437
      Encrypted:false
      SSDEEP:
      MD5:B30DDEF3757D3D269BD6BA086C2BD354
      SHA1:C749BAF431D73F06A5EEF931ABEABFA940B66E6B
      SHA-256:018D0BD7BE14D1BA64BC84FC098A4A792038BBA3B3C141BEE73228E1374A1369
      SHA-512:00A1D849E63985E14ED89F2D15B3C6A61CE47799F4FD5AF6B61C66E43D5E81090BC858A50A4FB0E5661F38F212F5B95EFE2B330ABB16F08405DFEFF03AA6F8B1
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;........................................................................................!..1A..Qa.."2.q.R....B.3.#CScs4t%5.....................!..1.AQq2a.."...B.R.............?..R................................................._.v<Y...7f{."#W.&...e...W2.Z]...;.'...1...........z.......T+m3....?L.`....H....8.[..ff.......:.8.%[..=..D.b.......Z...^.".Z.K.W....W96U~.J.a..b_V.uZ/....{[..<...e.3.`..............................................M.P....b=...kWfdk.T.Y..ki..*"k..3.3_L..#n2H.V.J..b...6....x....anH.U.......[...N....K...7..,{+.J...zftT...G~.}.7..[&1...4s.U....|[.D..[q.|c.+kL...W_..Y5]9..A..Iq.......Erb.M.{.4..gYK.kD....k6Z..H.I..w*/B..!..'WU..P+.;Ee....=c.S.G..-..................................................Nc..eN*#Y.*W+..n'...V.LEu.g..Y!..b......J.U.R.lD.T..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style9\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2473
      Entropy (8bit):7.388350640802096
      Encrypted:false
      SSDEEP:
      MD5:9B40EDAFB032113567ABF05BAD64D8B4
      SHA1:FBEED86B0CA2292ED66EA0902ED3F5D9A10828DC
      SHA-256:471697F2A7C692EF71F2E369A69661F3AD7A1F941898CE135537589258CD194A
      SHA-512:9FE8DE1C64AA68C7E0347881D738117EA50D78D55813B500C4CDAE23AE332C5F3E26B0CE144798B4C17307751909552B7CEA255DEC946989950AA39497AA4A3F
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''......;...."...................................................................................!.1".Q2.Aaq.#....BR.3s..b.S$4...C..t.......................!1Q..A"2R....$4...B...............?................................................................|N...vl<.a....Z*#....8fS..9.u...3.cmUt;.....b...-...fm~r..l..lY...wzE.n..:F..n.7mXU..i....YI_..)...-p!.}..sd...N.*...F.....U8..RM!...~#.G%[+..F..ulz..O17..p.....K..........39.L.6t{.].."S.8'.....!8...8..)^....nW-Z.O3...#r.V...Ak[.I:..{j.T.)T.{O......!.*+Z.X.N.nr.xP6=.9"br%.T.Gr.]i].m..=..&..{.R..U....V7..V.P...JQ.....s...r.......Y.....m....ef,mln.9....ETT.k.1...r....7.8.{.O....._wq...X...#.UDtX.u.im.+..T.vT1:.9Y..2%R..M6...D.......(..}vv........,.w6.t..5...J.p9...u5....H.z...K^.>.............................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style9\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):19338
      Entropy (8bit):7.866284883242288
      Encrypted:false
      SSDEEP:
      MD5:5932C1F772CA2A050412048280445DEE
      SHA1:0462FA57D6C5803BB6B7D3DE70D326337EADDB62
      SHA-256:7547E282B53E5A1BC2E115791C77E6CE93F86AC501578D7E937B4DCA1C0C206C
      SHA-512:646B741D6BA03CA4A91652E4D5F5554C75D0B5B9D4B4F8F9EB42982A64C8677F90B1BDF2A5B6A3D72AC27ED5BF5FF2D7AA0592F3668FF21C499648E7465322C4
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<...........................................................................................!.1..AQa"q.2..BR#.......br3$u7....%..S....4t..Cs..e6..cD.5U..&.'......................!1..Aq2..Q".a.....r.R3.Bb#...C............?..n-.X...o.8..v.....5..*.B.Z.]..R..b..M..&.a...J...H......e...[]..l6U......-...\.....U-.DZ...Z.....9........SN..>........=.u.p....ue.B!.......v..CSU....c......3......|..g3&..{8<..].ox....j...?..m.K.bq,..FB.....11.........f...O-....3.o.V......on.V...C_...;.t.U;.L.UyB..c_D..x#&....-...Kd"s......-/.C.X.*..xh..4...9.C.Mf)1...KXc./ld.Y4G$...].yo#R..kA...].....r..%..O.....'a&..h...W...R...)hlG...cM. P..[....B.....x...V....U...._}$....#...m]4.......;v......-..W..&.....1]E.........N{....G.t...i.W....ot...2E.2.H.O.0n<>>.U....pe..8v%.Z...;.i..5...S..-

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style9green\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2121
      Entropy (8bit):6.8018064225828345
      Encrypted:false
      SSDEEP:
      MD5:81679E5FE2DFDEE0BF1361C4E4924154
      SHA1:29888ADE31A7BC21C8207C809775A7FD6C4BB547
      SHA-256:A5D43752AEB72CE851D3BB5324C2190BAAEBBAE95CC99F59FACE99BD73828C76
      SHA-512:F5B45FF93EA0E90A4BBCB9201D837BEFE4DC864CAC400BD7FED7825A3639A0D6A63725530629E8BA4A241D1F0FB1266592C10AB675958147CC5AB4B68094E2E1
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;......................................................................................!...1.Aa..".Qq2..C..BRrs5..b#3.4t......................1!A..2Q.a............?..R.................................................]...........+M7n...,..9a.iQ..=[...,[..;......shpk....2....b..u..i...}....[p_.>%..'.1..r..)....,QK.w._.t..,.6..Y...._j#w`..............................................Os..k...L.......n.b.2r8%.K[........y....]..7.......=.r.zm.)QgN../.'5*.F...Q...xe.........Qo..}g.c.W/...Iv........jNe_....i.....................................................E...2/......n.g+Q.[..y...%.y.l..<..........Xi.N...^.~..Kp.r.V.p).Q..r......!.%W\Q....O9.7u..-D#,.,...z+..,...Xvu.%q[....k.Q.E.[|k.R.T<.8Z..5.E...WD.^=.........y}..Dn.................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style9red\banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x59, components 3
      Category:dropped
      Size (bytes):2201
      Entropy (8bit):6.90041698279987
      Encrypted:false
      SSDEEP:
      MD5:F50266015F85E11AB575004433A766D6
      SHA1:C246A9F672A825B636DD40F78171FCBA442B0D55
      SHA-256:401312D5C5D8DEC9D01C5B71D25C31827AE3151A2041B1DDEDB3E8FB364A670B
      SHA-512:312FB7B17C4E1ED519D4EB7C9BE0B210DD072CB92281D6A337C74C95B97E811938DDF0B70C1E408F3B64FED42E360CA5902288AC88BF4A6D97787B29D2202DC5
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................;.......................................................................................!...1A.Q".aq2C.......R...t5Br.#s6.b3.....................!.A1..2."Q.............?..................................................S......C...G..{3-%.n...<..C.gsJ..D..3pjw==........Mt.....x..r..o.]{..k......r..../.2W.W.N..w`.nJp|$.A..Hl..........n......?.....................................................z..=c.P.........)6....~....E;Xi..1.[..{.4...Xb.B6...(%H.N..h...+...8..K.R...te.....z...Qo...P...o....:;..c)7...s.LJ.z........C................................................w.?..?.........b....%....(..z.S.Sa..?...d.g^m..P..{9......e..'.5mW..W=............x.....b..m6..W..f....vUa.../_.........6$.....m...b...!g.....n..R..?..s......./.%..............................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\classic\resources\variations\style9red\dialog.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x316, components 3
      Category:dropped
      Size (bytes):14561
      Entropy (8bit):7.798388156288132
      Encrypted:false
      SSDEEP:
      MD5:3DF95361FF20C90650F31F81156EE81C
      SHA1:EF2C4BCC163077F3BE7FA339119DD43946F6105D
      SHA-256:CE9DFBBDCDBBEB4A5E738C6FAB0A812CE96120F744CD7D4A5EC00E0975209F4D
      SHA-512:C28F7930F632EB2839B563B3B10692E781C9D612330536A29328F8D0C5405E2F66E7FDE2AC945877C9196ECFCA9F672AA01BBAB989789CE2935007C4E83C577F
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......<......Adobe.d.................................................................................................................................................<.........................................................................................!1..A..Qa"q.2s.....B.#C5..Rbr....t...3S.4.$T%U.cu.D........................!.1AQ.2.a....q......"r.....R............?..d..;,e.3.j1.vd...A..,b.9"..$..08*..g........*...................-.h........-.!.d...1.<...$.8.........................................?>8(..X\.70j.R.x..p... .....+..Z*..;N.....b..S7.kL~..SJ...>L..x....(s.[g?....._..tt{..!.n.S.&......t....Pr!.z......_].E...........>..;.5G...G.............................................1!..e&.3.....:.U....j........Z...f ...........q.)|.....Q.t.gA..r..H.c..9 ...s.......T..y..S..^.H]4GT/t...i../_....<gM.5..V.G.....K.<SF$...9....lD.Z:+....8s{Wz6 .....|..s.... ....=A.O.#].q.!]ww.........*...BI+.$/

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_bottom_mid.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.2221872900623083
      Encrypted:false
      SSDEEP:
      MD5:C1C449A6CC9796C50EDE9CD336AD8050
      SHA1:C34B55104397CC50CD74B620ACC366235DE71E18
      SHA-256:114763CD7BC54D393675C30956DD20890E81FDF253F270014361E4DC1A3F1DDE
      SHA-512:1D953E66AF0819575884DD16C713705DA7DCB35B501295EB00BB6A29084797E56DA64F3FE582DA35A53454E87CC7F6C49299DD7E0C33873C4C2BFBEE2C7CD97C
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.............................................k.......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_bottom_mid_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.324399946588591
      Encrypted:false
      SSDEEP:
      MD5:0EA292AEE09BE0C1D11C6DF8766E4665
      SHA1:5CAADB6F7B4A0DA8C2337B7017DCF7D12A33FFE6
      SHA-256:1058111E46A7D73F22902CC2A3138B241B3B3D1AB31F1EDB9C1691A706972DE6
      SHA-512:9B359A080453A3AF91880059B289D7ED6199BDDEB54B9197A63087705EBC5DC7DC47BBFA98AAE67B16706797AFFB225296E2C397F9CCACBF110A119917351EB3
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.........................................H.......@...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_bottom_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.7027309856968214
      Encrypted:false
      SSDEEP:
      MD5:D493380877A4AD1F49D2FD9238CCA240
      SHA1:C15F74FB657FD57BC093CA36D5CE6570DAE54A2D
      SHA-256:847C1638CEBCEE34CACAA228AE538F51439B65525468716D2587F67234D4F433
      SHA-512:96D3E19CC0F54E378000E97685B514FD658226246C5A60135B073905DC8558F2AB41D5287F93523692CDA7CA3F2A484478D8B6D9AC35FC64E3892957F6AD85C0
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&.................................k..k...........k........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_bottom_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.780221995509762
      Encrypted:false
      SSDEEP:
      MD5:FA7F5940D0F7A1045E16493C45D8E121
      SHA1:A4433F6D58F5376E9908CAD0AEBE96F772B190A2
      SHA-256:A59C912677674A34FFEF286A4BB1B6E00C4204B34E0E3A6840011946A5AAA87B
      SHA-512:CFE13905595C7763842EBC592715F994599C6414376775AE20E5B7F453EA79BE714C64DDFA8FE086D6C53D47F7D390F0851721064186D16038AFECE1A864F2A8
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&.....................H..H..H...........H.....@.....H.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_caption.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 3778 x 3778 px/m, cbSize 144, bits offset 54
      Category:dropped
      Size (bytes):144
      Entropy (8bit):4.265697255963054
      Encrypted:false
      SSDEEP:
      MD5:DE1F2559F87BF8EC985C52692CA76A0D
      SHA1:52D458D1C78053DCBF45F959CDB8FBA70C7BA661
      SHA-256:E666F620387BA57ABB3E3EF563C80B3BC22A887FE045F4F763A3746CFAA89763
      SHA-512:BA421FC18753555E1A7FAFAFD440353D38D1202661C5D48FCE58317FACAE0409E21825ABD8AC49E82C0C53DF6F3DAC5743B08B2F62FEE914256785BDDCFB2396
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................Z.....................................................$...).../...5...:...A...G...L...Q...W...[...`...e...h...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_caption_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 3778 x 3778 px/m, cbSize 144, bits offset 54
      Category:dropped
      Size (bytes):144
      Entropy (8bit):4.3088138903312
      Encrypted:false
      SSDEEP:
      MD5:ECCD11B35C82505D448F9F7FBC7AF81B
      SHA1:BDE8BD7339AFCAD11017200584D4AAC310742C5A
      SHA-256:200D26D3E3326A8CE5206095B0D9F10E508F963D7ADFF3C24FFDBBC2A10DD766
      SHA-512:3557665A82FDD3B735B0E18E5434980F7959809E7E00A6D0D78533B72B863AA9CA611E1200E711DF7AAF15F3CAAFC57F19CF3F3DF43D0C8357315E1DC56D30B7
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................Z.....................@...A...C...F...H...L...O...S...V...[..._...c...h...l...q...u...y...}...............

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.2221872900623083
      Encrypted:false
      SSDEEP:
      MD5:4BB0574400F73CF2CA88403C180F59CF
      SHA1:018292ADB9F1AAEC1DF5896B42B94DFACB2FA570
      SHA-256:1D657650AD749162B5A1CA347BE5217FEA20B53F4B0E90EE95F3A63C556A2EBE
      SHA-512:17B39FDEF16C9C74F2C3624E3D378D359B9BE6D4D563F65B2415321A47D4AEECE6B9DDE984F7EE72D2E913CFFEDEFEE5F7BF495C9F485D162B67B2DF1315D3BE
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(............................................k........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.324399946588591
      Encrypted:false
      SSDEEP:
      MD5:0B55C69DE22846B5D5ED49147D1E470B
      SHA1:DA3B47A185378F6B1130B9C33B94EE2A00DAE114
      SHA-256:EF71AD6964B85F6C9B44ED7CFC79F4921FFF3DFDF101182B3F05867041D41969
      SHA-512:82957F8AD32E477424FDDD905E26B22371C0C1066596E966217AC1CC4E1CECDD76524B4746D2FA76692C1E1A41802136046FB4151AE97B41B1DEC8FA8AC366F8
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.........................................H.....@.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.2221872900623083
      Encrypted:false
      SSDEEP:
      MD5:A752031714BBFA522DDBEC02D184EFC8
      SHA1:942E9C75220CD22214F51038CF349CFC41595AE3
      SHA-256:CEA6A93710F5F4DAB03A7D455BEBAEBFC7626A5E869361484528ECC1A0022B29
      SHA-512:875CBEFF0739FE4953280EBE2A56EA092C641492C4B562C3E81A645079977215EB0AD7470EC9F164FC11F351B81427F34A8702C3A9F42D2252477B4090623D42
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(............................................k........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.324399946588591
      Encrypted:false
      SSDEEP:
      MD5:EEED9B02C55CFA08016B77609CB12A3F
      SHA1:DF644F284A376E0453E5870E0FD954E082BFDAF4
      SHA-256:43AAFC129130D71D06FDB5D2C08099D9AD56AF4DCD89AE7DEA971B5557A8DA71
      SHA-512:137769C83DCCE0CC8E731D69B16C0FB3E65127B0F207C99AF761853222671AD0E378BB0A1EBE36EA39FFC30F9110161DE79ABDE86BDDB0D999A617E629565F06
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.........................................@.....H.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_top_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3778 x 3778 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.912466721016646
      Encrypted:false
      SSDEEP:
      MD5:8A5C68C7162092CAD0B740CA70B99FE6
      SHA1:95D7B8E65EEE3AB495735548D6C0978C7B909811
      SHA-256:9E902EF8E3E51AEA7B7A9FC1B3F88931A31C3591F69CE47D057BB899D7AA353F
      SHA-512:AF2DED2B2BDE6C668A1AD6917C98DC2D03BE8C1CAA49DF659EF0145CC69F22CF16C3C946E815EFF238FBC2A710C3C66094BC0BEAC13333EF0D530E2242F9418A
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(............................................k...................k...................l...................o...................p...................s...................v...................y...................|.. ...................&..$..$..$..........+..)..)..)..........1../../../..........7..5..5..5..........=..;..;..;..........C..A..A..A..........I..G..G..G..........N..L..L..L..........S..Q..Q..Q..........\..W..W..W.........p..[..[..[.............`..`..`................e..e...................y...........................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_top_left.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 6 x 25, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):527
      Entropy (8bit):6.808634601524748
      Encrypted:false
      SSDEEP:
      MD5:DA1E661710548CA2554A59CFE40F60D7
      SHA1:4CFC126BAD6D57C8D4958F483E3EC35ECAA96F7F
      SHA-256:256DE52E9376688A0B614BFA6565CD86730BFD5179A00588F7EC4681799C0273
      SHA-512:3F2ACBC4412B5680D9BF85A3130BA4D7F2C00280CD0DE2941746FEB1672954A676E419BC2D352C7EFCC54252C34ED6B5D338A6AAE7B74E29D987EF20636985D7
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............%..4....tEXtSoftware.Adobe ImageReadyq.e<....PLTE...........`.....$.......)....L..[.....Q..5..A..G../..W..;..e..k..C..=.....v....1..... ....o...............S.........+.\......l.......p....s.......I..7.......&....y..N....|..y..p..........G....DtRNS....................................................................q......IDATx...C..P.......m..N.N.y|..f..../.S.fl.E...q..N.8....<..m..!.C... .e)I...}.Y-."xLL..E.4x6$I.W.0...eY.m.u]x..kuTU..Y.....z..............K....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_top_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3778 x 3778 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.786763120411468
      Encrypted:false
      SSDEEP:
      MD5:31CC6CE4933F17BB4A8E10A28E7E4437
      SHA1:127A49F848B26778E55A1A0FCAF3B5E7AFAE11DD
      SHA-256:2E6428F7B37591B5BC06DB1C7404B2FC8BA4F8EC8120FF28A72A7FD367F667E1
      SHA-512:6CC15810532A9A6E2A302B89A24B81090C93E94BA252C1DFD11DE186D09D0CEF5424F106ACA85E4CEEEE634BBC8B4846827312F1E7B6E71246D42CBD8BEC7C04
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(.........................................H.....A..@..@..@....H.....C..A..A..A....H.....D..C..C..C....H.....G..F..F..F....H.....J..H..H..H....H.....M..L..L..L....H.....P..O..O..O....H.....T..S..S..S....H.....X..V..V..V....H.....\..[..[..[....H.....`.._.._.._....H.....e..c..c..c....H.....i..h..h..h....H.....n..l..l..l....H.....r..q..q..q....H.....w..u..u..u....H.....z..y..y..y....H.....~..}..}..}....H...............H..................H................H....................H.....................H..H......................H....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_top_left_inactive.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 6 x 25, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):521
      Entropy (8bit):6.72348782349867
      Encrypted:false
      SSDEEP:
      MD5:725C9D7DBD75835DCB97DEE333EDC6F4
      SHA1:881239761FBD2785B48B06E2A1C28CBA1DA30206
      SHA-256:0FBC9FECFC64E0C7EDDC05F1B349381E6F7E692E4FF6850BBDD8AE9487746E63
      SHA-512:2D711A5366030C6546F6AA06B8BFC992F7AB606F69D46753D1F0D5FAA487DC80167DBD03C6FB1123D4C4C9E506D8F8DEF2E8D8633B4576EF39000B0C08A56956
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............%..4....tEXtSoftware.Adobe ImageReadyq.e<....PLTEH..C..L....q..h..@..[..S......y..c..u..O..l..F..A..V..}.._.....................z....~.........J..\..P......T............A..G....i....M..X....D..w......r....e.......`....n..............CtRNS...................................................................Ab......IDATx...S..A.....m.......#.o....P...J..m.P]9.......i.i...09......iPy.a......y...g.e0...].$..[...A..0.*....y.e.Ep>.!.(.8.,....0.aO.a.!......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_top_mid.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.324399946588591
      Encrypted:false
      SSDEEP:
      MD5:39A3A5A753FDEA9D1DF1F79D66B8B388
      SHA1:CCF36F5E4495990BF3A96FDBD934FB44CE7E2BEC
      SHA-256:1944FB4564AF49492300DBD009F8776395423731F4C992B8BF9BC94B638565E9
      SHA-512:E426843C7D935608427AD99A61938DD462BE81AD6878E0D5B8EB751DCF9D64225F8B759B94EF6CF9307C1AC67A801111038D03BD0A43C85257CAAD3C421C22F8
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.........................................i...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_top_mid_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.324399946588591
      Encrypted:false
      SSDEEP:
      MD5:C409AC762B0711D66CF1F14959E1E079
      SHA1:93EEB107B270ADC026FEF677F35F07921660ADC3
      SHA-256:2D40F4BB5E16B81521350E7A4C3E3F0236EE6AA36489A10FA5364949B39C4A5E
      SHA-512:D65CF1A81DC5A953DCB65A9D03F039990EBABC803D22C0FE907C23941F97554E8DD57B5CC7B310BD045929F89F2E9BB9C93F6FF754DED55E440DEA8489B4769D
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(................................................H...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_top_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3778 x 3778 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.926469034047965
      Encrypted:false
      SSDEEP:
      MD5:3858016E84C19903EC1296EE493AB7D8
      SHA1:9D76098E64E3B687B2ACE59883B8F20975E5230F
      SHA-256:84F224AA547A2A6841DEC9701C7388BB3FA271821BE25C9BDC72EB80CFF2F71A
      SHA-512:3BDB9B28C6F35A268A38AE853F8A7891594359F9DBCA998C8322460D1C724C66A9D37686CF692E37E66F043E8E2DF68FE0465040D61030E18DBE8293D9DD0EAE
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(.....................................................k...................k...................l...................o...................p...................s...................v...................y................ ..|.......$..$..$..&..........)..)..)..+........../../../..1..........5..5..5..7..........;..;..;..=..........A..A..A..C..........G..G..G..I..........L..L..L..N..........Q..Q..Q..S..........W..W..W..\..........[..[..[..p........`..`..`.............e..e................~.........................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_top_right.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 6 x 25, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):531
      Entropy (8bit):6.807830701220171
      Encrypted:false
      SSDEEP:
      MD5:8D9758C16045076C00D810626A3194BE
      SHA1:A80CC03173C72C58C3AD9167C21F8043A223B0B8
      SHA-256:90A62A1516F134C20A05E92EA7FB948D20D5F394FB7E6AE76C2750C78F9A4572
      SHA-512:504A0777851E0E9BEAC7136F09115D7BB282B33315DC73B1CBE95BA9CDA77BDB1205A3C9E8FD89A50A78A86BA7838D943591BDC32D8322FDF2BF0FD47AC462FA
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............%..4....tEXtSoftware.Adobe ImageReadyq.e<....PLTE............W........5..G..$.)....L..;..[..A.......Q..`../..k..e..o..s..&.7..+....\..l..p..S...................v........|..I..y....~..C..1........ .................p......N.........=.......-1....EtRNS.......................................................................8....IDATx...S.......6f....Lk...Y.W.aU.....Q..s\..@..F.C...;........x....8..h.V=C..)..Y..a............(.2..$I.2E....8(. ..&.A $`Y.!./......$......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\frame_top_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3778 x 3778 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.8113795303845555
      Encrypted:false
      SSDEEP:
      MD5:20D394A2ABEF5FB6FB24A455AE9BE7C9
      SHA1:28F3BC3F201BEA24BF1EA37329D124416EE00F64
      SHA-256:D6B0944D13BD40A76FC347D1BE02BFF529C8710018D54EBEDFE48A67E6C50F9F
      SHA-512:436C154D034B1B7B29EBA9FA1095A8EED6173D313D94D2018A011BFF6AF16904030C9D9F22D0E77C50956D7E8E85680739E6B8D19455349E1C0F1F8124E16A01
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(.........................................@..@..@..A.....H....A..A..A..C.....H....C..C..C..D.....H....F..F..F..G.....H....H..H..H..J.....H....L..L..L..M.....H....O..O..O..P.....H....S..S..S..T.....H....V..V..V..X.....H....[..[..[..\.....H...._.._.._..`.....H....c..c..c..e.....H....h..h..h..i.....H....l..l..l..n.....H....q..q..q..r.....H....u..u..u..w.....H....y..y..y..z.....H....}..}..}..~.....H...............L...............H.............H.................H...............H.............H..H.............H...................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\sys_min_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.4035632881191225
      Encrypted:false
      SSDEEP:
      MD5:E2BD61467BAC0C0B706EB6AECA2EDA4E
      SHA1:E3366A7EDBD9F0F032F3520BBE128A08C510EF86
      SHA-256:9E1928843D1718AFE69117DBF16CD8855D62BC7610070A05E90E990FFC9C580B
      SHA-512:692F91422EA6002EEC8460D3DE7BD9C60F16A9D5BD918415A15B5D81FA7499DC6FB211EB6106669E21133462301842369590949427E6C23C148985B02BE01E90
      Malicious:false
      Reputation:low
      Preview:BM........6...(..................................................................................................................................................................................................................................................................................................................................................................................................................i..i..i..i..i..i...................................i..i..i..i..i..i..............N..N..N..N..N..N...................................N..N..N..N..N..N..............5..5..5..5..5..5...................................5..5..5..5..5..5............... .. .. .. .. .. ................................... .. .. .. .. .. ..........................................................................z..z..z..z..z..z..z..z..z..z..z..z..z..z..z..z..z..z..z..z..z..z..z..............x..x..x..x..x.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\sys_min_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.320105488244604
      Encrypted:false
      SSDEEP:
      MD5:7480D2FF2FFA06E24BF88FEFDD687392
      SHA1:BB4283668415D05CFA632A6FF3E1BC6995E76096
      SHA-256:D0639885D67E40A7CD4179577D11C409850344E627AD0F966D9FADF577C388A2
      SHA-512:E23C27A404F4F3361112F36F69BA10D4638307718B1B3B0DDA618A9EE05B8B27BFF229F9233E1E3742CCD38F004BB9474F93C7FE8AD180CE5A7A8C69A069575F
      Malicious:false
      Reputation:low
      Preview:BM........6...(.......................................................................................................................................................................................................................................................................................................................................................................................................................................m..m..m..m..m..m...................................m..m..m..m..m..m..............R..R..R..R..R..R...................................R..R..R..R..R..R..............8..8..8..8..8..8...................................8..8..8..8..8..8..............".."..".."..".."...................................".."..".."..".."..........................................................................{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..............y..y..y..y..y.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\sys_min_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3779 x 3779 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.5757255822623701
      Encrypted:false
      SSDEEP:
      MD5:3AD9CB3D4B8A775DD6A8DA59E3F9B4EB
      SHA1:2BEF0EE90055A23065F264E467BA27CE3DFC49A4
      SHA-256:9B1C8B9090B3682277BD4A345AECCA204726411E04F4155514367273D4653E0D
      SHA-512:1EA5826ACC3E351909B45D8AA0DCBD9022DFE50344FEE0A7EC608299D2AF9AE818697CFA8CCA70713DFD8F3C406172B0D4285ED689BC50488F6AC4BFAEED57CB
      Malicious:false
      Reputation:low
      Preview:BM........6...(.................................................................................................................................................................................................................................................................................................................................................................................................................N..N..N..N..N..N..N..N..N..N..N.....................................................N.............................N.....................................................N.............................N.....................................................N.............................N.....................................................N..N..N..N..N..N..N..N..N..N..N.........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\aquamarine\sys_min_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3779 x 3779 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.571496801237379
      Encrypted:false
      SSDEEP:
      MD5:BB9A2028103C8E28F5140034DA8DBC36
      SHA1:4CFADF3937869A69F9D7018DBF5EB6D952893712
      SHA-256:5BDFDA5B66046369B47031755CE6EB069AEBB1384E3176C2435F3E10FFC943E0
      SHA-512:9E048BFFAA2D9AE0EC71D8FAC8AD3A3551E02AD0FF7147CC4EC56C50953CB96C93B371CF55457B09B9BC3B596C64F8267763D500F11A4658DEFD4D1A4D946F4E
      Malicious:false
      Reputation:low
      Preview:BM........6...(.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_bottom_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 2834 x 2834 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.702556266947516
      Encrypted:false
      SSDEEP:
      MD5:A49E4A8DE4F54C8A7F5474C47647A9F4
      SHA1:2D93363B180DD920D411A8ED940E41380ECE0B72
      SHA-256:0BE5AE8BA7A7095AFB301107DDD42EAB00B52606F3B255126ED957B372A14DA5
      SHA-512:3214C14C49DB598C0BEFA5D7FE35094C063AB92A16B5F6015BEB266C20A5EC72AC8F958AC2BC265EF1DB6A820F327A958221599792946451C8BEAA898333E03A
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&.....................(..(..(.....(...........(...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_bottom_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 2834 x 2834 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.7449490335767566
      Encrypted:false
      SSDEEP:
      MD5:323D050AF590C7B2313C5F366DDDA654
      SHA1:DEB472D7769FF171C80184142D1A92567A3D57CD
      SHA-256:465CB965794D1BE32DFEAAC773C8EBB3ED654684E215A27E596131ADD3E8FBAB
      SHA-512:1F7E6F2BC17D17D7AD0785BE80D30CC1A7BD748FC0A2585548ECF09570F60BC172F30F3806B31F9B8DCBAD3E218F7374BE4C515F8A123524D471E57D1B4CB4DA
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&.....................^..^..^.....^...........^...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_bottom_mid.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.3060894686792306
      Encrypted:false
      SSDEEP:
      MD5:26ED846FB90D66F2A97FB006424614D5
      SHA1:FB16738948DDD6BBC24D11ED7AB26D473F23EF59
      SHA-256:504C9793EB25C3C374490404446AC85869FCD7A78D4D82A9F0FD6870EA11D522
      SHA-512:971A928BE447477F23B31A29549D72B9169E0026935B7C795445C8A230DE41AD498C095C40EBA4AFA0D5D0C1166FB93D247624D2FDC211F1830E72B353E8D82D
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.........................................(...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_bottom_mid_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.335501233385113
      Encrypted:false
      SSDEEP:
      MD5:2E80B40F8F463143332613EAAADDCEBE
      SHA1:428A9DC9282243AE4EF70ABC8EA6FE025A4EBFFC
      SHA-256:BEEAED116A9DAA1A5675DB722ED03182E212DB8E6287D96CF443899A0DF3FDBD
      SHA-512:5FAB470A72BACDA3E528A96917DB3219A1608BBF41018FEC673700CD7B63694A6591B92AF911A2E3CA534CB5A168AF7913E7B951A332603B5FF036FF6AE29789
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.........................................^...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_bottom_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 2834 x 2834 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.702556266947516
      Encrypted:false
      SSDEEP:
      MD5:814B76203FB7A199BBB1BE9B0D22CB07
      SHA1:0C93CD2F0766B9E58A90A7A05D5A49FECF5A062A
      SHA-256:7A08E9FF7F55350CCEFA10023D70578BB31FE104CA8E660455E58630CA457610
      SHA-512:CEC52730A8791975E037B8FFE41E4E763A68586045C4A529B7E2297D991C930C72177B995D2222BCE97BAB07799493CE861E626084165DA11B9D7A7AFB812153
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&.....................(..(..(..........(..........(.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_bottom_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 2834 x 2834 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.7449490335767566
      Encrypted:false
      SSDEEP:
      MD5:1C28ABFFC9066F18E078FD60F1A5485B
      SHA1:6894FF733E6B0A756334A5C18E07561400794376
      SHA-256:88A916991D15412597690AA0459FC7F76CDD639343CCD790CC73BEA3B46E4583
      SHA-512:33C81472EF653BA59D5F50F3B7EA7DF9E17343BB0789052FC4B5C50C582EA940F6AFF7EBB39185F46BF2375CBEF0788FD84458FE3F2B80BA4AB0FCD0E80BC931
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&.....................^..^..^..........^..........^.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_caption.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 2834 x 2834 px/m, cbSize 144, bits offset 54
      Category:dropped
      Size (bytes):144
      Entropy (8bit):4.270551563912262
      Encrypted:false
      SSDEEP:
      MD5:145E11A6F38888BE80CF39C665482E5C
      SHA1:ADAA1A09A0791ED8F8114B4CA0D820AB59AA93EF
      SHA-256:C56D7157724FFFA9AAFDD9F4D5421769BB7DB1C77872C4371381611F4B315676
      SHA-512:9554124E94C6CEF6B7790A697CE9DC018DC75BA021A0945B772F322CB106E947CB93EC2216485BA05E655373B2E15FA434EDC14272672DECE55C7FE56B30325F
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................Z..............................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_caption_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 2834 x 2834 px/m, cbSize 144, bits offset 54
      Category:dropped
      Size (bytes):144
      Entropy (8bit):4.15603611255342
      Encrypted:false
      SSDEEP:
      MD5:78ECBB7D1823CA10CA1F9D37F2CC58CD
      SHA1:39D30910A93D89C4B9E4B141211A7879579C6CA2
      SHA-256:E011BA9B6578CAC341EED3BCAD6929F8A6B5087FEF6F2B279CBBD920EE2E3E39
      SHA-512:8D716F58D742A7639550A874091D28FC8504088764862A8EA2950179BDCBE8B4D73723F44064322E71B04574F3346B471F58F80615B5E1CAC606F0D0B61E7724
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................Z......................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.3060894686792306
      Encrypted:false
      SSDEEP:
      MD5:386263CC75860374971D7F30F374565A
      SHA1:0C4B2EF95BE421120987F577821B265FFCCDF53B
      SHA-256:54A145BEBCCDE44E2165D504A2505DB12CA4AE0DBBCC2740ED64EEDF149CAF12
      SHA-512:13241AC8D3FB212E7B61E5F53FBE78F00C7B75A13D8264B3E218B3664DD4CBAECCDBCA2F6A6F5CC2ED28F467F4433A33D751962465EAC35B1BA3A58D3F6F339D
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.........................................(...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.335501233385113
      Encrypted:false
      SSDEEP:
      MD5:1623853D9D8E21B1C9F452B08F97B48D
      SHA1:A6BE62239B0DAD8C288C04A548938F33ECF7B136
      SHA-256:47A774EDAD81E6B4E161F502811BD25488519A66CA2BE955E36B046EC0662FCF
      SHA-512:EB35149B376BA62FBC8081BAACE9D5BFEEC83C3B670CCF967ABD5FD1B52873CF852666C3C91EE79F77CE5F9222F7CE44A2DEC06A5221DDB4F9B3B46A5BD30C40
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.........................................^...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.3060894686792306
      Encrypted:false
      SSDEEP:
      MD5:5DD25631ACF0FC7C7B87E41EB6D22DD1
      SHA1:B7C5F293617EBA1D6285E80ADD915576D5F57A46
      SHA-256:D7850318ED4ADDF03108D4EED9EB3BD61E4A981C938AC6094C626B840BA3D970
      SHA-512:07FDDFFD89567D598CE401BC09814731246DA1D2C12700B5BB08BF5071C7232AF5D9DBC3E03063C7600D0EB3F0AE0CD09112AC9DA17BDDB1F408C744FD8F7E77
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(..............................................(.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.335501233385113
      Encrypted:false
      SSDEEP:
      MD5:0BCCAC8C33FF04E96D301126FF7150E5
      SHA1:E829401F13573D1B6E0FF9E9892740D8C0D7A513
      SHA-256:847C1C9C477137030363D74DFBA2C549B51897CA1BBB2A6D7A897D4B5CEFE6F1
      SHA-512:3589E36DD9A2B097E6433762DCA0B6CC3939BDAFA43E0F249DFB4E7FE07543ADA89A36F58C1DA0BC6B9AD6A808EDF7246A9AAF70C60B87E7A65BA847A794758A
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(..............................................^.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_top_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 2834 x 2834 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.492247481746648
      Encrypted:false
      SSDEEP:
      MD5:56ABC540CF417C32238E39E36A43C52E
      SHA1:828A0CA7481472697656F6DCF0842C245D675691
      SHA-256:D7DAE69B94170BE83BE6934723DEC0D150551F126CAF3D1731B090E93DFC0875
      SHA-512:3290C41B535BA9647922A4260982640766127296DD3653902CAB36780980D0E52DDCC2C89E0FAD88AC4D7D9C1C2EF2F02B2D12F29C7E4C38A9CD9FB2091FB0D5
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(.........................................(...................(...................(...................(...................(...................(...................(...............(...............(...............(...............(...............(...............(...............(...............(...............(...............(...............(...............(...............(.................(................(..................(....................(..(.....................(....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_top_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 2834 x 2834 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.243918729570719
      Encrypted:false
      SSDEEP:
      MD5:03E68EE839E1B8B0F980D4503CB485EF
      SHA1:8CA1EFC21F4F729B1DB014F5391D859BE0C2DE54
      SHA-256:A0AB0FD8BA9367C1D7A3A741DB15770EE189517BA1F0CA77885647B5B788D1B4
      SHA-512:D461A8C47F38A3D0EA79223A249F991EC85764D0D4CBEE3F8122371A5EC8986D536605DBD8762D11875E3E55CCDA4AB03CA227F796377ADDF22E51AAAA26C801
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(.........................................^...................^...................^...................^...................^...................^...................^...................^...................^...................^...................^...................^...................^...................^...................^...............^...............^...............^...............^...............^...................^................^....................^......................^..^.....................^....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_top_mid.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.335501233385113
      Encrypted:false
      SSDEEP:
      MD5:66F62AA97E82FEE2A22669F52575BDAB
      SHA1:A9ED8E9E2F1C02F740C81752C1C0F033C3878D84
      SHA-256:12D6DBA508489D718417AB9305053235057B2805D5E87AC8D82AD04CA425DC22
      SHA-512:960B86DA3890630936C93C4E17FD9F5F8C294229933BB2E6BDA4B7C253DD9651A3E06C6739076210844F4FC2746BC5519E90951749C03EE95EF24B34CBC2194C
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(................................................(...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_top_mid_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.364912998090995
      Encrypted:false
      SSDEEP:
      MD5:A92E3E9ECA9E37551CAE207FF69EFC28
      SHA1:43E295CD88207855508B8C223C8A605E5944EC72
      SHA-256:2FB80798587AB9FA4D0518B134701FA315903ED1CE83B813F0A312AD5A9EE5C2
      SHA-512:9C759E5649993785BC9E85A94A28FFCE9BF3B2743EE0C1624898C0E40FDA72EFF9887EED56E453EF9C353CFC41A21AB5CD03B7699DA21F3C2973BED091F82D25
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(................................................^...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_top_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 2834 x 2834 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.480863319745279
      Encrypted:false
      SSDEEP:
      MD5:F0CE2E9B02EB90EC534698B5EE9CE313
      SHA1:D1F0C584AB6A20A8F898DD6DC48C88EBDB5F4CC9
      SHA-256:DD7BB7B2EA72D59CA4AC28B6DA40C9045631178B676041F655343179C918DE3F
      SHA-512:01A2A34AAACC44B26F209C3B306E2E77C04DC6985BA9538C7CB3DA75EA07630DA7C7D6A9E042D6DA20CC5F32DAF9A242C170BF9DD35DAEEDB35501E4CFAC106C
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(.......................................................(..................(..................(..................(..................(..................(..............(..............(..............(..............(..............(..............(..............(..............(..............(..............(..............(..............(..............(.............(............(..............(.............(............(..(.............(...................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\frame_top_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 2834 x 2834 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.246527223845457
      Encrypted:false
      SSDEEP:
      MD5:E3059CA6004C76DF0DEA2CC15900CE64
      SHA1:786432999DB7C054FF47281EAB7518A41518E320
      SHA-256:30E62CA2F00FE86C3A57F5FDD1D7CBF464CF1CDAC173AF9CB8CFDADD6D495315
      SHA-512:3DD85624389206C3D1278E52E6042C80F61746B543DB2029ED1EFB89FF371F9F9191D3E83C5B831855E20408967B56A2CE4A1AE2E17E1FD25E42FB43E985EC23
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(.......................................................^..................^..................^..................^..................^..................^..................^..................^..................^..................^..................^..................^..................^..................^..............^..............^..............^..............^..............^...............^............^................^...............^...........^..^.............^...................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\glassbackgroundsmall.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 1479 x 34, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):5802
      Entropy (8bit):7.765148813500255
      Encrypted:false
      SSDEEP:
      MD5:CE1BCD853509D451EEF57B8F2B9FE3D7
      SHA1:3EE660D8E45D706AF617063E5F98D0B6D6B1DA04
      SHA-256:D1DA4F87FAA0CD9B90D400D6276C45C77599326F4F813C625B88811153CE1DEC
      SHA-512:55A5284BD87A16443793CC5CA0838DF5D4A5E6BD24F7B32C6B9F853A76BA6C569807C2AD3A78C08F5E1E922D63C8271B2E5D63A4BE6BF3FAC4BDA81DEE8F3DBD
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......".......a.....tEXtSoftware.Adobe ImageReadyq.e<...LIDATx..y.].}..wy.2..>o...3.1.....I1M.R.J..4.T&i.&)i.V..*R.....E...E.#..c..Y..p.c.3.../...........x...P........k....{..j.s.2.....d6....E..x.t.@...?.iE0tY.w".Pm...9/.P.(..kio.......ei8..1iP....E7.....`.LgR.b.YJ.S..c..z..2..1..Qn....hv..........s......T./..+M...@......G..49......... ._&M...r.(............cR.~O.<....].......a9a&....q..Rdr...N]'.. w.LMl.^.mn.xi....x..Z.E..8y5..vI..e..L..1).KjLB.....K........Ba.5....M..d,.\4...h.J.......2A..7....=..b.t].~.dR.L.c.........l..........bb|5.v}fu.|.,.$.!.T....w..2i..L.s{..(..&......}`.M}......^F.D.....c.....4,.......NL.# \...--.4.kH..!.4...87/.6.........^?.....K).*.hpv....../...................jA+k...6..J^./....6.5./.6.^...x!&ku.k....K*......._Qe\..~.x.\........1..Wn.M[.m|.s...wg;..L................ax.?..x..^b...;...\ ].c.i.......\.].;F..s....2..eJ........#..-.....f,..+.Mj......i:0z..5.P./HoNOP..KkBM..[.mi.(.#...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\rtlo-glassbackgroundsmall.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 1479 x 34, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):6759
      Entropy (8bit):7.738483582069275
      Encrypted:false
      SSDEEP:
      MD5:D9CFA50DC4E22FA924013801326FEF31
      SHA1:05F6ED538D57B78661FD644C32D2535AC453991F
      SHA-256:D5793DF128C27E5E505E8BFBDBF8150F00D400674F6598D7C67E829E7A745D4A
      SHA-512:3A1B70B9933AF5ED8F7A12A1D4103ECDF37131BA86412C8680BD6EDC4347B428C0012A6ED197725CFCAFAC7B1B6248E3B49934E2434623DFDDB9B415554381A9
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......".......a.....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c138 79.159824, 2016/09/14-01:09:01 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:0293da29-633d-2346-8f9e-f65921cf73d2" xmpMM:DocumentID="xmp.did:7544EBCAB33111E7B51AD0086B5ED28E" xmpMM:InstanceID="xmp.iid:7544EBC9B33111E7B51AD0086B5ED28E" xmp:CreatorTool="Adobe Photoshop CC 2017 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:cf03ecaf-ecfd-ea43-b162-e2fd34659ad4" stRef:documentID="adobe:docid:photoshop:6d55f0c3-b331-11e7-b23c-c198a1a9cc52"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......yIDATx..i.\.u.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\sys_min_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 21 x 17 x 24, image size 1090, resolution 3779 x 3779 px/m, cbSize 1144, bits offset 54
      Category:dropped
      Size (bytes):1144
      Entropy (8bit):4.171558624524794
      Encrypted:false
      SSDEEP:
      MD5:30250C5CA80A514FD4AE85B0808E55E7
      SHA1:C53078B0A1A48DE22CB31B21A29D214A647BAF1C
      SHA-256:25B2402F064F3288C784CF30765F8A2584F4F0FAB1E552D89888929506BCA6F2
      SHA-512:C66A97D9983EF9D85A1150AD7D3AFBF11B198E69EB8008FF5EF41DFB7E976D05529ABC541C855D7D201878F9499C5AB6AACBC719B02BAA7B9138BD704E46B1BD
      Malicious:false
      Reputation:low
      Preview:BMx.......6...(...................B...........................j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j............j....................................c......j........................................c...c........................................c...`........................................`...]...................................................]...Z.........................................Z...V.........................................V...R...................................................R...N...................................................N...K........................................K...G........................................G...D........................................D..:........................................A..:................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\sys_min_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 21 x 17 x 24, image size 1090, resolution 3779 x 3779 px/m, cbSize 1144, bits offset 54
      Category:dropped
      Size (bytes):1144
      Entropy (8bit):3.746215715900608
      Encrypted:false
      SSDEEP:
      MD5:03E17F3F457C0708D5401CBFCFC8D5B6
      SHA1:D2935E3406A947D468F19F48CFC55F6810D01533
      SHA-256:1EB61AE086FB4FBECED08BBE8D6488BDEA7FE54024D86256F66259FA4A4D0B86
      SHA-512:28F52AAC3F8947CAB92C191DE27E4C666526BB14C87B8E3098D04870C33AC7693551D6E093807C1B1C9685FBC1A1F74D86B0D654C8C77F8E71E778D47D5D4133
      Malicious:false
      Reputation:low
      Preview:BMx.......6...(...................B...........................j..i..i..i..i..i..i..i..i..i..i..i..i..i..i..i..j............j.....................................................c......j...........................................................c...h...........................................................a...e...........................................................^...c...........................................................[..._.................................................W...\.................................................T...X...........................................................P...U...........................................................M...R...........................................................I...O...........................................................F...L...........................................................C..:...........................................................@..:...............................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\sys_min_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 21 x 17 x 24, image size 1090, resolution 3779 x 3779 px/m, cbSize 1144, bits offset 54
      Category:dropped
      Size (bytes):1144
      Entropy (8bit):1.856224103642736
      Encrypted:false
      SSDEEP:
      MD5:675B7F3216C4532E36305B4A17A3CCA9
      SHA1:42683930708039927D5B1259328CFA269C0662F3
      SHA-256:918D51CA0AEF02E6435926811BDAE99C708E256B23FCCE00A9DEB1B14A301E8A
      SHA-512:39C30505B5FD1B6A709D4ED54DF66606435134C6EAB54B79B70552CAF8E03D1811E6ABB9A2C86FB4247E82DFAE0CB34B9512630185EB32E215CCB9AECC3B0837
      Malicious:false
      Reputation:low
      Preview:BMx.......6...(...................B....................................................................................................................................................................................................................................................................................................................................................................D..D..D..D..D..D..D..D..D..D..D.................................D............................D.................................D............................D.................................D.............................D.................................D..D..D..D..D..D..D..D..D..D..D..................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\breeze\sys_min_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 21 x 17 x 24, image size 1090, resolution 3779 x 3779 px/m, cbSize 1144, bits offset 54
      Category:dropped
      Size (bytes):1144
      Entropy (8bit):1.856224103642736
      Encrypted:false
      SSDEEP:
      MD5:0950A90974F51806A9A04055A6E45741
      SHA1:6BD8450911CD6166141F9B37BB242A75939EC3D4
      SHA-256:19F95D2180EF1E90ED3C40EA7AA8266EB0D45F4858E00E2A941905EF1EA8D256
      SHA-512:6156B040812B370B7FCF89DB774AB90669D57C786C28DD573CBF34FFACA7D85F65FFFCD70EB16F4AE4522D79D2C68C40071B746196D8CB91DECE9719F7FFC7A3
      Malicious:false
      Reputation:low
      Preview:BMx.......6...(...................B...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_bottom_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.157808906358499
      Encrypted:false
      SSDEEP:
      MD5:6C77C04934681A0D7EF49B940E3775E8
      SHA1:9C26644CC8E0AD6FBD9CEE3B2154B5E7AB178B41
      SHA-256:0A720F81E6A5CE43F63B267D30C00F08EBD98AE12658A9223CB84E6F834F1025
      SHA-512:09A6384F31C78F8DDDD157754ED59866DB8CBB16854D5666656342AFC866232CF22D51F75437212CBA9D97BB8BB1FC8EA63C56E15B10E0A92D8A6B2B5885761A
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&..................................__.__.......__.........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_bottom_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.584569821596718
      Encrypted:false
      SSDEEP:
      MD5:B5858485E878C5F4E9739BCA8B426B56
      SHA1:A0EA45573EFD86A23F797C88DC379BE01E95B961
      SHA-256:96B81E0407CF6FC95F9F645EAC043BC0820640A3A4883B7EC4D2B01133EB9AB1
      SHA-512:C339DE0F6E398B16FF07103BC1BE4154466B7F93CBF237B61782D1F5AE85C33AC936AD709979754BC9668F771FD3412D5CB7D6E7F6CE4E23A2803711F534CD77
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&...................@@.@@.@@....@@.........@@....LL......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_bottom_mid.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.060689848147215
      Encrypted:false
      SSDEEP:
      MD5:960DD130E56FD66276D4CF84E7B0EF76
      SHA1:46CC96B6CEDD4178908EFBDF0BFDD022435914E9
      SHA-256:91A403759FE875AFFFA8A4482D2DB71CFB4CDA6C27FF89FABFCA7EC7EE55597E
      SHA-512:AA406727226D03EB02008C042E89DB68104FE9E76F01A151DAB64A75DBF92989ED6350277845161CCA4F60E0E71C14F07BE074F5D81892950CE6AEDC8FF32012
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(...........................................__........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_bottom_mid_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.2361646524709444
      Encrypted:false
      SSDEEP:
      MD5:57343FDECA310EFDBDC5542B81DFFDA8
      SHA1:387406FCCAB2B24DDF8E7F6E230BC2FB03D5BB88
      SHA-256:EF47E494CE688DE18F63797D27FB08D09289F8B050FF60D748E3CD2C4CD145B1
      SHA-512:3F40EEBEC2D0B7EFF2EB32FB8B93162926CA5045C781AC8BE018C87B680CDCC074DF9FDF8CA555398BE1BECEA9A71944922FADB685E05A62C6BE7BAE3BC9B580
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.......................................@@......LL....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_bottom_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.157808906358499
      Encrypted:false
      SSDEEP:
      MD5:B1480D2191752AC759AB297F4537C224
      SHA1:FECE8E491BA141404E075137712A7BAFFC8322D2
      SHA-256:4EDBF185D5CD04EF386CA7523E48C49E60CBAC0D416A06DC8D5C95A547C07981
      SHA-512:BB8A0163F6A82AE93B51BA100562286E3FA9567819CB7B557E8CEC8187CC45103681AB3681C2681CD15E4759B8FC7E08556B4F047A536822DD734EB51BF7A199
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&...............................__.__..........__.........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_bottom_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.584569821596718
      Encrypted:false
      SSDEEP:
      MD5:ED9E5EC801B4F99F57361FE3D5DB8A49
      SHA1:6340A3344ADCEEA1B5125FF190362FF320E73E5B
      SHA-256:5411ADF51FF31B8154335354DEA467EA4208D612A827EC3A7A45FCD7031AD5BD
      SHA-512:D6C59E926755ED40599654BBAC0CE411B639BCDCA6D227979249002291308EF27CA48074A68AAFABC47026A5EA4FD1DA526BF58F15E6C6EDB26A5347971A7E4A
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&...................@@.@@.@@.........@@....LL....@@......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_caption.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 3778 x 3778 px/m, cbSize 144, bits offset 54
      Category:dropped
      Size (bytes):144
      Entropy (8bit):4.136904949343952
      Encrypted:false
      SSDEEP:
      MD5:FDC93178C536513563982AB9816185B1
      SHA1:5215C7C31E2EC519298524BFC0D04F26BCA244D7
      SHA-256:8BF6AEB9EB604E567FCC1DEADF22AE2418C12F0C8B68A12AF536243F6BEF59A7
      SHA-512:85DC8FBD3DA4A27120C77ED5A6D9CA27F64D67923A18F7C1FD32BA787DD720F92EC2ED94EC8E404492153BB3AE00592322D347D391A6D7C090E100A53C010B33
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................Z....................................................... ..""..%%..''..**..--..//..22..44..66..88..::..<<....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_caption_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 3778 x 3778 px/m, cbSize 144, bits offset 54
      Category:dropped
      Size (bytes):144
      Entropy (8bit):4.047345248286732
      Encrypted:false
      SSDEEP:
      MD5:4215C16DFC46BBB5268D6D14FBA378E5
      SHA1:3BD4DD2D7FD78F2A3FF414BDC0C242D72A628256
      SHA-256:2DA8CD6D5EBC6B891CA088482D2D31ECC4D347ADC6C089210ADDCAB68D616C0C
      SHA-512:22580134544F2BE6D6FB1AD5C46CACE921D79236A5CBF54914BAF16C06EFEE13BF21CF6EA217719A3FE2A6E11E0F20EC06800DDFB4F218841CCB2F4C580A1246
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................Z...................LL..MM..MM..MM..NN..PP..QQ..SS..TT..VV..XX..YY..\\..^^..__..bb..cc..ee..gg..hh..jj..kk....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.060689848147215
      Encrypted:false
      SSDEEP:
      MD5:C249CA8B53D35AEA1C6ECE573C757A9C
      SHA1:2CE4D6D31730CA32A67B036A734055879456F188
      SHA-256:60100CADC4B8180A44EB125AC5D159853DC4C7A0A33D3336EDC366CEFA8ED45D
      SHA-512:5E8C7644089C35EB6F13F7DBB33B93F48222B5B3B703EEBE5107D5179CAD9FC23D4A2EF6A1A4A81677130F1DBBB7835567D9E454A8859F9F0DAC9492095BA372
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(..........................................__.........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.2361646524709444
      Encrypted:false
      SSDEEP:
      MD5:1E5D8CCDA4BF8A2FBA5ED5C03E286426
      SHA1:DA2928887DFB0454B2733EB09967DD14D3E67677
      SHA-256:E275E7715450931173DFC74DB01482F636FEE63AC84A46FF6AB23FA0B7E055D6
      SHA-512:6361CA9DF547D7A5A69E8C2C0A9B3B4417671E959FECD2966D485FC8B12F99D33BA889F11742C69AC41DDF0DDFCDEFCA5DF0800B2285247ED7550EF846D62D1B
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.......................................@@....LL......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.060689848147215
      Encrypted:false
      SSDEEP:
      MD5:FA65CA767641D052BD75F3761F9D2671
      SHA1:E3E3935AC2CBD5A94BEA69BD1EAE7538D8CF6F0B
      SHA-256:B4FAE1C4F4C9D15EBE9F47FABD7D6C091E734BC1996058E548492AB68BBBEA43
      SHA-512:DBCBF734485DFE9F5DCB5270550668ECFAEA74340B7C23F7B8025F4BF75323E18771CB867B2B248127A4E67ADA9DC082389126C4B0B58F692D3CEDA23E2D63CB
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(..........................................__.........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.2361646524709444
      Encrypted:false
      SSDEEP:
      MD5:C54B50FDD58DAF2183327D61C0BB242C
      SHA1:484977F00777A88FA2CC078F904EC290EF3A489C
      SHA-256:21B98EC0837CD66CBD8C860E824FAA02221929F6911ADC623184B30A0208145E
      SHA-512:179378C09B44D9F4AD9E195799033BF1C99957606347C2A47E04E76DCFF1BE1AB9171148CAE97AD869A9A6E962227E2CE4187587CAF07BACEE4BC09EF55D399E
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.......................................LL....@@......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_top_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3778 x 3778 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.4289751710769005
      Encrypted:false
      SSDEEP:
      MD5:2BCD9DC306FD74A796A067197761B181
      SHA1:B76D30218E67842FF191180A98B5B49276B12D6B
      SHA-256:075383E305200F3C898B3A05C17ECAAAD7217A731825B557B214C6DC4129D739
      SHA-512:D8976804DC233E7C719F3F5A5F7D0F3F518667B1F0CBA020C90BA7C706EA2B64F69940C47BAC2067512046E7E56AB7F7C99B0959CF1BA28C4BDE8010E504427D
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(..........................................__..................__..................__..................``..................aa..................bb..................cc..................ee..................ff..................gg..................ii."". . . ......kk.$$.""."".""......mm.''.%%.%%.%%......oo.**.((.((.((......pp.,,.**.**.**......rr.//.--.--.--......tt.11.//.//.//......vv.44.22.22.22......tt.99.44.44.44......gg.JJ.66.66.66.........yy.88.88.88.........qq.kk.::.::............pp.||.QQ..................hh.........................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_top_left.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 6 x 25, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):522
      Entropy (8bit):6.714921291696189
      Encrypted:false
      SSDEEP:
      MD5:D9F5C0CAAA6B87B2CBBA78146312627B
      SHA1:D6F13827056AAEE4C324A2A2F39A5B38657CDCA2
      SHA-256:CDEC8524BA315492AD7CE3FDCB3B7FC347602722BBE2711F1FB33AD7EAD3C157
      SHA-512:F0DCD62FE06DCA35A6E907ED347CC73B33B8AECE506553977200624249687FDA8C0E368CD317ADF1EBE6C56E220B95F567A51C8682443EFCAC6CE3FF646CF9DE
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............%..4....tEXtSoftware.Adobe ImageReadyq.e<....PLTE................**....88."".66.//. .__.22.%%.((..........--....44.::....gg.``.hh.ff.aa.............vv.......mm.rr.ii.QQ.ee."".qq.''.||.44.yy.$$.11.//....99....oo.,,.kk.JJ.kk.**.tt.pp.cc.bb.pp.tt.gg.....|q...CtRNS...................................................................Ab......IDATx.D.E..@......pww...Q...!...Urx.dL.i..0...'..M...s.u.m...(..v.4......7.<..K.4a0v..J.0......FMEQ...B..%.2.A.@...:...$.....`....x........IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_top_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3778 x 3778 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.58404097412126
      Encrypted:false
      SSDEEP:
      MD5:E8A9BEA91063BB28207ED6A42FE2A696
      SHA1:617308B601B708C6853C73BC22CC9AE1CBD59CDA
      SHA-256:0A01C437777B32EC52F1D1E2ED990A4DE7C8631FD6C7F3C37849B19DAC499A06
      SHA-512:EDC64D83C69A4F5DAD4CF44902A135D1FB26869FA2808DBEFB84A69979B56684AB3C27D2BF9F2E31EF078844E63A10C69D1834EB5F2AE3B3D3875E00EF45BA7A
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(.......................................@@....MM.LL.LL.LL...@@....NN.MM.MM.MM...@@....NN.MM.MM.MM...@@....OO.MM.MM.MM...@@....PP.NN.NN.NN...@@....QQ.PP.PP.PP...@@....SS.QQ.QQ.QQ...@@....TT.SS.SS.SS...@@....VV.TT.TT.TT...@@....WW.VV.VV.VV...@@....YY.XX.XX.XX...@@....[[.YY.YY.YY...@@....]].\\.\\.\\...@@....__.^^.^^.^^...@@....aa.__.__.__...@@....cc.bb.bb.bb...@@....ee.cc.cc.cc...@@....gg.ee.ee.ee...@@....kk.gg.gg.gg...@@....ww.hh.hh.hh......@@....jj.jj.jj......@@.....kk.kk.........@@.....}}............@@.@@.....................@@.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_top_mid.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.060689848147215
      Encrypted:false
      SSDEEP:
      MD5:8518E5EC86BCF179BEBE4FC643A5FBDA
      SHA1:B3F08D09BFE130481FD9E378A5802CCBD253336C
      SHA-256:5BD18625689E370C863CA0BD7500C37A83551783BB9DA9D5CF749A58CCD2E1AF
      SHA-512:233A18457C34177AB5FAF8AF9EADD1FFDB163E4B4C7AE7692F7E2B8BEE785156181BBBBCA13C53D5D77EA777EC4099B0287778CC110742B6F6E68663D8F03D4A
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.......................................>>..~~........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_top_mid_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.2361646524709444
      Encrypted:false
      SSDEEP:
      MD5:2C80692448B953E04F1D49241655612E
      SHA1:484BCE85C550759ED2FAAF13B5EE1D0894BED24B
      SHA-256:C6BBE9BD2ABC5D93718C135AD2CC4A9241E21B0A5E79D20DC33613606F7BB298
      SHA-512:9EB24A1E3FE5BF8C816CA0A447BCB663B725B83C6E393F2C18A5A694730F4B5ED2403B0E03AFBB65F874150D62A33CF5873592E96941672A2DA701D0E7DB7129
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.......................................nn......@@....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_top_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3778 x 3778 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.424020337439916
      Encrypted:false
      SSDEEP:
      MD5:9C705985BDB76AB1C13FCB5DF1B4DBF8
      SHA1:86BC54F5BEF2CEF4B31B068851EEA1F5C0B800CE
      SHA-256:36A6B40379F8D12DDBE1249FB8574063521ACF36B5B23723C9F317EDF79E62AC
      SHA-512:2098BE6BBA3D6F84F7D2A4DA00F64460A996E4E29BECBE2AC5BD2144551AED84B0F1D4E7B5D17E41EA40AC88C2278D6CD46EC11D6843E5B794A04DFB3B906898
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(...................................................__..................__..................__..................``..................aa..................bb..................cc..................ee..................ff..................gg...... . . ."".ii......"".""."".$$.kk......%%.%%.%%.''.mm......((.((.((.**.oo......**.**.**.,,.pp......--.--.--.//.rr......//.//.//.11.tt......22.22.22.44.vv......44.44.44.99.tt......66.66.66.JJ.gg......88.88.88.zz.........::.::.mm.nn.........LL.||.mm............ff........................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_top_right.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 6 x 25, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):522
      Entropy (8bit):6.67070831868136
      Encrypted:false
      SSDEEP:
      MD5:ECD5D7D7792EDDF510402ED347AB339A
      SHA1:F9D7480AED1F88E5AB708D7106003648601FFCB9
      SHA-256:307A8C9F1DC89766718D15E3296899DBE351D585E6164CFEC9710BDD0606CDD9
      SHA-512:56D2A03747D19623C02FAE86D124246A130D748669C67574329747794FCAEF17F3A367420DF42AAE300905C409B9A854323CAC80E16FC32F09E1E41A52FA1388
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............%..4....tEXtSoftware.Adobe ImageReadyq.e<....PLTE.............66............."".//....**. .--....__.22.%%.88.44.((.::....tt.44.$$.rr.mm.gg....cc.99.kk.......ii.ee.11.||.mm.,,.tt....//....aa.zz.''.``....oo.LL.pp."".JJ.nn....mm.vv.ff.ff.gg....**.bb..........CtRNS...................................................................Ab......IDATx.<.C.......m.Mm........B^.r8......BN.E..Y../..S. .jw0Ms4..u...m{z.$I>{..p3..0.]p..4....-P.e..I..CPU...(../X.u]..i.-..P......0....x..^R....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\frame_top_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3778 x 3778 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.56198222860599
      Encrypted:false
      SSDEEP:
      MD5:956AB46E3AD191B97BE4F0CE166687C4
      SHA1:647EDE5C947B400A492E9DF00C6EFCCDF6370B43
      SHA-256:C7B7AC092FB5FC2F259C543E2B8261B4AF8A10153EE4ECD306C4AEF8DE63EE2C
      SHA-512:C33AC79E326AFBED986BA0B7E1A98BDE4569A104590F8E754E1ECD58955EDE2063DEDFF284BCACA9ED160DE9FFDD44A17B22B0CEC61545EC3933360ADB06AAC4
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(.......................................LL.LL.LL.MM....@@...MM.MM.MM.NN....@@...MM.MM.MM.NN....@@...MM.MM.MM.OO....@@...NN.NN.NN.PP....@@...PP.PP.PP.QQ....@@...QQ.QQ.QQ.SS....@@...SS.SS.SS.TT....@@...TT.TT.TT.VV....@@...VV.VV.VV.WW....@@...XX.XX.XX.YY....@@...YY.YY.YY.[[....@@...\\.\\.\\.]]....@@...^^.^^.^^.__...@@...__.__.__.aa...@@...bb.bb.bb.cc...@@...cc.cc.cc.ee...@@...ee.ee.ee.gg...@@...gg.gg.gg.kk...@@...hh.hh.hh.ww...@@...jj.jj.jj...@@......kk.kk....@@......yy....@@............@@.@@............@@....................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\sys_close_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.56306942512882
      Encrypted:false
      SSDEEP:
      MD5:7F8A23A61920D39CC9F7DF8FBB3405C5
      SHA1:CA64B3D3DA4D1D13D1BD73D4C9011E95DDC0B5AA
      SHA-256:82798E450E809C2CC15BCA44E47EAC704E102CB96F2C485D9D4518C45FC61A7F
      SHA-512:C6DA6730E775223B3358F31F84C7109A8082ED0698F8457E52F46E83480F43D5CA69C57A0E12BAEB8AA71CFD15060427927FB26578BBE380E201C011FF27E69F
      Malicious:false
      Reputation:low
      Preview:BM........6...(..............................................................................................................................hc...............................................hc.......................................................................................................................................................................................................................................................................................................ZZ....]]...............................................................................cc................................................................................................................................................................EE..........99...........................................yy.yy.yy.yy.yy.yy.yy.KK......................TT.yy.yy.yy.yy.yy.yy.yy................yy.yy.yy.yy.yy.yy.WW.............]].............dd.yy.yy.yy.yy.yy.yy................yy.yy.yy.yy.yy.x

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\brown\sys_min_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.2597464178435995
      Encrypted:false
      SSDEEP:
      MD5:1F70C50AEEFBA8A236E013C4B2A2A22B
      SHA1:886BC359EEE245D9CBA173D171C8FCE7F6793A13
      SHA-256:8698A945D881A10822987178B174D756030F5C77A583B3AE86395DB46BD26007
      SHA-512:FEF315FE1EF40B98A1AB16C759ABEDFB176C9064F35FED08FDD7EC64A1701C2A2A7015BD6D9C7F45C27B6434884DCEBE3B2EF96805BFB600A0C144DA0FF8CD7E
      Malicious:false
      Reputation:low
      Preview:BM........6...(........................................................................................................................................................................................................................................................................................................y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..............tj.tj.tj.tj.tj.tj777777777777777777777777777777777.tj.tj.tj.tj.tj.tj..............od[od[od[od[od[od[777...........................777od[od[od[od[od[od[...............]SL]SL]SL]SL]SL]SL777...........................777]SL]SL]SL]SL]SL]SL...............ME>ME>ME>ME>ME>ME>777...........................777ME>ME>ME>ME>ME>ME>...............?82?82?82?82?82?82777777777777777777777777777777777?82?82?82?82?82?82....................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_bottom_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 2834 x 2834 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):1.760363864830902
      Encrypted:false
      SSDEEP:
      MD5:102B830A1E50447EDEDAF1A36F866E00
      SHA1:E0F1DE220370BC930C704D1AEDC9363F3531D80C
      SHA-256:5E5C40215A435ABD3C6A0A8679C6C477868B86B4A1571C153279124AB0ACAF2D
      SHA-512:3E688448E159D5E9BB40075ADFACA43159700545B27ACFB3F9606095A2BBD1736C2CEF2D19903919B88937AEDB02C28A179E8CA29D21BD41C629F022E64B7DE6
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&..................................rrrrrr......rrr........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_bottom_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 2834 x 2834 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.31506995725464
      Encrypted:false
      SSDEEP:
      MD5:07400E7B67D4A585B41530648B5B4EF1
      SHA1:8FFFBC021CE4659A17A0C30296E6083B66811CE6
      SHA-256:A1E46C0A690E2859BF869B10124A7BBE6C43B8A843BFDBF3DA401A8F1B4AC6C4
      SHA-512:FB285342DF0A8810EEA9D84E91AF65247AEA191EB78047B4B51D0B479997134FB32CCABE76FBFE59737BD07B8CA65619D4FE1AAECCF2B4603087DFF24AABAC33
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&...................;;;;;;;;;...;;;.........;;;...===.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_bottom_mid.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):1.9170514436188326
      Encrypted:false
      SSDEEP:
      MD5:346DA2DA4107676FFE6EC44BBC7F7835
      SHA1:CF878263FB1E2EAF3CB0FACBCEF1FF7CAC8561E3
      SHA-256:B98247D5A900D34095C14CF8DF395572901C9B1777E639AEC58B82257D4724E8
      SHA-512:4C6EF57C576F7E298A031032EA828C656B8D135A7E3338A4713A8C6549EE22780DACDD3368A1973E4C51531BE8176540F3849B3257A9BD20DD334714C8B91B10
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(...........................................rrr.###...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_bottom_mid_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.1551385494661366
      Encrypted:false
      SSDEEP:
      MD5:5D4FC1D475BC38DD3A71306E6B8FB2D3
      SHA1:653908F9EFA6583084E3927911F5FB81798EEAA9
      SHA-256:51B6C01D216533E3B0CCA54D575AC9ABEF8DA24F6B5749A653822ABDECFC674A
      SHA-512:A05B00F4736FE1844B043BCACA40934DC74D1D384EE3AAD1EE412C4489599F57A27A8D2929F05F5D17455B34690A626C5B0633EDC7DB9793D6E7300025C66F3F
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.......................................;;;.....VVV...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_bottom_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 2834 x 2834 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):1.760363864830902
      Encrypted:false
      SSDEEP:
      MD5:75084C2339942D0B6E56485F17EBEF35
      SHA1:E1F9DF7DC9054AFE86A24F1C79E800446BAF8DB3
      SHA-256:A9DD316E1AB4C4221BBC4283BEB42E2C7BE54DD46BE14E93AB59B536F18DE7A1
      SHA-512:5D944DB9AB24A6E29EE60BD364008021BF291A7FE18ACE223BAE2F77DAC4A60B786ACEB6C8FB88B0113B3AAEDDE2531EDE2E6CE7A31FC34EF0ADAF545F0C14F5
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&...............................rrrrrr.........rrr........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_caption.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 2834 x 2834 px/m, cbSize 144, bits offset 54
      Category:dropped
      Size (bytes):144
      Entropy (8bit):3.9995824666299424
      Encrypted:false
      SSDEEP:
      MD5:CD42507440529A364EE921B9A9A3086F
      SHA1:F69461D1438B5761E93A491410C0B52E97847040
      SHA-256:03907C72CD080966523C6C7D6AD508B85E985BF8B77D32C0C603142A46B67305
      SHA-512:13254C2A53326E00CDB7C88164EEA55982E9FF53CF388B581BE8A322A3C863DF7DCA73F4DA15BBA3B7EFDD9794FE8D13F78D78FF46FB68D7CAB48AC82D5325DA
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................Z...........................&&&.))).--,.00/.333.776.<<;.@@>.DDB.IIG.MMK.QQO.UUR.YYW.]]Z.aa^.eea.hhd.kkg.mmj...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_caption_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 2834 x 2834 px/m, cbSize 144, bits offset 54
      Category:dropped
      Size (bytes):144
      Entropy (8bit):4.04124913329661
      Encrypted:false
      SSDEEP:
      MD5:75A1C02686CCEB0C3EA463A5A0F187BD
      SHA1:B27803E2CA460ABABAEA6F28C6E829C0A9D731CF
      SHA-256:4FA56B6D2E0EDF3C71382B13167A84315CA3771D8E50B85B135CBC7D35E7B306
      SHA-512:74383057ED7F3FB40DDC65C97A9392E9AEC543D2E861A610A37D128A9C94CF4AC5FE8D7C0306C1304C9C344EC2439FB0DCCCDAC34E4852534935A9E8B5B0ABFC
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................Z...................DDD.PPQ.XXX.[[[.^^].``_.bbb.eee.iih.llk.oon.ssr.vvu.yyx.||z...~...........................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.1551385494661366
      Encrypted:false
      SSDEEP:
      MD5:B1DA5FCE8B98369D659E8FF903157559
      SHA1:803D3EF9DEB041EDB6EDE470A5CF1BC6C066BCCE
      SHA-256:E0357EE018F341D7C5E41F8FDE135BF44A772164F81F1F5B6AD13522571D63AB
      SHA-512:B4838E7FC84F84ACCEB2B5C420848E91CA14DE2D39BC9537EB578883C32B622301B8DA71F969B603C6ECB2BC84FD33DC9E9F9D1C391D5C9A584A71F1985EB441
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.......................................;;;...===.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):1.8693292010035893
      Encrypted:false
      SSDEEP:
      MD5:69EA35E636A1B884F0CF68673E63EC3F
      SHA1:34FDE6AFBC1C3001B28C07678CDD9FFAEC6BD07E
      SHA-256:C0AA33DED3BDF156E4A898B73F155A4EE8A87808D84B1D7DB4BC4F7167CCD74E
      SHA-512:2959192FBCE61EB14D49B0645E0D842F8CE32105B281EC6E9790A52AAC2727142147CD7CDE848AF264BED01170216D382969831E73DF16EA93B13EF0D01F0C86
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(..........................................rrr........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_top_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 2834 x 2834 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):4.957545309497032
      Encrypted:false
      SSDEEP:
      MD5:072FC5FF3B911B5F3D7C4FAFC86D3597
      SHA1:DA65D9709F39330E9AFD45FA984676EA22FF662D
      SHA-256:6E18625CE48D5C32146A149331AA3B68B03D06F0B681A6C5EBDF341A2C2448B1
      SHA-512:ACF9AD8311C691981E719FEB0FBAA453F88C1BEC0EDC51551F432AA3987B25D3238512FA4E06CEB50C306D49533293ABAD5CAA8EC4E60874DFF57D6C68864BE0
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(..........................................yyy........................................&&&&&&&&&&&&........))))))))))))........--,--,--,--,........00/00/00/00/........333333333333........776776776776........<<;<<;<<;<<;........@@>@@>@@>@@>........DDBDDBDDBDDB........IIGIIGIIGIIG........MMKMMKMMKMMK........QQOQQOQQOQQO........UURUURUURUUR........YYWYYWYYWYYW........]]Z]]Z]]Z]]Z........aa^aa^aa^aa^........eeaeeaeeaeea........yyvhhdhhdhhd...........kkgkkgkkg...........yyvmmjmmj.................yyv............................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_top_left.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 6 x 25, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):305
      Entropy (8bit):6.660165612928804
      Encrypted:false
      SSDEEP:
      MD5:6D75CB9BC0460F32AA6C4C0E0EDBEBF5
      SHA1:2AD957279A0389C9BAD115FC0312265C4CC1095F
      SHA-256:F7E17D39C31C90287CA623B51D44383852516E67B5018354CD2BE3E281290EB8
      SHA-512:2436CFB81B56CFF74F0AA95C444235C3997AF2A9A3ADEFDC58CB72ED42495FA0440784B0871C7C7F47D3D222F02A815322743BFA18C6F43175B8EC8684B147C5
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR..............L_.....sRGB.........pHYs...........~.....tIME......;.n.d....tEXtComment.Created with GIMPW.......IDAT(.....0....G..G....s.....a...M...n...............m9.P.5.1t.. Tu......3^..8M.^...4t."". ......@U...@...9CTq)....T...;a..E2../....ll.@6<kl..kY~...<.1.o.).....H....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_top_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 2834 x 2834 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.425032206631185
      Encrypted:false
      SSDEEP:
      MD5:AE3A8F5391F0C63EDDC03C1A53A174F8
      SHA1:992CC2BCEE10F3405DDE5E508A6EDC668E598FC0
      SHA-256:E529E44C0AAB462C6918CB873C11928306EBEC74ACA2212B58448AE426398E21
      SHA-512:E06D3A4A6074CB9174FC3841DBEA2ED03705CA153E8FE367DD7456A0EB074E7193337C70E7D7856FA701AB6DA9267C44BCAD3F07BDCEC155656F3A1D33CA9C1D
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(.......................................;;;...GGGDDDDDDDDD..;;;...QQRPPQPPQPPQ..;;;...ZZZXXXXXXXXX..;;;...\\\[[[[[[[[[..;;;...__^^^]^^]^^]..;;;...aaa``_``_``_..;;;...dddbbbbbbbbb..;;;...ggfeeeeeeeee..;;;...kkjiihiihiih..;;;...nnlllkllkllk..;;;...qqooonoonoon..;;;...uusssrssrssr..;;;...xxvvvuvvuvvu..;;;...{{yyyxyyxyyx..;;;...~~|||z||z||z..;;;........~..~..~..;;;.................;;;.................;;;.................;;;....................;;;................;;;....................;;;...................;;;;;;....................;;;....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_top_mid.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):1.9980775466236402
      Encrypted:false
      SSDEEP:
      MD5:C63A2141A96192FB386BDF5C2594946C
      SHA1:71C5897139EF7CB569CAE54D4BB21042CEFDC6C6
      SHA-256:841D62EBF08165203F8B9AEEE3817517C24DDB09863D442535790FB3EAE35D9B
      SHA-512:A03CC269FFC53CC96986253F84314C69C10FB1C091DF2D2DCC30CFB9C3A2DE67E67930FBB1A7942A58856495C418882E186ED525A52F6E3F38202D94A478867D
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.......................................rrn...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_top_mid_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 2834 x 2834 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.2361646524709444
      Encrypted:false
      SSDEEP:
      MD5:3944011DC767B4F9E8B36567F9005A55
      SHA1:ADC19A1F36100F788E7269022C329B46C3C007F4
      SHA-256:EFF6E45A5F4B95B907DDD1B4B5FF6881DD5A1A6292E2137D7A35A3B785E6179C
      SHA-512:0B0A664EFBFEFDA0B8D58BE3F09758BD17ABF15906FA320804F51521E2BE9909F770548C80004FE7D3C3EDA0C04717E7F462EEDDB06BD9713E1FE9B634EC7C54
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(...............................................;;;...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_top_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 2834 x 2834 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.17968945290999
      Encrypted:false
      SSDEEP:
      MD5:35EEDCE8C636B3F896C17615A85B7104
      SHA1:63B9EADF7C7A9600B5CBE660BC0BC4E59FC1E105
      SHA-256:9333152964D37B87D2DAC8951BE1B53C83A018B33567DAC7FC2C4CC946314F9A
      SHA-512:A4F33150608961C7B8B94A42003A44086C4190E82C45CBCA17801C339605E1368A01A30417CBC6D3F1E61BEA5B27C77E347F3C4536D4039871D3B0C0A34D170F
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(...................................................yyy.........................&&&&&&&&&(((........)))))))))+++........--,--,--,//.........00/00/00/221........333333333555........776776776998........<<;<<;<<;>>=........@@>@@>@@>BB@........DDBDDBDDBFFD........IIGIIGIIGKKI........MMKMMKMMKOOM........QQOQQOQQOSSQ........UURUURUURWWT........YYWYYWYYW[[Y........]]Z]]Z]]Z__\........aa^aa^aa^cc`........eeaeeaeeaggc........hhdhhdhhdyyv........kkgkkgkkg...........mmjmmjyyv...........yyv...........................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_top_right.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 6 x 25, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):327
      Entropy (8bit):6.72333858679815
      Encrypted:false
      SSDEEP:
      MD5:6EAD2190223F298E662941931184BAE4
      SHA1:23F7CEC1C8285E714956E7DDB87A75EB3B056756
      SHA-256:5F0035C9E1F52D0D9AC1F15A498C9733EA62CEB1FC39E20B783DB068BB89E003
      SHA-512:6FD2E99E49EA7517E85B1C4F6A6C7C6426E873B689D7526B0540D3437D208CEEAE7E006A6E8CCC775091A50F73E609CE0D448BCE4924DFDDD2E4A2EE41E368CD
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR..............L_.....sRGB.........pHYs...........~.....tIME.......oxU.....tEXtComment.Created with GIMPW.......IDAT(.....@.E........"~...L/~..H"!..X......:s.]....~O.G.r<.Xo.,.K.P.,..E\.....9....|.G.*.=.1....BU.nI.5...u.L..z.D..$....P_..:t....?.o.W.....'...1...z.[.5.y>.,.7..i.. .(..^....H......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\frame_top_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 2834 x 2834 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.425032206631185
      Encrypted:false
      SSDEEP:
      MD5:B538B3E78DC0C399C05D7F012ECF2745
      SHA1:85FBBD42A2461A03E159B1FDE488F6EFE11BFF7C
      SHA-256:A0A28EF15F5A8D94B3D494293067E71550B4284EEA4B744939B2546FD8A41120
      SHA-512:2BE673E876FD02600537783AA4825EA8CD2BC1B604E679801B67EE310A7E72F1E8F9AD9FE0720FCA3EB8C80700925106A726D97C6BEA22E8C22610813662D231
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(.......................................DDDDDDDDDGGG...;;;..PPQPPQPPQQQR...;;;..XXXXXXXXXZZZ...;;;..[[[[[[[[[\\\...;;;..^^]^^]^^]__^...;;;..``_``_``_aaa...;;;..bbbbbbbbbddd...;;;..eeeeeeeeeggf...;;;..iihiihiihkkj...;;;..llkllkllknnl...;;;..oonoonoonqqo...;;;..ssrssrssruus...;;;..vvuvvuvvuxxv...;;;..yyxyyxyyx{{y...;;;..||z||z||z~~|...;;;....~..~..~......;;;.................;;;.................;;;.................;;;.................;;;..............;;;.................;;;.............;;;...........;;;;;;...........;;;...................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\sys_min_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.220533641524031
      Encrypted:false
      SSDEEP:
      MD5:238FE88F33D18EEBCA29088792B02C19
      SHA1:0ED376FD4AFAB94BBB4A519066989E9A7A2120E1
      SHA-256:D02A2FF8CD13CEE00C168601543560641276E0BF16BE9B358AA993B551AE62EE
      SHA-512:2ABD4423B3FD6309C014A504E731E83E06D4083F05D6CD72380A111CBD341F9ED512DCD4C6DFB0067FB152EDFC3AD2B148721EC1B7A8D520D6EFBCDE3DA1C807
      Malicious:false
      Reputation:low
      Preview:BM........6...(...............................................................................................................................................................................................k..k..k..k..k..k..k..k..k..k..k..k..k..k..k..k..k..k..k..k..k..k..k..............o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^.o^..............l_Pl_Pl_Pl_Pl_Pl_P.................................l_Pl_Pl_Pl_Pl_Pl_P...............YNAYNAYNAYNAYNAYNA.................................YNAYNAYNAYNAYNAYNA...............G>3G>3G>3G>3G>3G>3.................................G>3G>3G>3G>3G>3G>3...............6/&6/&6/&6/&6/&6/&.................................6/&6/&6/&6/&6/&6/&...............(".(".(".(".(".("..................................(".(".(".(".(".("....................................................................................................~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~.................}..}..}..}..}.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\sys_min_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.6969446886921262
      Encrypted:false
      SSDEEP:
      MD5:3B8312686525129A9991F199F1717CCF
      SHA1:8D88C8560E8804BF26C6D314D3F3EF55D84CF18C
      SHA-256:0F1A756FE848CCFDACCA997ECA00048115C7953DA7202F6FCEEE394526EE9BF9
      SHA-512:884F57ACF0B1532E658EA26A987736243888A9BBE80A9CCF26D7ED064AA5653AE492868953A2717D98D94E9F949DA81A5852F6EF01D1616E9FEED05DF64BDAC5
      Malicious:false
      Reputation:low
      Preview:BM........6...(................................................................................................................................................................................................................................................................................................................................................................................................................yo.yo.yo.yo.yo.yo.yo.yo.yo.yo.yo....................................................yo...........................yo....................................................yo...........................yo....................................................yo............................yo....................................................yo.yo.yo.yo.yo.yo.yo.yo.yo.yo.yo.........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\chrome\sys_min_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.6969446886921262
      Encrypted:false
      SSDEEP:
      MD5:568095B08967463C2F514166C59BB397
      SHA1:6B4D49F11AFED6D7DE4868B161FE94FA9E4267B6
      SHA-256:13E416892CDD3EDA7671BB9F7C57E89919EF366ED2A0B4F6D33FE1A352B1C079
      SHA-512:0360AA5624632F80B43FDA800D6F0E75F8B60DCF6CD70157144AAFEF7F4D2AF31149BAC0E6B5C031FE475F8A68871AEBEABE205AC635E7663B2D37A960841BF6
      Malicious:false
      Reputation:low
      Preview:BM........6...(...............................................................................................................................................................................................................................................................................................................................................................................................................SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9...................................................SG9...........................SG9...................................................SG9...........................SG9...................................................SG9...........................SG9...................................................SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9.........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\aquamarine\sys_close_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.883333978859407
      Encrypted:false
      SSDEEP:
      MD5:5BFC8A6EBE0F7869E5C22D15D90A9EC7
      SHA1:66F25770F94FF5B865C75D9E09D78A443157033B
      SHA-256:0FC2CCE7F1EBA09245A0C05B25555A438749557B6895C7CE233B29DDFA52E8FF
      SHA-512:E434F924747B16B3D847DF29A26B71A2B88D85116563B3C51C9E999562FBDD575AA9CDF99E51A0F7DA3F73260222A94C5B4E1210B98244DF66CD9412815E2E97
      Malicious:false
      Reputation:low
      Preview:BM........6...(........................................................................................................................................................................................................................................................................................................................................................_..)........7....7......../..e...........................i..i..i..i..i..h.............[../..^.........&..i..i..i..i..i..i..............N..N..N..N..N..N..8..............d............<..N..N..N..N..N..N..............5..5..5..5..5..5..5..!......................$..5..5..5..5..5..5..5............... .. .. .. .. .. .. .. .....F...........:..... .. .. .. .. .. .. .. ..............................P......................Y............................z..z..z..z..z..z..X..............^............e..z..z..z..z..z..z..............x..x..x..x..x.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\aquamarine\sys_close_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.8283101931111565
      Encrypted:false
      SSDEEP:
      MD5:ADB8950D40749128D2DDDF286F4E238B
      SHA1:30970E46FB1508A6000B43C5B0280EA71F46D143
      SHA-256:17CD48DAD2E5B59A64833AF13A561336C18AD7BC0E674E82A21B5E2EF5A1F7D1
      SHA-512:BA2F229C1B093CF431047C6D5C795F9BF409F1BABC73891A132EAD46D563F1BAC24522275ADC945B8D432FD4A1204A75E4F2E8C9920435E75E4CAE548E7F44D5
      Malicious:false
      Reputation:low
      Preview:BM........6...(..............................................................................................................................................................................................................................................................................................................................................................................c..+........9....9........1..j...........................m..m..m..m..m..l.............[..1..^..........'..m..m..m..m..m..m..............R..R..R..R..R..R..;..............d............?..R..R..R..R..R..R..............8..8..8..8..8..8..8..#......................&..8..8..8..8..8..8..8.............."..".."..".."..".."..".....F...........:....."..".."..".."..".."..".............................Q......................Z.............................{..{..{..{..{..{..Y..............^............e..{..{..{..{..{..{..............y..y..y..y..y.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\aquamarine\sys_close_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.6936752775540242
      Encrypted:false
      SSDEEP:
      MD5:CF7A65186479C8DCD05AA1915758E9EA
      SHA1:8D8800A37DB789E3ADC51CCE92A3DDD938F62F65
      SHA-256:A640671649BAC8E4507260DFFA920261C1F3DB92F19007321A02E6942FF8D2CF
      SHA-512:8416F846BCB52CB066A726403EEE06EAEF5311CA739D6272764D53CB8205E011B35B336C2E27BCDFCD9B72232033EE8F55219634A8D45432526C94E5752D030F
      Malicious:false
      Reputation:low
      Preview:BM........6...(.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\aquamarine\sys_close_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.7679362610784697
      Encrypted:false
      SSDEEP:
      MD5:EC940E26DD8978A8604ACF2524FA3A9E
      SHA1:1C7EF45D921E3E5FE5BFD6AF403929F3E34AEAE8
      SHA-256:5A5BB1C84F9DA14959AA1D882E3280125F0A5E8EC27785EE1675D4540626713A
      SHA-512:D35F8243794D1838A943A29A53A094F0B9B8578F0761C5077E5C8244B8EECC301231E3A13C09F3E25B0557CFF2A6776AB2D41011309965C99603BE49E049C6CF
      Malicious:false
      Reputation:low
      Preview:BM........6...(.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\aquamarine\sys_close_normal.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 27 x 17, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):211
      Entropy (8bit):6.087722605998967
      Encrypted:false
      SSDEEP:
      MD5:60C204E7FA933021F42FD3B60C6C5128
      SHA1:6EA579F8E8C75980910FB7E630387072DB6BE1E9
      SHA-256:A0AF3BE357B13E0F871476EDC34C0E7F7358C99963C1A75E01837AB0B1C4EFDF
      SHA-512:BA2A930F3F5ADF248D19565AA54A9AEDADD68C293399E4DCA93788C111AF78C9128A219EF4E65FD27AAD71E2F928B1F8BCEE023D2E1E2DE55AF1982E3D8DFC02
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...............'.....tEXtSoftware.Adobe ImageReadyq.e<....PLTE...............(......tRNS........S...IIDATx..... .Cg.....!.v....P..w.%.Txa.>.....(.#.H.....$.....](..T...6Z......f.......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\breeze\sys_close_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 21 x 17 x 24, image size 1090, resolution 3779 x 3779 px/m, cbSize 1144, bits offset 54
      Category:dropped
      Size (bytes):1144
      Entropy (8bit):4.30758967369533
      Encrypted:false
      SSDEEP:
      MD5:3EB8AED827B7B4AF0698D57AF430CA51
      SHA1:17FA6C551BB931A6C150EC711FFE66348AD2D34F
      SHA-256:64B264DBE8F40DA467B083A44EC89D4471C10DA95A052BD67B3E93407DDB236B
      SHA-512:0B4403D48F528D74C8A5498602C3C3492AB1C61F1A604F467C482DC4F378D1F4F30A1BE3364337D6C667EE87BC5C0BAE9A9AD15F0C3B565F617CAD06AD2167BB
      Malicious:false
      Reputation:low
      Preview:BMx.......6...(...................B...........................j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j............j....................................c......j........................................c...c........................................c...`..................................................`...]..................................................]...Z.........................................Z...V.........................................V...R.............................................R...N.............................................N...K.............................................K...G................................................G...D..................................................D..:........................................A..:................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\breeze\sys_close_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 21 x 17 x 24, image size 1090, resolution 3779 x 3779 px/m, cbSize 1144, bits offset 54
      Category:dropped
      Size (bytes):1144
      Entropy (8bit):3.8165353768351866
      Encrypted:false
      SSDEEP:
      MD5:2A4DDC1282DE9A5CA93535913D8FF682
      SHA1:EE52F3847556EEF14697F0E46115914389C04DC2
      SHA-256:7AA6D84CD307C87FC69A230F7DAB7118FB563F68CBF223ED169A053841CED3AB
      SHA-512:0088D26DC2928A07C97CEAADC7E197B8614170E09C0CA7274BA409EE4AAF4C1E441E771BE9E663877CF3AF9602590FA79010EC551C2CA0F7661A29C778675D02
      Malicious:false
      Reputation:low
      Preview:BMx.......6...(...................B...........................j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j............j.....................................................c......j...........................................................c...c...........................................................c...`...........................................................`...]...........................................................]...Z...................................................Z...V.....................................................V...R...........................................................R...N.........................................................N...K.......................................................K...G.........................................................G...D...........................................................D..:...........................................................A..:...............................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\breeze\sys_close_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 21 x 17 x 24, image size 1090, resolution 3779 x 3779 px/m, cbSize 1144, bits offset 54
      Category:dropped
      Size (bytes):1144
      Entropy (8bit):2.1579519020271993
      Encrypted:false
      SSDEEP:
      MD5:C70353FB5D08DE49E54C791143A5DCA3
      SHA1:62D01A3E479D9D9541D7A546610CE4C46C121B0C
      SHA-256:542C1CDCD65FC226793C3FE423C4ED90670B223596B059DA416B2B999E1A2080
      SHA-512:EEEAECEB86F872E35333DBD677395DA08CF1E2AF1CC8D3A6EE732791651979BDCB1C176A15C8CDA344EAAF26E8523C27F6318B226A651637CCFD09A53AA892DE
      Malicious:false
      Reputation:low
      Preview:BMx.......6...(...................B....................................................................................................................................................................................................................................................................................................F..F..F..F..F.....F..F..F..F..F.................................F........F.....F.........F....................................F........F........F..........................................F..............F................................................F...........F................................................F................F..........................................F..........F..........F....................................F...........F.....F..........F.................................F..F..F..F..F.....F..F..F..F..F..................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\breeze\sys_close_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 21 x 17 x 24, image size 1090, resolution 3779 x 3779 px/m, cbSize 1144, bits offset 54
      Category:dropped
      Size (bytes):1144
      Entropy (8bit):2.1222202316601653
      Encrypted:false
      SSDEEP:
      MD5:4AA4685186B47210333B6F320F291166
      SHA1:E0990F88AEE01425C894089367781471418FB897
      SHA-256:859B2B0E064F42AD9F527A7E5256F65543D8F396D7D35379229E22DAF0DAF90D
      SHA-512:158F4E3CE2C840A21FBC71BA45F228F7EE4E964327C14CCE612DB2CBEADC90F1B0C3E8A13EF9F2456FD7D9FC77128C6960F0B488D027CEFEB4E98D4C4038DA1F
      Malicious:false
      Reputation:low
      Preview:BMx.......6...(...................B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\brown\sys_close_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.525881319808397
      Encrypted:false
      SSDEEP:
      MD5:5FF0954E6085B0156EF38914BADFC62E
      SHA1:D78A0A25A4A541D7532989528B713064757AC3DC
      SHA-256:67F0A2CECC99617BC145DF458D2FA75160988350EE05DB66910CB7E616E1E18D
      SHA-512:6FEDBD4744C5738CB43E9CAAEE5D1B9B917708074D1D2A69EA4CFF091D43CC867CC6F779B34E6A1477E401046FA44E9711BE0811D541BED9DC87BE631CD784CC
      Malicious:false
      Reputation:low
      Preview:BM........6...(..............................................................................................................................kf.........................kf.....................................................................................................................................................................................................................................................................................................ZZ....]]...............................................................................cc................................................................................................................................................................EE..........99................................................................OO......................XX....................................~~.~~.~~.~~.~~.~~.ZZ.............]].............hh.~~.~~.~~.~~.~~.~~...............~~.~~.~~.~~.~~.}

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\brown\sys_close_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.7718909980944177
      Encrypted:false
      SSDEEP:
      MD5:9B4A15AA02EF44624A558601AE71D3E5
      SHA1:3D86C0095E23D9D6571C8F3102DF3A2E4AF96BAE
      SHA-256:D446368CB114F60ED49FCFBB1B7A1C3442070326D19C230DA0DBC00E9882FD69
      SHA-512:8103638FE9E1787F86322BE28D3D187242C81770E8CDCFD3505EAB94ECFFE1CACCB9CF4ACD13F736780E1AD69CB955CE9E8D1E2AE75C0FC11A4BE64DAABDAC81
      Malicious:false
      Reputation:low
      Preview:BM........6...(...............................................................................................................................................................................................................................................................................................................................................................................................................L@.L@.L@.L@.L@....L@.L@.L@.L@.L@....................................................L@..........L@....L@..........L@.......................................................L@..........L@..........L@.............................................................L@................L@...................................................................L@..........L@...................................................................QA................QA.............................................................QA..........QA..........QA.....................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\default\sys_close_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.898969007929377
      Encrypted:false
      SSDEEP:
      MD5:4E21B56FFC64F5BC7C4248E33801B011
      SHA1:39C05BA5B899F37D90B3722E7EDC02149EEB365D
      SHA-256:AC4EEB5C037DEAB4E210AD8E6C3AFD1816C27A64A92DEA633FE982B912E680AC
      SHA-512:1464A774A4E4F27A1A739F8C7B721AEB47E17B4981A3F5496F9265B996677BBB98DC3310A34A5E56EB851225FA3BCBBC233A44A0751763BEB095EF23E878CBFF
      Malicious:false
      Reputation:low
      Preview:BM........6...(..........................................(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a......(.apw..........................pw.(.a...(.a....?..?..?..?..?..?..?..?..?..?..?..?..?..?..?..?..?..?..?..?..?..?..?....(.a...(.a....9..9..9..9..9..9..9..9..9..9..9..9..9..9..9..9..9..9..9..9..9..9..9....(.a...(.a....3..3..3..3..3..3.$9.SG9SG9SG98?d.3.8?dSG9SG9SG9!8..3..3..3..3..3..3....(.a...(.a....-..-..-..-..-..-.UI;.........SG95;bSG9.........SG9.-..-..-..-..-..-....(.a...(.a....(..(..(..(..(..(. 1rYM?.........SG9.........SG9./u.(..(..(..(..(..(....(.a...(.a...."{."{."{."{."{."{."{%0b`UG...............SG9".e."{."{."{."{."{."{."{...(.a...(.a.....p..p..p..p..p..p..p..p*0WSG9.........SG9'.Y..p..p..p..p..p..p..p..p...(.a...(.a...|..|..|..|..|..|..|..mn.fVS...............fVSor.|..|..|..|..|..|..|.....(.a...(.a...{..{..{..{..{..{..ps.fVS.........fVS.........fVSty.{..{..{..{..{..{.....(.a...(.a...{..{..{..{..{..{

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\default\sys_close_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):6.012515421868941
      Encrypted:false
      SSDEEP:
      MD5:8D5E21A5AABB3581D5E5A2E5907EF7FB
      SHA1:F810A458CC0A28E72E65887A744CCD5BE07F4B82
      SHA-256:5D70323DC723F965DFC29CF36E0EBAFEAFCF5E520D2BEB905FEC086CE22EEFDA
      SHA-512:86EE08E28A275D4051236DEA338D5394CDA2A0BB6B4FB9E7BFCC8E0403B9816221B554805FD53F7B5DFDD6EDA4A8EEDCA23F435A510894E70E051C905953E197
      Malicious:false
      Reputation:low
      Preview:BM........6...(..........................................*.b(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a*.b......*.c........................................................................*.c...(.a...Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq.Mq..(.a...(.a...Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh.Eh...(.a...(.a...>_.>_.>_.>_.>_.>_.DX.SG9SG9SG9JQy>_.JQySG9SG9SG9CY.>_.>_.>_.>_.>_.>_...(.a...(.a...6V.6V.6V.6V.6V.6V.UI;.........SG9FN{SG9.........SG96V.6V.6V.6V.6V.6V...(.a...(.a....M..M..M..M..M..M.8K.YM?.........SG9.........SG97L..M..M..M..M..M..M...(.a...(.a...'E.'E.'E.'E.'E.'E.'E.8F.`UG...............SG95F.'E.'E.'E.'E.'E.'E.'E....(.a...(.a...!>.!>.!>.!>.!>.!>.!>.!>.7B.SG9.........SG96B.!>.!>.!>.!>.!>.!>.!>.!>....(.a...(.a................sx.fVS...............fVSw~...................(.a...(.a..............w~.fVS.........fVS.........fVS|..................(.a...(.a............

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\default\sys_close_normal.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 27 x 17, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):729
      Entropy (8bit):7.5241404884629794
      Encrypted:false
      SSDEEP:
      MD5:06758E262F5305DA12278A56094FD6A3
      SHA1:A299756B00C5E8099C69CD36C976E9F3CB42C93C
      SHA-256:65528344DFE4779291944E63E46B43B3414233ECBD84FFC64693AFB4AD4525C6
      SHA-512:26F5F64154902D9CCEC3D1D2A73AC52BB8E06F1A45AFE66B1B4F2307E8D7590B421814D4AD29EFA1D8F65B4764A0CE8B029F11F54C3CBD9CE843CB7834CF1BF4
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............,O.3....sRGB.........pHYs..........(J.....tIME........A.....tEXtComment.Created with GIMPW......FIDAT8..AHTA...3ov.=.u.@.L...E...CAA...H)%.....`A.DA.j.AI[....A.d..E.. ..r....^.......|0.g.....#....Y.j-..0........9M.v..6..fXx....\.b..S/..Y...\&P...2...c.......d3Y.._W.M-{.h.A.f.^........m.1.?.../..../......K.{Z<...B..Q.t...nN.3... (+)..h.x..{8....r....z.6.z.K.`B...Z..9......A...Fh.o..!..b...+..LT.p.....4..;.~.....g.>....>Hm....A@.+^.....EI^.!.-}....$...R...t...0J1*e.M.[.....^."....H.....W..M|...J...J.-.....=g.c..m......C......&o^....-.C.R.J)L.....A..!.|.&..*NZ.....b..=.Z..0....f.tx.<4=.M.......F.X....f,.3......8S5...wH$.....8U..$.+)..^'.4........IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\flatblue\sys_close_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3779 x 3779 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):3.7140024417456874
      Encrypted:false
      SSDEEP:
      MD5:0059F4583800CF5B8112AB0A1833EACB
      SHA1:8B3CD77E1B6293DC049A7272F01608EA8FFB4C10
      SHA-256:A94B6A63AE80105465DA399F9F00EA052CA4B779D4BB4166A2E94416EF1018AF
      SHA-512:39252407EFB6BCC2293FA29A6C5DD8FD42936E1D856B697941C5FB29437ED266FD5920CD950CA385AD73EC43D0FF0730636D532300D843D245FB25DA5E01973D
      Malicious:false
      Reputation:low
      Preview:BM........6...(.......................................b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:....b:.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.b:....b:.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.lB.b:....b:.lB.lB.lB.lB.lB.lB.lB.i@.e<.b:.b:.f=.lB.f=.b:.b:.f=.j@.lB.lB.lB.lB.lB.lB.lB.b:....b:.lB.lB.lB.lB.lB.lB.lB.d<...........}.g>.............f=.lB.lB.lB.lB.lB.lB.lB.b:....b:.lB.lB.lB.lB.lB.lB.lB.i@.f?......................f?.j@.lB.lB.lB.lB.lB.lB.lB.b:....b:.lB.lB.lB.lB.lB.lB.lB.lB.i?.kF................kF.i?.lB.lB.lB.lB.lB.lB.lB.lB.b:....b:.lB.lB.lB.lB.lB.lB.lB.lB.lB.g>..r...........j.h?.lB.lB.lB.lB.lB.lB.lB.lB.lB.b:....b:.lB.lB.lB.lB.lB.lB.lB.lB.h?.sP................kF.i@.lB.lB.lB.lB.lB.lB.lB.lB.b:....b:.lB.lB.lB.lB.lB.lB.lB.i?.kF......................d<.jA.lB.lB.lB.lB.lB.lB.lB.b:....b:.lB.lB.lB.lB.lB.lB.lB.f?...........}.f>.............f=.lB.lB.lB.lB.lB.lB.lB.b:....b:.lB.lB.lB.lB.lB.lB.l

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\flatblue\sys_close_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 31 x 19 x 24, image size 1826, resolution 3779 x 3779 px/m, cbSize 1880, bits offset 54
      Category:dropped
      Size (bytes):1880
      Entropy (8bit):3.2301887123924518
      Encrypted:false
      SSDEEP:
      MD5:F8A7A60474624A2C31BE4171F7FB3637
      SHA1:93E53FC667FC347BE102546C921FFD94F5BEBC56
      SHA-256:8C44F1FCDB50606F166499A23566C891A0421CE8C0E8B3F281ABB9BFD701027E
      SHA-512:09CCA0587020FED30F09C1F9E501267C894B2205FAC7627EFB2FF4020081156A06904FBE339CA334C5285C10154FAA106BE58C698E2DE1639FCABAE6DEC38022
      Malicious:false
      Reputation:low
      Preview:BMX.......6...(..................."...................b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:....b:.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.b:....b:.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.b:....b:.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.b:....b:.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.b:....b:.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.b:....b:.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.{L.............yJ...........yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.b:....b:.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.|N......................|N.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.b:....b:.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.U.................U.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.b:....b:.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.}...........v.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.yJ.y

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\flatblue\sys_close_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 31 x 19 x 24, image size 1826, resolution 3779 x 3779 px/m, cbSize 1880, bits offset 54
      Category:dropped
      Size (bytes):1880
      Entropy (8bit):3.180922670974758
      Encrypted:false
      SSDEEP:
      MD5:860DE131AEF8894FF8CE7F8A2BCC897A
      SHA1:7351850365261C109FCC94EFDAD4E38D27820405
      SHA-256:D3B4AEC3106A8F45668B24F42DA6D20EC8651B6F560CA2E532E72F55C1B4B98E
      SHA-512:3F74068A0FC5BD69408264B85AF987A97D326B5608634A498C40E47FCFBDCB2FF436E314CF46F01301B13D4D5108116F604FFAA6C7E8C0CADD54A3B467EB32B6
      Malicious:false
      Reputation:low
      Preview:BMX.......6...(..................."....................r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r.....r.........................................................................................r.....r.........................................................................................r.....r.........................................................................................r.....r.........................................................................................r.....r.........................................................................................r.....r......................................................................................r.....r.......................................................................................r.....r.......................................................................................r.....r...............................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\flatblue\sys_close_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 31 x 19 x 24, image size 1826, resolution 3779 x 3779 px/m, cbSize 1880, bits offset 54
      Category:dropped
      Size (bytes):1880
      Entropy (8bit):3.156546372372563
      Encrypted:false
      SSDEEP:
      MD5:82D06B44F68F737E24B3005471287A31
      SHA1:268F744B8AE9B42507540E35807218F60105FA31
      SHA-256:76247C25A637338C0EA8D2B018E845D68D9633BA3C43A8492E1D0E7214DB7CAC
      SHA-512:F3B9981E52176B97E2BCE98AB39CA0D5072D11753ED93F291E71B4355DEA3EE0720064392CC9CC566C9252FBE9B2FB311395EFA4AD1D60C6283279B99D768388
      Malicious:false
      Reputation:low
      Preview:BMX.......6...(..................."...................b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:.b:....b:.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.b:....b:.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.b:....b:.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.b:....b:.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.b:....b:.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.b:....b:.uM.uM.uM.uM.uM.uM.uM.uM.uM.wO.............uM............uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.b:....b:.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.xQ......................xQ.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.b:....b:.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.}W................}W.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.b:....b:.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM.uM..............x.uM.uM.uM.uM.uM.uM.uM.uM.uM.u

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\flatblue\sys_close_normal.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 31 x 19, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):1213
      Entropy (8bit):6.487503193171231
      Encrypted:false
      SSDEEP:
      MD5:02558735B5E715FA59EEBFEB3984F017
      SHA1:B61C480ACB7D7C35116A50D3A2CBB94D97594E94
      SHA-256:14AA5D208ABFD5C37977966313AF43AA6CD9FFBF352EEC65DB9217681798E65E
      SHA-512:B04AAA06F3BD0ACF042F8109E9042856087492E2E0888F1EBEE1E011AAD711696E0935889DA4DF31B23CA984FBEC4648FBA393B6910B0C2BC4BCA4F93CEB5D50
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...............A.....tEXtSoftware.Adobe ImageReadyq.e<...fiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:2655870EB06BE311B0C9EE74828486C9" xmpMM:DocumentID="xmp.did:BE5E965476CD11E3A4A6BE46D3D2539A" xmpMM:InstanceID="xmp.iid:BE5E965376CD11E3A4A6BE46D3D2539A" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:23D85B32CD76E31199D8ABE2DE7985A3" stRef:documentID="xmp.did:2655870EB06BE311B0C9EE74828486C9"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>S:......IDATx.b\j..@3...B..0...L......U|..0.7$..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\lavender\sys_close_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.873605349396736
      Encrypted:false
      SSDEEP:
      MD5:31CF0C84573E3F289D63A04AE4EA5124
      SHA1:33A40474E678BDD8164FD3E054DC9DC2D7F272EB
      SHA-256:8BA082F1C4A87A07E369B30A4823625DC955A1BFE20805D58BB5CF6F09953828
      SHA-512:017D747763D3BEABEE224C7EC945FC5F23873C0673F68D54313D845648FBD26B158CF28379FE45A06921EDA8E3E842EFF4A8EDD992CB5B65929B05E04DA33CF7
      Malicious:false
      Reputation:low
      Preview:BM........6...(...............................................................................................................................x................................................x............M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..............E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..............>..>..>..>..>..>.,.............>............./..>..>..>..>..>..>.............6.6.6.6.6.5............Z.....]............6.6.6.6.6.6.........................!..............c............#..........................'..'..'..'..'..'..'............................'..'..'..'..'..'..'.............!..!..!..!..!..!..!..!.....E...........9.....!..!..!..!..!..!..!..!.............................T......................^.........................................._.............]............n......................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\lavender\sys_close_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.6084405737122731
      Encrypted:false
      SSDEEP:
      MD5:8D06A65D65EEC14810116A4DBBEAC8AC
      SHA1:C0DBD1FF9B163934C9C570501704709D3AE83155
      SHA-256:73AC4D3ED04921C08BF9E95558D99A23DEB18FA4C34D4ECB93771FD3568B094D
      SHA-512:AE6664AD1CD1497B6E63D960B4F23FEE9A237287FE5CCE1385826B0793C0A949766DDBD1C29EAC6CD8A8E103E4EBF761A0B29936796406A909E18E81905A2FC9
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\lightslategray\sys_close_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.871374674321794
      Encrypted:false
      SSDEEP:
      MD5:A7421B0B9B2110D4CF79B1890D63C849
      SHA1:CB841FC6CC973218271B8386C702B3506932F982
      SHA-256:26E67CA8F19F67EC1BEDBDBD004A152D9796FDFB32614FD23EDB622F5A94C83B
      SHA-512:7085A71D963361F6BA3CF95733913467E4C9759F3BC7FD65492059F76BC16DB0355663B79AD536119313086CE6301799E00B09E867EE1673A4A0DBFA1466F26F
      Malicious:false
      Reputation:low
      Preview:BM........6...(..........................................*.b(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a(.a*.b......*.c]h.t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..]h.*.c...(.as...A..A..A..A..A..A..A..A..A..A..A..A..A..A..A..A..A..A..A..A..A..A..A.s..(.a...(.ar...=..=..=..=..=..=..=..=..=..=..=..=..=..=..=..=..=..=..=..=..=..=..=.r..(.a...(.aq...9..9..9..9..9..9.$=.SG9SG9SG98Ai.9.8AiSG9SG9SG9!<..9..9..9..9..9..9.q..(.a...(.ap...5..5..5..5..5..5.UI;.........SG95?iSG9.........SG9.5..5..5..5..5..5.p..(.a...(.ap...2..2..2..2..2..2.#8.YM?.........SG9.........SG9 7..2..2..2..2..2..2.p..(.a...(.ao...0..0..0..0..0..0..0.)9v`UG...............SG9%8{.0..0..0..0..0..0..0.o..(.a...(.ao...0..0..0..0..0..0..0..0.-:oSG9.........SG9+9r.0..0..0..0..0..0..0..0.o..(.a...(.ap...2..2..2..2..2..2..2.):xfVS...............fVS$8..2..2..2..2..2..2..2.p..(.a...(.ap...4..4..4..4..4..4.$9.fVS.........fVS.........fVS.7..4..4..4..4..4..4.p..(.a...(.aq...8..8..8..8..8..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\lightslategray\sys_close_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.8582629393379584
      Encrypted:false
      SSDEEP:
      MD5:737085F235DD1DC4F23D13B6D447DC1E
      SHA1:0AB8A84226AD2B12F3C721AABFB80FA14815135D
      SHA-256:21AC5640C6A3E0C45E6FD7DC298988030BFAE37157F602F6FB584245BD7D20D2
      SHA-512:BFDCE4BD5439E96B52A3B1BDDE011191C6A29CC9A8FAEB6511709070187755BC62ED5E3B4D49AA52218DFD711D8A29EBA907A9480C89DCEE26CE2269CEA4C9F8
      Malicious:false
      Reputation:low
      Preview:BM........6...(...............................................................................................................................................................................................................................................................................................................................................................................................................jd\jd\jd\jd\jd\...jd\jd\jd\jd\jd\...................................................lf^.........jd\...jd\.........jd\......................................................oia.........jd\.........jd\............................................................uoh...............jd\..................................................................jd\.........jd\..................................................................jd\...............jd\............................................................jd\.........jd\.........jd\....................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\lightslategray\sys_close_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.980737349287757
      Encrypted:false
      SSDEEP:
      MD5:19B7BD9F23693F0473E5675BE55B2594
      SHA1:B86672D35F2127513F68316DA4ACD2CA727965A1
      SHA-256:1F3CCFFD40AE9F7B781958B5E2A82E9265591675600BD6C6B167C7CCE783A09C
      SHA-512:C3742C67C63C7E43E22712560FD5FB9BB148C287AC18FDCAEE2131414D00B2BBAD9874EF04530FDCAA359E570AC96612AB38835CEE2163272965DE06CA6C1808
      Malicious:false
      Reputation:low
      Preview:BM........6...(...............................................................................................................................................................................................................................................................................................................................................................................................................YM?SG9jd\jd\YM?...YM?jd\jd\SG9YM?...................................................lf^.........SG9...SG9.........SG9......................................................oia.........SG9.........SG9............................................................uoh...............SG9..................................................................jd\.........SG9..................................................................jd\...............fVS............................................................jd\.........jd\.........fVS....................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\lightslategray\sys_close_normal.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 27 x 17, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):269
      Entropy (8bit):6.552812689945597
      Encrypted:false
      SSDEEP:
      MD5:1D5731AA66BF1189F9A5C73452453FDA
      SHA1:C52666FFC91750D0F6E7A5E4134444788DD38FDC
      SHA-256:54102FC295A484E7B8AB58087F6BE315E9B2E4744A17C3619028A6717077A0FB
      SHA-512:1170652D05B9CFB65EF71C90E596C0EB9032B7E7A15BB009526F71FA2037AD1EFFF3AD4A29F3E3B4ECFEBD6E0ADEE8C8D4CA06AF2BF5173C57EE02FF377C831D
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............,O.3....sRGB.........pHYs..........(J.....IDAT8.c`..C.0.R...............U........].j.#E..I....bR.......YN5....E}.pYH3..-|..%.[..........=..T.013...;w...=..O....r._.~..a.[..c...X.)x..-CRA....8.........n......p..K..(.^.......w......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\mauve\sys_close_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):6.056087259463428
      Encrypted:false
      SSDEEP:
      MD5:AFEC2FAA639BA7B7CE81551128A5DCF3
      SHA1:B54DC91036C8D650F9CDC890FC06382F8B096CC9
      SHA-256:8304FEC2D3F76BF8F0B378230D1EE4E233DEA06FF5A3265D536559FB5C384161
      SHA-512:4B385FB05CCE451032971DABE0E1905C0CB3580C6E58393303C57854F5AD9BBEE5B7AACB18811535685F4B6E907BC680E5EFC70E21283DE0247AA0F93D501874
      Malicious:false
      Reputation:low
      Preview:BM........6...(............................................l..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..j..l........l...........................................................................l.....j......................................................j.....j...w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w.....j.....j...f..f..f..f..f..f..I......l..l.*..f..*...l..l.$..N..f..f..f..f..f..f.....j.....j...S..S..S..S..S..R...n.........Z..%..].............S..S..S..S..S..S.....j.....j...B..B..B..B..B..B../...q..........c...........o.2..B..B..B..B..B..B.....j.....j...2..2..2..2..2..2..2......x.................u."..2..2..2..2..2..2..2.....j.....j...$..$..$..$..$..$..$..$...y.E...........9...z.$..$..$..$..$..$..$..$.....j.....j...........S...x.................u.\.............j.....j......................]...q..........]...........n.j.......................j.....j..............

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\mauve\sys_close_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.972354800107472
      Encrypted:false
      SSDEEP:
      MD5:BE3077A27AD5C31954BB9F2E6496A35B
      SHA1:BEEF9ABD2F9FBE50C7D333DAC4D8CEB7503B52AB
      SHA-256:41EC6AB5B73FAEC6E4E818411D3A2C3F594AB337DE182A0627412E79537ED521
      SHA-512:00096E579145D04FFABF98E03F19313C1AA9AAFA29591E3D7AA4D92CA657D130BE6F7FE4697239CA2E8117D0510AF9302268556E4C2B72A0A51088F54E6F2FE2
      Malicious:false
      Reputation:low
      Preview:BM........6...(..................................................................................................................................................................................................................................................................................................................................................................l......l..l.>.....>...l..l.5..s................................................n.........Z..>..]..........1.............................}..}..}..}..}..}..Z...q..........c...........o.`..}..}..}..}..}..}................q..q..q..q..q..q..q..F...x.................u.L..q..q..q..q..q..q..q...............g..g..g..g..g..g..g..g..9..E...........9..=..g..g..g..g..g..g..g..g..............................j...x.................u.v...........................................y...q..........]...........n........................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\mauve\sys_close_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.58702275429444
      Encrypted:false
      SSDEEP:
      MD5:F0B1A27CEF9ACBAAEFDD1D4BC6892BF3
      SHA1:77262A7127C4E55FAEDF80949D402EFF80134371
      SHA-256:C0F21A74CD213D7D51A327E4F57FC3360002697471C94E80AA77E4E52907208E
      SHA-512:0503F8975F8A8EA9D5991E5D8FD5F16336AE085246136FF2FEEAF92516F7BC8B429EECCABC99F78D663D28B6EF241FDEF3611396BC3DD2835AFA4C79C7DBF64F
      Malicious:false
      Reputation:low
      Preview:BM........6...(................................................................................................................................................................................................................................................................................................................................................................................................................)..)..)..)..).....)..)..)..)..).....................................................)...........).....)...........)........................................................)...........)...........)..............................................................).................)....................................................................)...........)....................................................................h.................h..............................................................h...........h...........h.....................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\mauve\sys_close_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.5988873017004606
      Encrypted:false
      SSDEEP:
      MD5:53FB4F11D0AC4C7AE7C8AE7F294A34A9
      SHA1:7451717D48B5B88408506622779DB6DEC84CA19E
      SHA-256:DDE8358F453BD748AF85A6605C31B0C6575AF631CD05D6039F104448E9F7663E
      SHA-512:C5955422106F9BE1A9EF36F084ED2DEF34298C99ABB54D5EAE640E91C46DA56C7DBC3636FCFBDB069263C274E35BAF06436EB71C97E3E23212A1435B0AB24AA6
      Malicious:false
      Reputation:low
      Preview:BM........6...(.................................................................................................................................................................................................................................................................................................................................................................................................................q..q..q..q..q.....q..q..q..q..q.....................................................q...........q.....q...........q........................................................q...........q...........q..............................................................q.................q....................................................................q...........q...................................................................L.................L..............................................................L...........L...........L.....................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\mauve\sys_close_normal.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 27 x 17, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):211
      Entropy (8bit):6.010442701884403
      Encrypted:false
      SSDEEP:
      MD5:1BE5044F1EE6F87774F7C6B839C47583
      SHA1:B2D6558A23D8D8C44337687919DC9201783F83B5
      SHA-256:FF05C7F6C61B3E30A37C92CBF0DF156C48A5F137D5B769130E5069605FE9FF50
      SHA-512:7A72D1CA5960D9C976713CF29322B6DB56728BD2525AAEA35BA3399491A8D9C25E2C5E4E814EB916621BDA9A00941290C16162F7351EEB9E1BDE43E35C3D8645
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...............'.....tEXtSoftware.Adobe ImageReadyq.e<....PLTEq......L....... .......tRNS........S...IIDATx..... .Cg.....!.v....P..w.%.Txa.>.....(.#.H.....$.....](..T...6Z......f.......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\mediumorchid\sys_close_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.91778802150784
      Encrypted:false
      SSDEEP:
      MD5:3DFAF203FE6E38400B2AAEC147E547EA
      SHA1:DCE516D45CC74F12125A5584E3A1CB2AC1AAA15A
      SHA-256:5541D147488629E4C19EEEC3C33C66FA73285D774DA9F43D5ECFCE703C03BA9D
      SHA-512:F3AC3B47B6682706D01116A0C544E40A4A0A3716880F441E4DAB9078B439C4463D17D537F5B75D62D97978DD5D16054080A4DE6F57C128E53F076614788E5481
      Malicious:false
      Reputation:low
      Preview:BM........6...(...............................................................................................................................x................................................x............M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..............E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..............>..>..>..>..>..>.,.............>............./..>..>..>..>..>..>.............6.6.6.6.6.5............Z.....]............6.6.6.6.6.6.........................!..............c............#..........................'..'..'..'..'..'..'............................'..'..'..'..'..'..'.............!..!..!..!..!..!..!..!.....E...........9.....!..!..!..!..!..!..!..!.............................................................................................................................]...........................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\mediumorchid\sys_close_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.904001633563466
      Encrypted:false
      SSDEEP:
      MD5:6DE6CD9623C9C2677C54CB243B7ED04D
      SHA1:7B4D824D49DECAFDC48721EC07B2F1BDB8CBD3D9
      SHA-256:6A308BFB4EFDE0DCAB248946587BAD7B2A7744678E8526EA51C6DF761A8A50FD
      SHA-512:B83B17256C9D329FAD3DDDC1C7250E4ECD69CDBDAF5995C89752A5B562B606C358CE2CD181350A1319BD25096979385FFE235A45FD6CFEEC2AB8A2983E4217B3
      Malicious:false
      Reputation:low
      Preview:BM........6...(...............................................................................................................................x................................................x............M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..M..............E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..E..............>..>..>..>..>..>.,.............>............./..>..>..>..>..>..>.............6.6.6.6.6.5............Z.....]............6.6.6.6.6.6.........................!..............c............#..........................'..'..'..'..'..'..'............................'..'..'..'..'..'..'.............!..!..!..!..!..!..!..!.....E...........9.....!..!..!..!..!..!..!..!.............................T.....................^.........................................._.............]............n......................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\mediumorchid\sys_close_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3779 x 3779 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.7718909980944175
      Encrypted:false
      SSDEEP:
      MD5:D68FA05B354D95F5986948C06227C2B2
      SHA1:10141123AF3CF8C53714891FD91753E0B5BA3F7C
      SHA-256:982398215DCAFF99C87A7C76660E226F52F4B857532DC0066942C36BAABF50E0
      SHA-512:E299165F9538E60C54C4DE2655E6F865A5670F68A538A32DF588155A12436160F4D915C7AD40F797F1A9D1F6695A0BBE6D12ECE0D7B7D615F44C8AE5EC924382
      Malicious:false
      Reputation:low
      Preview:BM........6...(................................................................................................................................................................................................................................................................................................................................................................................................................f.f.f.f.f....f.f.f.f.f....................................................f..........f....f..........f.......................................................f..........f..........f.............................................................f................f...................................................................f..........f...................................................................D................D.............................................................D..........D..........D....................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\mediumorchid\sys_close_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3779 x 3779 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.76547048386064
      Encrypted:false
      SSDEEP:
      MD5:B17D846FE587356B5CC9888C9867D2DC
      SHA1:B2BC8A4A9951477494CF439922BDDF3B2CD928C9
      SHA-256:7E92CB9D29252645A049D05774C69A1D769F1A61188B07466129EDC8020C3D67
      SHA-512:9E30B2054B159013BD7D3E45B0FA6EC99EFEA562A3A13560B037ED26E1F2B2AAD5BA85580235BDEB9A5F9F22EB3DD9F59F9E71D0E9F366D378788C48BC0D4480
      Malicious:false
      Reputation:low
      Preview:BM........6...(................................................................................................................................................................................................................................................................................................................................................................................................................3.3.3.3.3....3.3.3.3.3....................................................3..........3....3..........3.......................................................3..........3..........3.............................................................3................3...................................................................3..........3...................................................................m.................m..............................................................m...........m...........m.....................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\mediumorchid\sys_close_normal.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 27 x 17, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):211
      Entropy (8bit):6.10077894487178
      Encrypted:false
      SSDEEP:
      MD5:F8DAFF9E2BC637FC56E0A1DEF1B81699
      SHA1:CBE1B47286464E71344C90A34671BBF600C6BA23
      SHA-256:4678ACC5113B965BFEFF29C38C2F60BBBBA843D4E8B5660D8888B343FBB164A3
      SHA-512:47C71DEC71F55D4ECA15C68A769278B748D80622DDE016DB8320A123F17E49B9BE3715E4900335FB36058CD04F58BD137E716A4AE52521DB22B5A758BE5622CB
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...............'.....tEXtSoftware.Adobe ImageReadyq.e<....PLTE3......m........C@.....tRNS........S...IIDATx..... .Cg.....!.v....P..w.%.Txa.>.....(.#.H.....$.....](..T...6Z......f.......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\orange\sys_close_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):6.0481305060779285
      Encrypted:false
      SSDEEP:
      MD5:CAC3D7CC82721ED5D2845644FE5A508D
      SHA1:8A45865DE6F065C8D86D3A25A604F023F81BE270
      SHA-256:4488141F07DF133C8CF0FD47245B0B3FA00489C992D44C302DFDA1B59F69E45C
      SHA-512:7608A1344EA6031494B6D556E8FCB6B59D365130F928EF2454AF3586B7DCED573F31DC448F60A9EB9A2F00D9D323D85387DE647DDB78D42C144EAA3042FEBF66
      Malicious:false
      Reputation:low
      Preview:BM........6...(...........................................5..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..5........4............................................................................4.....:....f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f......:.....:....X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X.....:.....:....I..I..I..I..I..I..4...^..D..D..g.I...g..D..D..b.8..I..I..I..I..I..I.....:.....:....:..:..:..:..:..9...F..........Z...c.]............].:..:..:..:..:..:.....:.....:....,{.,{.,{.,{.,{.,{. k..K..........c............H."n.,{.,{.,{.,{.,{.,{....:.....:.....n..n..n..n..n..n..n..^..S.................O..`..n..n..n..n..n..n..n....:.....:.....c..c..c..c..c..c..c..c..U.Ew..........9n..V..c..c..c..c..c..c..c..c....:.....:....}..}..}..}..}..}..}..N...S.................O.W..}..}..}..}..}..}..}.....:.....:....z..z..z..z..z..z..X...K..........]............F.d..z..z..z..z..z..z.....:.....:....y..y..y..y..y..x

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\orange\sys_close_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.863656253160122
      Encrypted:false
      SSDEEP:
      MD5:A13B497EC2A4508AEC25100D68C98C19
      SHA1:8CC7FF0744CCDA78B64157A20BFA380126D6F316
      SHA-256:6B76F7D524AF67CFBE4019AFB3C5C7801E3744CBEEB08D616FAF19CB771FA84B
      SHA-512:C52116B238D4CDFCE1FD27C1D3F1FB151C718DA949C038866A8AEE01D70C7D93A0DB88A03F2BCE97B89A03EE47494B6B57FF48150CBFABB0F065E3C725E1105F
      Malicious:false
      Reputation:low
      Preview:BM........6...(...............................................................................................................................................................................................................................................................................................................................................................................................................@k.@k.@k.@k.@k....@k.@k.@k.@k.@k....................................................@k..........@k....@k..........@k.......................................................@k..........@k..........@k.............................................................@k................@k...................................................................@k..........@k...................................................................Ay................Ay.............................................................Ay..........Ay..........Ay.....................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\orange\sys_close_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.7792085699155513
      Encrypted:false
      SSDEEP:
      MD5:C9C8ADC3286BD27B74FD560112CE1B4E
      SHA1:FBCCE927AAA09435F677AAC7736EF30C09C36224
      SHA-256:31794FD41DFA1B2BF79B07800FB1D87CDEECFE212749783D182719A1D0699F98
      SHA-512:525C31CB68B9A53E8BAB25ADA1345FFA8C87DA9993F5E3FED41F93300B46FE6939AE23654FABF89DE9782BBED6ADCFF14A1B19C857BA7EAB038C548E4F10B0CC
      Malicious:false
      Reputation:low
      Preview:BM........6...(................................................................................................................................................................................................................................................................................................................................................................................................................:..:..:..:..:.....:..:..:..:..:.....................................................:...........:.....:...........:........................................................:...........:...........:..............................................................:.................:....................................................................:...........:....................................................................L.................L..............................................................L...........L...........L.....................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\orange\sys_close_normal.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 27 x 17, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):211
      Entropy (8bit):6.080617375026524
      Encrypted:false
      SSDEEP:
      MD5:14EC5DF439D86B4AFB4F561018AF9624
      SHA1:9CA1C5F5AAF0E78523CF7D7F9BA333CC19FF5A6F
      SHA-256:4FE29C23CFD08768353E9191CAEDE1AB45FC58E517594589F0074A89DA4F40CA
      SHA-512:18780C044CE8A8CA7CCEE2C674F6F3B21FD2FE81F6B2C3C0992663E277F177CC111FAEA9274DDA74DB56A73AB83D4CA22544E4F86F5F8F47C22D612AA6CA05A7
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...............'.....tEXtSoftware.Adobe ImageReadyq.e<....PLTE.:.....L.......-L1.....tRNS........S...IIDATx..... .Cg.....!.v....P..w.%.Txa.>.....(.#.H.....$.....](..T...6Z......f.......IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\closebtn\orangered\sys_close_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3779 x 3779 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):6.014847497699411
      Encrypted:false
      SSDEEP:
      MD5:E41D3EB3967AE998F81A4F1397938821
      SHA1:5E7928D3D621608D1FD64A253EED828BD9F73AF8
      SHA-256:DD8DFB276AE3CD763C9A2F1B05ED3EE75DC63E4D8969372B4F56A822E33E1F4D
      SHA-512:C5E35F53BE4B2DB3D86FB8F411AA09EE3C49F6B892E11F36DCDE20604383D603C65999770CCD63A7498B89A104B81C011E82E54DBE008E6D800828A9A4FE53A8
      Malicious:false
      Reputation:low
      Preview:BM........6...(...........................................5..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..:..5........4............................................................................4.....:....f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f..f......:.....:....X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X..X.....:.....:....I..I..I..I..I..I..4...^..D..D..g.I...g..D..D..b.8..I..I..I..I..I..I.....:.....:....:..:..:..:..:..9...F..........Z...c.]............].:..:..:..:..:..:.....:.....:....,{.,{.,{.,{.,{.,{. k..K..........c............H."n.,{.,{.,{.,{.,{.,{....:.....:.....n..n..n..n..n..n..n..^..S.................O..`..n..n..n..n..n..n..n....:.....:.....c..c..c..c..c..c..c..c..U.Ew..........9n..V..c..c..c..c..c..c..c..c....:.....:....}..}..}..}..}..}..}..N...S.................O.W..}..}..}..}..}..}..}.....:.....:....z..z..z..z..z..z..X...K..........]............F.d..z..z..z..z..z..z.....:.....:....y..y..y..y..y..x

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\royalblue\rtlo-glassbackgroundsmall.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 1479 x 34, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):6873
      Entropy (8bit):7.804199197845147
      Encrypted:false
      SSDEEP:
      MD5:A1087266FFA21A7FEEC5ACC394AB1E60
      SHA1:1FEE4D3BB7B7A89B88C26E5FDA1DB83BCC12AA97
      SHA-256:49058B0C3B524B61BD5C1E4C69C128C080E827AF1DFDCE7A2A42C2E4571F6314
      SHA-512:16D255A7331F9747463CBB2F44F398B3918A0B3C998E9D46FF047C87036C6FEF5081FB9F4EEAF7437E38A34FE9BBD9FDC97B802A16C34D04F2ECDE151332CFAE
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......".......a.....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c138 79.159824, 2016/09/14-01:09:01 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:a2758221-5295-8e47-b519-a02313d11445" xmpMM:DocumentID="xmp.did:392BD78AB32B11E7BD20AEB3D33BB279" xmpMM:InstanceID="xmp.iid:392BD789B32B11E7BD20AEB3D33BB279" xmp:CreatorTool="Adobe Photoshop CC 2017 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:630631bd-207f-6b4d-bd8a-b0088b73449d" stRef:documentID="adobe:docid:photoshop:2b50030b-b32b-11e7-b23c-c198a1a9cc52"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>:.'....IDATx.....\Wy.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\royalblue\sys_min_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.6173620730717335
      Encrypted:false
      SSDEEP:
      MD5:B88D952AF9C641755943A7100D850151
      SHA1:466DF489519E10CA6860F65DC80BC5C472BD21EE
      SHA-256:0147BBE999F36534A58CCAAC00EA36253059B26E390C7FB951B6B4C713ED105F
      SHA-512:C81844C93C33990D93987CC50B7EDB95C8EEF9A14F15B8FA29931BC9BACF43104BFF73DF3CB97C6D1BB6CF998398914A8CAE2B7EB69024231459D96B96027324
      Malicious:false
      Reputation:low
      Preview:BM........6...(...........................................P..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..P........P..p...............................................p.P.....K....4.4.4.4.4.4.4.4.4.4.4.4.4.4.4.4.4.4.4.4.4.4.4...K.....K....-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-...K.....K.....~&.~&.~&.~&.~&.~&.K..K..K..K..K..K..K..K..K..K..K..~&.~&.~&.~&.~&.~&....K.....K...s..s..s..s..s..s..K.............................K..s..s..s..s..s..s...K.....K...h..h..h..h..h..h..K.............................K..h..h..h..h..h..h...K.....K...._.._.._.._.._.._..K.............................K.._.._.._.._.._.._....K.....K....V..V..V..V..V..V..K..K..K..K..K..K..K..K..K..K..K..V..V..V..V..V..V....K.....K.....{.{.{.{.{.{.{.{.{.{.{.{.{.{.{.{.{.{.{.{.{.{.{...K.....K....z.z.z.z.z.z.z.z.z.z.z.z.z.z.z.z.z.z.z.z.z.z.z...K.....K....z.z.z.z.z.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\royalblue\sys_min_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 2834 x 2834 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.522271757396306
      Encrypted:false
      SSDEEP:
      MD5:C4F9DDC080019C14C596BB7076C82EAD
      SHA1:CB31F40C4E09474B11F50DF05F45D4B5724BE1B8
      SHA-256:AB98D821B761CD28AC10D8CDE42EBE46EB7BD900C5E7DDB7190B497F12FE4C1A
      SHA-512:F1C5E1F77CE3A7C85CBEFD8E8BD358DB6C37DD229454434750C94121977323605C0D31D40EDA8236094FF5DFE4DEA39181AB5C70FE3651BBF87834E6C06CA337
      Malicious:false
      Reputation:low
      Preview:BM........6...(...........................................P..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..K..P........P..x...............................................x.P.....K....K.K.K.K.K.K.K.K.K.K.K.K.K.K.K.K.K.K.K.K.K.K.K...K.....K....B.B.B.B.B.B.B.B.B.B.B.B.B.B.B.B.B.B.B.B.B.B.B...K.....K....8.8.8.8.8.8.K..K..K..K..K..K..K..K..K..K..K..8.8.8.8.8.8...K.....K......................K.............................K......................K.....K.....{%.{%.{%.{%.{%.{%.K.............................K..{%.{%.{%.{%.{%.{%....K.....K...s..s..s..s..s..s..K.............................K..s..s..s..s..s..s...K.....K...k..k..k..k..k..k..K..K..K..K..K..K..K..K..K..K..K..k..k..k..k..k..k...K.....K.....................................................K.....K.....~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~...K.....K.....}.}.}.}.}.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\royalblue\sys_min_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3779 x 3779 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.5831722555782826
      Encrypted:false
      SSDEEP:
      MD5:34D6B9D4B2138FA394BD9E64FCC20ACA
      SHA1:0BE5B19E7A7B851F61F57ED19CA08AD5F31BBB71
      SHA-256:CF938133EDE6B61A71693889BD790D9B504F4774E40C4EFA811BEA8BCC0EFD40
      SHA-512:C6F1CFBF910DFF1B15A832C4CCBE3C20FF8F12D9B2F6D381A49EBEDA2738275A4E8909F23C5E44C8B89154038D553E0BCFD1BBC05AE858A44E93162FCFBC4AD5
      Malicious:false
      Reputation:low
      Preview:BM........6...(................................................................................................................................................................................................................................................................................................................................................................................................................k..k..k..k..k..k..k..k..k..k..k.....................................................k.............................k.....................................................k.............................k.....................................................k.............................k.....................................................k..k..k..k..k..k..k..k..k..k..k..........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\royalblue\sys_min_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3779 x 3779 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):1.571496801237379
      Encrypted:false
      SSDEEP:
      MD5:2EAE275CF10C4612B2C150E1D2CFA829
      SHA1:4453B976A93E208C832C6957D47DCCFE2A0110E6
      SHA-256:A59D77BFDBA4F19907732B20C2281AF18082BAAEAFBC47ED482DF4B9555BEFC9
      SHA-512:B0DF2DADC17316424B23BE532C940A51D54BF004A177B48EBDB490F6C248BE6D8C00072E95A6263DF551916CC257771DADA05F14558A5FAF9997703E593B891C
      Malicious:false
      Reputation:low
      Preview:BM........6...(................................................................................................................................................................................................................................................................................................................................................................................................................K..K..K..K..K..K..K..K..K..K..K.....................................................K............................K.....................................................K............................K.....................................................K.............................K.....................................................K..K..K..K..K..K..K..K..K..K..K..........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_bottom_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.4736059384431
      Encrypted:false
      SSDEEP:
      MD5:0EDD17E9905D463CE23FBAE64563C8DA
      SHA1:2C26D30E1B7A5761F5048D9494349CAFE40979D9
      SHA-256:237E098ED029198E9F7CFE71BABD6BF9FF3962ED78A263DC7426EA663E601467
      SHA-512:FC358AD0F2E482AD51AF201F2883259DFCF0D577DB1BE8CFF2B9048F22827278CF0CB8A3F76475222D86BE7E945CE9B34AA9B86FC625C908FFAEA0AD6B1EA2C2
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&....................M..M..M.....M.........M....~?.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_bottom_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.4736059384431
      Encrypted:false
      SSDEEP:
      MD5:1B38EF93DF0C5D4C6C2A10CA0115A28D
      SHA1:17FA1779A66696F9EE1406DA73133745EB4429DD
      SHA-256:4292EA3565B63946777D999352A1986E8F5950F1E8E51F030443F05DBDBDE57D
      SHA-512:1B0B3C6FE0F359AE383D3D5B069341A900AFF610E91D7752D4290FAFE11AC73DFF3CA349DEB6599A6D358ADD4C769AE6CB05C2B751DBBCE738BAE4082167E8E4
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&....................M..M..M.....M.........M...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_bottom_mid.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.192775525356426
      Encrypted:false
      SSDEEP:
      MD5:445B2B911B105CED9B1A3A5CAAA594DD
      SHA1:C326010A040A6D19837360907745A7A05982254F
      SHA-256:ECFC46E3BA63CC8D7DE04134A271B171D9EFD714E4CE9611115836A5B4518E63
      SHA-512:1DED63A90006BD2BFDDB1DE399D0CB483E52A94113E43B3099B6BF3DC7A9A0C7AE74249EBAA600D0D184615661F2FF557B62ED65F073BFAEFC4F84E0CB420360
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(........................................M......~?...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_bottom_mid_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.192775525356426
      Encrypted:false
      SSDEEP:
      MD5:7610648B8E31404E1621A7A5B510B86D
      SHA1:D51D517A8472BFE40C469AFA8869385D5A0E9783
      SHA-256:48837B62A6A6BC71359FF74BBE8A672D6B23CC30344C12E006698F069890A2B3
      SHA-512:24B03969FD28DE9919D86609BEC03E6ED732ED78B8E0DE3F2FE5253180817D1471E3ED004ABB5ECD91885B6281CEF1B8E508E38E6F76FDCFB88A29E308AC78DD
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(........................................M...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_bottom_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.4736059384431
      Encrypted:false
      SSDEEP:
      MD5:C288357164D52B2CFD695C792074323B
      SHA1:C8B7B1DDB78C929AD56D8BBD57FF5449AFA04BE3
      SHA-256:709D6FDBE00694F7DC115E923188F62CDC72D39E739280A1AFF072D1A49D2674
      SHA-512:8D07E5C163C9E4B0D04A861E00BE1F578D7A77C2F3EBA80DEB3895B2B354D4015FF1905A2DFCDCCC1B8EC839359DCC302E09F753623AA7F0DF212540CE8A56B2
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&....................M..M..M.........M.....~?...M......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_bottom_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
      Category:dropped
      Size (bytes):92
      Entropy (8bit):2.4736059384431
      Encrypted:false
      SSDEEP:
      MD5:2C84C848BBCD7BD57579D3431E8A363A
      SHA1:5DC73F68798E73318D03979810BC00A4E94956D9
      SHA-256:F212B152D4647EDCD36D2218713296AFBF9AC5E86965C309DF8F245FB89A06E3
      SHA-512:5AF2BFF30850458EF08340FE4EF9AE9E78D5AE1124C3A9DD365B6DD0E97A30BA079E466EC7F127485F5A89BE7350D27371FEE665B9D6214CD94532ED346EFFA3
      Malicious:false
      Reputation:low
      Preview:BM\.......6...(...................&....................M..M..M.........M..........M......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_caption.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 3778 x 3778 px/m, cbSize 144, bits offset 54
      Category:dropped
      Size (bytes):144
      Entropy (8bit):4.230902217075131
      Encrypted:false
      SSDEEP:
      MD5:A8A4420FBE5DBE8FFF5A4457FBDC0923
      SHA1:4475046BF4A5B7AF62099521D2A28DF47EB14FC8
      SHA-256:4E504366B5A0B48020EE2E29BEB17092010CEDB50CAA9A901BD6B2E921803582
      SHA-512:DAC1A4FCE6A95B965259EB7B92FA73BF532F3F2AF929D5930538E16A2BAB40D58384EA924CE63DAC9235CB6E5585171A21B835EC2B2E359091BB2C7861263BC4
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................Z....................|=..|=..|=..|=..{=..z;..y:..x9..v7..t5..r3..p1..n/..l-..j+..h)..f'..d%..b#..`!.._ ..]....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_caption_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 3778 x 3778 px/m, cbSize 144, bits offset 54
      Category:dropped
      Size (bytes):144
      Entropy (8bit):4.1919463804470976
      Encrypted:false
      SSDEEP:
      MD5:3D8494DD57AE17B57726E6530FC60237
      SHA1:09B19EE5FC72B2A07452ED242983C464E2ED5EB0
      SHA-256:196BF30CC41139CCAECB41584FCDC4A61842C246F81A3C7C4A6BA2A5BEA4038C
      SHA-512:3E02E2C06C922FF58C7A6BB9E6B320E7E9A1DC70CD283986657B02ECECF41219454A1D64B5FC02733744F1A2D31B507691B6854E362639FF943AD5E719238343
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................Z.....................................~...|...z...x...u...r...o...l...i...e...b...^...[...X...U...R...O...M...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.192775525356426
      Encrypted:false
      SSDEEP:
      MD5:78E5ADEF0E9078C2A76DDEA85C1C4DC4
      SHA1:8DA1ED8372EEA6F5CE10154A52B5BD9BCBF1CC18
      SHA-256:84CF7696E5B73513BCF78B1611DE3FAC76E9F99CF9112DD9EA963850441B62FE
      SHA-512:A1F6EE057AD820EE4FE4BB9B9C7703DA8BB9E47109EE384E828E6CB16CAB7FC9A258E39D413FFDF40CA51E2275737F0B68ACD32CF7C6577EE9D7740069A3DA07
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(........................................M....~?.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.192775525356426
      Encrypted:false
      SSDEEP:
      MD5:39CBD0B2CF89509C50EE74963F89F70D
      SHA1:777755CB3E7EAC9F8377552820DEC7BF9D48FBFB
      SHA-256:A46D900FB1D3BA41E6F608587F4A4A414314F48A56CDCA10716491415D38A07F
      SHA-512:8D4486150F12CF144D242735C9940C296DEAFFFA4FD92029909F7B402C4F26F7B3E8AE9F2DFA5518EDF5C8BFB6B622B6CBE3CD6EF39C4EC40EB601F3C51B310D
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(........................................M...........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.192775525356426
      Encrypted:false
      SSDEEP:
      MD5:2E805B0982CDA361E322E201DF8CCEFF
      SHA1:A199D51AAC3AC44C62B7CF9AFAE22EEA7932C63B
      SHA-256:C3F2A56930697C4DB1EA99BAD9F20D7B750F5795181A63EB608C57B7643EDD22
      SHA-512:DADE5A2DEC58631D4F88129012AE941465397FB498EA52010B2C3ABD1E7130D73D47C78BBEA0A600B868BD655C2E2B1A141D683B20C7C01099F8E8F116659785
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(........................................|=...M......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.192775525356426
      Encrypted:false
      SSDEEP:
      MD5:171E23CD227D985B89098C5CC632C144
      SHA1:2349ECA4F92E1D4DCC2D47BC3D166A7081A5485B
      SHA-256:C9D87FC1E021CAF801E31E1359D3A13E1DA0C484E3A21EA173D352F924E1A924
      SHA-512:D9AE5802B331B6B8F38E129BD1E4E07270B7469DF2DDD627EF0D6DC7F1CF33F87C334DE00BA35C3033108876291C67AEFBF7B34B9434FAA42C79A2AAE6B4F036
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.............................................M......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_top_left.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3779 x 3779 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.636769477117101
      Encrypted:false
      SSDEEP:
      MD5:D4757DA90BF3A96D5CA1B7D8FEDF0A1F
      SHA1:C4BE7503191C6926AD33853B05CC43AD87A6B1E8
      SHA-256:0E8B86D175526133E239A0A4DC6308C6B529D9B2DB2E469CE5098A39F3432168
      SHA-512:B0FA9AC1B48E4C2D9E4289A65A4F8D46EDEAAA5D43309089D67778CE72C72F2E352A792B10C24146C75E604F83158E5B0E665FC70DF9886DFD4128F4B1FB2471
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(........................................M....~?.|=.|=.|=...M....~?.|=.|=.|=...M....~?.|=.|=.|=...M....~?.|=.|=.|=...M....}?.{=.{=.{=...M....|=.z;.z;.z;...M....{<.y:.y:.y:...M....z;.x9.x9.x9...M....x9.v7.v7.v7...M....v7.t5.t5.t5...M....t5.r3.r3.r3...M....r3.p1.p1.p1...M....p1.n/.n/.n/...M....n/.l-.l-.l-...M....l-.j+.j+.j+...M.....j,.h).h).h)...M.....h*.f'.f'.f'...M.....f(.d%.d%.d%...M...|.g*.b#.b#.b#...M...l.u>.`!.`!.`!......M...~._ ._ ._ ......M...r..h.]..]..........M...p..|.xD............M..M...b..................M.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_top_left.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 6 x 25, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):487
      Entropy (8bit):6.8486656555617005
      Encrypted:false
      SSDEEP:
      MD5:F2DF1A1438DC2DDD8F756559542030A2
      SHA1:4CDB43879659BB503CE1A3915790C2671F3CEC07
      SHA-256:0B6B923C5AB575AE4C6F93392280A1A5CE2DC72196A4812A8989DA0066F790E5
      SHA-512:E26A9EEE85F19D196B2AEDAC0786C8E568F63AED662E58CC455A825DF71EB8343E892E2C5E4229ADA6594C918D45BE74D958271BA04B30F0B98EDB323C0A6EA5
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............%..4....tEXtSoftware.Adobe ImageReadyq.e<....PLTE.M.=|.7v.?~....1p.-l.5t.'f.;z.#b.!`.%d.:y.3r./n.={. _.9x.+j.)h..].(f....5t.*g.Dx.r.....;z.h..l..*h.p..|.....>u............,j.?}./n.b..9x.-l......|........1p.<{.3r.~.................<tRNS...................................................................IDATx.l.G..0...M.B...+...........7.mW.h..;..g.$PL}.s..<.4. ...q.x..,..!MS.om..Mk...eY0kEQ......^J...1...0..$\..&.c......0....@'.f.....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_top_left_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3779 x 3779 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.618119058335867
      Encrypted:false
      SSDEEP:
      MD5:DF94017171D579959895EDC072D39120
      SHA1:0C0FACCEAFAC06C603F125CC170973851796D961
      SHA-256:706D0EC93AB304F05F6D3B8B9DA613CA404943E9DBFF9061984B5417F15711F8
      SHA-512:2576993C63B702EE9C6428A7D2698F94D6B7AFB5277B60A0F51979AB7494651EA68ED46C0448A6F7D6954455AEC9DCF17755CF20E666A7267197ADFD4D162A74
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(........................................M..................M..................M..................M..................M........~..~..~...M.....~..|..|..|...M.....|..z..z..z...M.....z..x..x..x...M.....w..u..u..u...M.....t..r..r..r...M.....q..o..o..o...M.....n..l..l..l...M......k..i..i..i...M.....g..e..e..e...M.....d..b..b..b...M.....`..^..^..^...M.....]..[..[..[...M.....Z..X..X..X...M.....Z..U..U..U...M......h..R..R..R......M.....O..O..O......M.........M..M.........M........m............M..M...v..................M.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_top_mid.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.192775525356426
      Encrypted:false
      SSDEEP:
      MD5:440363D27344241CF3574CDC43CCA3D5
      SHA1:CDEB4F94AE64C5BBE4740C3773E9EA8C8502CAC2
      SHA-256:358FE1E6B51DD850C2463506D20D341B6AC09194CE0844734CD5386A4D82692B
      SHA-512:4F7EDEE0F1E294995785F792ED03B74991C8CF8A750E996477FC8590E0645187FE9201BC4847CB4FCB790BDAFF0BA29C4FDC7F7A088180514583EB3FDA29C58D
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(........................................^ ...{..M....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_top_mid_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
      Category:dropped
      Size (bytes):68
      Entropy (8bit):2.152262473854022
      Encrypted:false
      SSDEEP:
      MD5:FC284F137A181D626CBFB9B980265A14
      SHA1:AF1DC42B8706F65E80B5AA021DA38E7C48BF5AC5
      SHA-256:EBF14004ABB9171EFB791D5ED78D6F028F09775EC047BFE2BD9A3AD4DC431A0C
      SHA-512:AAB8700806A42877B1B09379A606D49426CD0FA62C0856CC64BCCFEC6ED1E67130A908FB8D4FEBA6C6D1B8D530A5ACB380FAD9D6ED1A170103D3A90A35A788FD
      Malicious:false
      Reputation:low
      Preview:BMD.......6...(.........................................M.....M....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_top_right.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3779 x 3779 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.484479797867763
      Encrypted:false
      SSDEEP:
      MD5:50656C6F33CB1490EEE92CFCF2F4FA80
      SHA1:CA5A3FE9B1F6130E6452CEDF5D3734781F6E150B
      SHA-256:EF8FC7A18AF77FED42BF20FD640543B0CFAF312A4C9DFC0C2F35CE1AF9AE58E9
      SHA-512:B8E2E2945FCB5699E063BFDAD3FC6AE72BE96BF342883DC60B8AC81C4143888AA23CCF237B935F56B5F586AFE4772EDA39B443E0797385ED358638CB7052EEC6
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(........................................|=.|=.|=.|=...M....|=.|=.|=.|=...M....|=.|=.|=.|=...M....|=.|=.|=.|=...M....{=.{=.{=.{=...M....z;.z;.z;.z;...M....y:.y:.y:.y:...M....x9.x9.x9.x9...M....v7.v7.v7.v7...M....t5.t5.t5.t5...M....r3.r3.r3.r3...M....p1.p1.p1.p1...M....n/.n/.n/.n/...M....l-.l-.l-.l-...M....j+.j+.j+.j+...M....h).h).h).h)....M....f'.f'.f'.f'....M....d%.d%.d%.d%....M....b#.b#.b#.b#....M....`!.`!.`!.r:..n.M...._ ._ ._ ..~.M.......]..]...h..r.M.......{H..|..m.M...........a.M..M.............M....................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_top_right.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 6 x 25, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):400
      Entropy (8bit):6.681254338676255
      Encrypted:false
      SSDEEP:
      MD5:03B0B908BA7AAB9CC24C728A6C247EBE
      SHA1:3871C736BE84387EBA1B7CC9D6800D505E78BC4F
      SHA-256:3CB8B85BC8434F914ECC8DDC139F4F96BEAE7B96586B94B5B452105A20895F7E
      SHA-512:173D463E8BE8CE067AEE0E8CE3A04E2021D4D88FDE7009A2B6E8D74ACF8288A9AA3E7997BD2B300BB69CF67043DDFA4819B3D3E363C1D076B33C4A47285D4F8C
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............%..4....tEXtSoftware.Adobe ImageReadyq.e<....PLTE.M.=|./n.5t.1p.;z.#b.%d.'f.7v....={.:y.9x.)h.+j.3r.-l. _.!`..]....a..r...................:r.|..~.....H{....m.......h.....n................tRNS................................................sU...bIDATx.l.G..@...(......bG....w.@.bM;...K..74..*.c,?0....!...zA..,u....i...!..F:.LW...}.`.-t4.........0..I<....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\frame_top_right_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3779 x 3779 px/m, cbSize 556, bits offset 54
      Category:dropped
      Size (bytes):556
      Entropy (8bit):5.599477820967879
      Encrypted:false
      SSDEEP:
      MD5:4178D84D2CD986063D2A7C91C57295D2
      SHA1:FC5EA9402CD9C325716A2B79D070AC3E756C9F2F
      SHA-256:5365B988C102E46F73418EC36E0DE5B1749C2080C3D2DA660C507A9C505F333E
      SHA-512:ACA1CA7E16049ADF1B26DC8D26E99461069FD133587E748012347E66EEF9BDB90FDA0D197C86334667CC04B0289CFBE8FE8727EABF3BDE9827A1066A71133A32
      Malicious:false
      Reputation:low
      Preview:BM,.......6...(......................................................M..................M..................M..................M.....~..~..~......M.....|..|..|..~...M.....z..z..z..|...M.....x..x..x..z...M.....u..u..u..w...M.....r..r..r..t...M.....o..o..o..q...M.....l..l..l..n...M.....i..i..i..k....M.....e..e..e..g...M.....b..b..b..d...M.....^..^..^..`...M.....[..[..[..]...M.....X..X..X..Z...M.....U..U..U..Z...M.....R..R..R..h....M.....O..O..O...M........M..M......M........i......M...........z.M..M.............M....................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\sys_min_down.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.656316816992476
      Encrypted:false
      SSDEEP:
      MD5:BA8DE1A4FB2E3CA280CD7A3F72D28BCD
      SHA1:4BCB1FBE1390EB0101DF72725B34E364EC0CC551
      SHA-256:A3F47F44AD19A5E5B42204DA311A883025F4F7D951BBD427EDB3A20D759FC5E8
      SHA-512:DFC97335A12E1B33209E2DAC7F222DBEA7F71B93BCD6E4689DD409CBAB6096C78210527F1ABE0C3BB00BBE5CB38B3691B9355AA04D92975C3348B2096C141407
      Malicious:false
      Reputation:low
      Preview:BM........6...(..........................................SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9......SG9..................................................SG9...SG9...N.N.N.N.N.N.N.N.N.N.N.N.N.N.N.N.N.N.N.N.N.N.N..SG9...SG9...C.C.C.C.C.C.C.C.C.C.C.C.C.C.C.C.C.C.C.C.C.C.C..SG9...SG9....8..8..8..8..8..8SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9..8..8..8..8..8..8..SG9...SG9...r,.r,.r,.r,.r,.r,SG9...........................SG9.r,.r,.r,.r,.r,.r,..SG9...SG9...c!.c!.c!.c!.c!.c!SG9...........................SG9.c!.c!.c!.c!.c!.c!..SG9...SG9...~T.~T.~T.~T.~T.~T.SG9...........................SG9~T.~T.~T.~T.~T.~T....SG9...SG9...pG.pG.pG.pG.pG.pG.SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9pG.pG.pG.pG.pG.pG....SG9...SG9.....{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..SG9...SG9....y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..SG9...SG9....x..x..x..x..x.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\sys_min_hot.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.732898239435208
      Encrypted:false
      SSDEEP:
      MD5:02F22AFAE35430F2092E77BF1CA577B0
      SHA1:91F97B9E65A972DA62FA1F1254B6D1EF1F0E80B8
      SHA-256:D36ECF7B57C82496E41F7F5F36FCF21BE7F0C061B999C5662F18530909AB6542
      SHA-512:FAE0D6E818C987EF1C7829301B39DA098E4766B4A33BAC04A7B4D42E68A3B6DF3D3A6B4C3E29D31BC0CB48B541C8316D4ECC3216F6C2AA7827E2DF5AA1A57786
      Malicious:false
      Reputation:low
      Preview:BM........6...(..........................................SG:SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG:......TG:..................................................TG:...SG9...^.^.^.^.^.^.^.^.^.^.^.^.^.^.^.^.^.^.^.^.^.^.^..SG9...SG9...Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q.Q..SG9...SG9...C.C.C.C.C.CSG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9.C.C.C.C.C.C..SG9...SG9....5..5..5..5..5..5SG9...........................SG9..5..5..5..5..5..5..SG9...SG9...t'.t'.t'.t'.t'.t'SG9...........................SG9.t'.t'.t'.t'.t'.t'..SG9...SG9...g..g..g..g..g..g.SG9...........................SG9.g..g..g..g..g..g...SG9...SG9...\..\..\..\..\..\.SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9.\..\..\..\..\..\...SG9...SG9....|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|..SG9...SG9....y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..SG9...SG9....x..x..x..x..x.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\sys_min_inactive.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.512204948904614
      Encrypted:false
      SSDEEP:
      MD5:216E32733B99D128BA7B1DE8748A5D12
      SHA1:2B857CB52CE605E9B8470683468BF331A86A042D
      SHA-256:F856A6E498EF981476B85590200B3CBA06B04C80329B434C1A3F89BA7C7240A3
      SHA-512:3CE39384E4E0138FCF1048819543BA6C6353AE32B597D64C06024F7BF63901D69D23ECF07FD6F754C56E5115A4DCABDB680BD98DF86DB5D8C729552F80BE9D37
      Malicious:false
      Reputation:low
      Preview:BM........6...(..........................................XE?SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9XE?......YD@.........................................................................YD@...SG9...........................................................................SG9...SG9...........................................................................SG9...SG9...............SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9...............SG9...SG9...............SG9...........................SG9...............SG9...SG9...............SG9...........................SG9...............SG9...SG9...............SG9...........................SG9...............SG9...SG9.....................SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9.....................SG9...SG9....................................................SG9...SG9....................................................SG9...SG9..............

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\frame\steelblue\sys_min_normal.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
      Category:dropped
      Size (bytes):1484
      Entropy (8bit):5.514249773809233
      Encrypted:false
      SSDEEP:
      MD5:EEDA62BE091F6EF68D9BA7D76C9CFD84
      SHA1:822372B556A550DD93F931B1D115C888D611FD20
      SHA-256:3C746AD942BDD0A9B95414F80CD0E20C32251601A9D579BBDFDAB6C9AD7414F8
      SHA-512:EE394717A1191ED3556FF9359D35861A475A96A14E4026F304D42156E357EC564522333EA745E90BFDCD2EE1A85A01316999EF9B601BDAC47B6ED7015F0C8E14
      Malicious:false
      Reputation:low
      Preview:BM........6...(..........................................c@LSG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9c@L......e?N....................................................e?N...SG9...b.b.b.b.b.b.b.b.b.b.b.b.b.b.b.b.b.b.b.b.b.b.b..SG9...SG9...Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z.Z..SG9...SG9...R.R.R.R.R.RSG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9.R.R.R.R.R.R..SG9...SG9....I..I..I..I..I..ISG9...........................SG9..I..I..I..I..I..I..SG9...SG9....B..B..B..B..B..BSG9...........................SG9..B..B..B..B..B..B..SG9...SG9....:..:..:..:..:..:SG9...........................SG9..:..:..:..:..:..:..SG9...SG9...z4.z4.z4.z4.z4.z4SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9SG9.z4.z4.z4.z4.z4.z4..SG9...SG9....................................................SG9...SG9....................................................SG9...SG9..............

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\ExtRegLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 5 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):17630
      Entropy (8bit):4.879878537626461
      Encrypted:false
      SSDEEP:
      MD5:56820CAE326B4433B87A21C266AF8587
      SHA1:0D54DD0720E02B55ADDC4EC87CB2466519630B43
      SHA-256:8EC0C885054DBC8365E394CDB74B3462C6E489BA3C9D39F18FECEE9B1C5072A4
      SHA-512:FE7E4F1165991BF3650B4EB919129A9468E3C8D541532587065591D7163BCCF37FD9CEB3D05C504B94B806A8FB5C5A25B793A69E27B3812C694801C9A17EB8C4
      Malicious:false
      Reputation:low
      Preview:......00......h...V...00......................h...f...00.... ..%............ .h...v@..(...0...`.............................................................................................................................................................................wwwwwwwwwwwwwwwww...............................................................................................................................x..................fffffffffffffx.......................h.......................h............wwwwwwwww.wh......................nh.....................t.h.....................x.g.....................x.wwwh.................w.......................h.......................................................................x................................................o.wx....................w.x...........x.........w.x............wwwwwwwww..x.......................x.......................h.......................h..........fffffffffffffh..........fffffffffffffh..........fffffffffffffh...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\ExtRegLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2087
      Entropy (8bit):7.860061620377321
      Encrypted:false
      SSDEEP:
      MD5:A6B30950E5DC82A34F159B6062C40661
      SHA1:FAC0EBED4678D6F7C229C887CF6F1BCECCAA4344
      SHA-256:125AC49F5B4264511338F59478DC59D49523592EE2420C9EDD5195D740B11B65
      SHA-512:17CAD4D43873B43BF9C036B6105A653E56A1CC85F816C7BE7058BD3AEADE5B93AAC4DD6D0535A1A5189D057BF8B1622D2EA5ECFD0EBB862CCCEA6CAA32C94CA0
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......IDATx...PT......}..(......G`...Ce.kM..i.I.G.6N.b..5..&...F...&.b.6..a^.8.....Pc\@.W....w...s...1.n\.g...g.........}......f+0......`(.v.=. .....;../..e.#w..K.U..p.#_..J..uV........HNN.....K .....f3....s3.....=.s.......+W...W..3yhil@]]-N.>..N.[HF.=.....p.........F4.....R......hii..Cob.......nE}.E.9s.^.V..@..[...&.9r.+r...`.@....u..tNtx<...........<v...S....._...sf..:......hnn..~..V.c.P....}.Z.........eV^^^..hmm.....0..A..z..1.. ..J....:...N.8.2.....?>..............B...~../_F..rDEE.z.....n..{x.g...x...w..... *~8j(.....b..:pd.8Q..f...&..*.....(,.b1.{...n....C..0H....L.D........'`....yx..b&.4".\.$......jI..% n...6.rH.4..........J ..3..@...'+-i... N.9$...... ....cNA... a.\....fB....(Hy...(\4....R..<........GN........(..5.B..'V..9.......BI...........gB=.......U..,.......p:{....V*.&.S.zE........./T.F...(.T.1.......7..oV-..v....b...W......}... JQ9........l........_.ybq.m....$...m.I.E..>....I....d,....S.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\IISlogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):14574
      Entropy (8bit):6.109554222093763
      Encrypted:false
      SSDEEP:
      MD5:38446046D92240AE1807213301F25DED
      SHA1:A7AD99B5009525A3EC37B9F3E9170DE4461049D8
      SHA-256:254FCE09CF1613B824ED6A6486A4B7F0882AEC82BFEA4285DA7A899E31096943
      SHA-512:65F49F9D4F518C2EBA8DA2D2518A9723AE10ACB58AFA6A93B3B1932D17D469C98518D97631B8C4A62323925AFE76F9641D70DCA8D670E995D7E6B379B1CABEF3
      Malicious:false
      Reputation:low
      Preview:......00..........6...00.... ..%............ .h....4..(...0...`...................................$&%.*)(.-0..555.<:7.:::.3C9.~L..t.2.CDC.GHG.MJC.KKK.PMH.BTI.SQN.TTT.XVR.[ZV.[\[._`_.``_.bcb.hge.ghg.mml.pnj.opo.sss.wxw.{{{..V...W...\...b...h...b$..f&..v,..l3..w2..q3..z<..{;..k&..r+..x9...3..~C..}B.[.8.T.>.Y.F.n.G.c.M.{.L.k.U.\.L._.S.a.M.e.S.t.Z.f.Z.r._.....v.c.k.d.x.g.r.k.}.i.z.p.m.e.u.l.p.n.|.r.v.t.q.{...1...<...:...F...L...]...D...L...K...I...I...L...N...R...Q...T...S...X...T...S...V...^...[...U..._.......f...g...p...i...m...h...s...v...v...e...e...q...w...q...H..S..[..Z...h..p..f..j..g..s..t..z..x..}..|..v..{...k...|...}.P..o..~.......................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\IISlogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):5055
      Entropy (8bit):7.955265162417962
      Encrypted:false
      SSDEEP:
      MD5:4A3516647726990708EEB0DC49B6A849
      SHA1:27B06A10D930F1C25DB062207E76639E5A772255
      SHA-256:A8F5F0CF3D231C73922717229A616A7EDA1BEE3A222B74E511925EBCD7D947CD
      SHA-512:9119FF11A0CBD13F7784D1450960599C553FE5B2DE2F2EBBBDC7A4AA20C006F6D9A4A12621F279D594AF17202052163D090A6BE03DE6CD1934C04E4CA5233F49
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<...aIDATx..Zi...y~..9w.fw..@Z....pbcG.8U.Aa..a.E.1.TRe.P...Np.p..WHU..p...........0....^.......{...}....a.*...W=g.{<..>..+`...Z...K.;..wx.....n.~.p..Oz..Hbw.\^.. J....m....SC.>..V.g./}wa.O.|m..yW|]....x.N"-..o...LL~H..F........>U."........\2.A.1.....Y.../gn~...w...'...2..;....A./bA).....j.4Y.,.p.r...o..K.U.Q.g.x......<fq.z.:................z......6...h..H.Mt..t.........(@X.&\.......5....*.b.P.`...3.hW....U.......=...s..[.....h.".. H.d.N...rE..Lw.2.....a:.N@4Q.J.=..YG.ZB.\E.T.Tq...~.......>.|f.....m...j.o...-d|..`...AU.H.p.x.&@.$...G&Ca.&.=G.e.....h.t-..:<KF.ZC.TB.X......O..e+...O}..i.)A.....J/...G...S.`...=H...G.....T....P......r.AH...#..:....mDBU@)..W$.4...`D..O#..J..!..B>..9..L......e.....?.=.>...ak.6tF7..K ...p.*.lS4T.M....$.,...{........T.E...'r...j.%.B.....s.....f.g1.p.J.2..3M....e.Z..W......!.YM.a]..$b14.U.d..X.=.U.."Z.%.V.R...... ..u%..|.....".......j.]K.!.+.P.A..B

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\InstallTypeLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 5 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):17630
      Entropy (8bit):5.74460882199376
      Encrypted:false
      SSDEEP:
      MD5:1E3D07D3FB3E758382F506CC7C1B1D0B
      SHA1:476F2EECDE9017DAD4E53F80BB55AB26CEAE2E48
      SHA-256:9DD1C6B5C4EAF7594EC1E80834B7DBBDA4C1E4A798F6DC944B5A4635F3499C72
      SHA-512:73DE936078E59AF3449A579593541EF87CCC1EF3E536D100E5B746E4AA9E990ECA9051AB3A5AE4ED7C3EC1F6F47E79ACB2EBD6482AED0744FD22854A184387E8
      Malicious:false
      Reputation:low
      Preview:......00......h...V...00......................h...f...00.... ..%............ .h...v@..(...0...`.....................................................................................................................................s.......7...........................................................................................................1................wwwwws....a..............wwwww....f.......................f.......................fa......................ww........0.............ww........p.........1337....333333..........1338.....33333..........q338...q.33333.p.........338.x...33337.pFfffffffa7ww....q.wwww.pffffffffa.ww......wws0.pfffffffff.7w......ww...pfffffffffq.7.....swq...pffffffffff..x.....svp..pfffffffffffsx.....vfp..pfffffffffffg.....sffp..pfffffffffffh.....wffp..pfffffffffffx......ffp..p..fffffffffx.....fffp..p...vfffffffx.....fffp..px....fffffg.....pfffp..pwx....ffffg.....pfffp..pww.....fffg.......ffp..pwww.....ffw....x..ffp..pwwww.....fw....pp.ffp..pwwwwx.....w......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\InstallTypeLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2999
      Entropy (8bit):7.915474731315953
      Encrypted:false
      SSDEEP:
      MD5:CAD0D0F01143E54764E74002910085B4
      SHA1:D16241358F3320676E7CCCB88F60C48FBF0223DB
      SHA-256:CF121EEA42783FC72C7D385879E65BBBD72C972492FD9B905FFDFA60D5266296
      SHA-512:E9DA5BD630787A4AE308C9B2F47211DB1CE77E00F3B2621CF98491727C0C2ED2A3F4938D5FEFEDAF544B6A527058AB4DC92ADFAE020D38780C20480CF359B64C
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W......~IDATx.Y.\TU......a..[@PD.DQ...T..~e........[k.P[3.m..n...D.k.|...K.@$...50<....<..s......~?...|s....w....om.,-....4....m.|.S>H........].1..5>...O....$+V=..9t.....K..'...R..N....pWg?1N..c......7....6...N.z.(...%..S.".s...:.K&......._.a.d....tIi..e:.........O|....+.4\.P....R*.`7\.3..q..._.....-d2.d.n.......o..(O...305Ta.....3..m.).>1.....e`(g..b.J=j.A.........>...Gh..J4\.2.....va.p1..u)d.gb...n..f<Y.......x=....#....--.~.v0V.7.......8NQ.'c.Lgg'.-.(J.=...8...~...@...vC~e....N.C..=.@>>>....;R*.(n.....J.B......<...Gm..$%.$........._s........b.{{{s.q@.6j.k...Y.....{a...eP..l\w(.........Dhh.h..d2......b...v.8...w..p..;7C..(.....h`.X..N.!.7.|..a.J..Z...y.y0I.,T..@.K...r.....3t.-:....g.;b.(........Nn.|}}...G.~....j.8..5..(\..35.L.Vr...... .Q....Guu5......AAAxy.X.a#~&.Y..k..M..U"s-....D..=.8.......8......H...v&.g.r....A./5j.......?..0.=.G....8..u..3d'.1..$.$}H.>...f..m..H.R.l |2.2.....-.`.ky.7....x2.sV...n.....z

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\LicAgreeLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 4 icons, 48x48, 8 bits/pixel, 16x16, 8 bits/pixel
      Category:dropped
      Size (bytes):15974
      Entropy (8bit):4.7511636081508275
      Encrypted:false
      SSDEEP:
      MD5:6734C0C659A96E52EB8FF8B149657C83
      SHA1:84156606860EA5E6A2CEBDB0D7172BC296347EDE
      SHA-256:21E97B115EAF2F8F7D31E89CAF9B3A21CEE4E3BD87F1FF26641894DA68DAFD37
      SHA-512:655F6608FA87A2B7EEAE0C21B5236F375685B1C8BBA0655AB00AC480C75991D9194A945177DDB3CB2DFC8CC4C4B2E0B6F28994979EABAD6D807CC72A6921C8C8
      Malicious:false
      Reputation:low
      Preview:......00..........F...........h.......00.... ..%..V......... .h....9..(...0...`...................................RRR.[[[.aaa.eb`.eee.ihg.jjj.lkk.rrr.uut.zyw.xxx......xq...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\LicAgreeLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):1823
      Entropy (8bit):7.8323120371404205
      Encrypted:false
      SSDEEP:
      MD5:C70D9A224D7440D1361E79A057D5F968
      SHA1:338F5C4C44FA9877D8C81F22BAC51E3FC775FD8E
      SHA-256:303545F7781FC34A85473F8D52146061E5B34ED5EE2B40311EB03E53EC86DFFC
      SHA-512:53237F3A385F7AA780B22E5DEB7F9F827482994A88FB6A9220240EF5B45D3F3D16A7A2B646F8490DA58775C9424FC08B7246B1715EDAC30EE306A825ED6068FD
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......IDATx..[L.W...3..r-.).Dk.P..../.V........&.I..[D.lZ.K...>5>Tk.4.m...&7...r........rsa.K.9......m].093g..~{..?........".....w.^.|;..........8...E..f..b. ''.V.U3<<.......+.......c.......x+##C.\.P.j....C|B".Z[....JKK.;w.\.s......v..L. ......>....|OVV.....w...j5.....'..F......*++?......jkkY.m.OB....Q..m..U.......?.,@uu5.z=6mOB.B........Uu.0.%==..O...........=2......]]]..=z.......X... ~U.V.6e-...r...vK..E../.TUU....k...7.....u...4.V.d2....n.......t:."K1..Y.K..6.zL>.....R%.....GHH....x.gu$.`..l....aaa.........3......0.....v.4r..&.....\LLL...'...@30...:...z....O&...)...2rC..e2GI..t..R....x..V....Y..)..''....y.<.7..x.5&U....&.yQI.........q._.:.....G...T.T*...HII............$d...z.j...S..H..;.....MM..{..td!KO?.6qg.(....ftuv...w.N3......T!.B..0.p..e.:|..EE...+@.$..=..P/...z=...zP.u..R.*.S...e...N.....7."n[.]..}....M.0.[.<..n...@......h?.Q7.t.%...)9...qd....X...i_|...S.+6.b.......M..MZ.J.3g.'....>...s....5j..,....C.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\LogonInfoLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 5 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):17630
      Entropy (8bit):4.623384636768482
      Encrypted:false
      SSDEEP:
      MD5:A12328C77E6992157C00667B3CFA2EB4
      SHA1:E15888CFFA06C747BF4FD198546565D4011F6499
      SHA-256:7CAA9C2E886ED534F1962F32D7D0ACFAC0BCEC82B8A4ADC6C1494B4935244E1C
      SHA-512:62DF1298ECB6FEDCF55A15BF48D9F4BD744C73C254D30708E3360372E8615290818410FCB98575E823AB0E56DE13CBC800CE8A1743710D853086C85391613A48
      Malicious:false
      Reputation:low
      Preview:......00......h...V...00......................h...f...00.... ..%............ .h...v@..(...0...`.....................................................................................................................................s.......7...........................................................................................................1..........................a.......................f.......................f.......................fa......................ww........0.........q...ww........p.........q337....333333...........338.....33333...........338...q.33333...........338.x...33337...........7ww....q.wwww............ww......wws0............7w......ww....wwwwwwwww1.7.....swq....wwwwwwwwww..x.....sp...wwwwwwwwwwwwqx.....p....wwwwwwwwwwwww.....q.....wwwwwwwwwwwwx.....x.....ww......................ww......................ww..........x...........ww.y.y.y.y.......p......ww...............p......ww......................wwwwwwwwwwww....x.......wwwwwwwwwwww....pp......wwwwwwwwwwww......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\LogonInfoLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2404
      Entropy (8bit):7.906775963577507
      Encrypted:false
      SSDEEP:
      MD5:DD75C36FE57C163F27206460B947282D
      SHA1:3F9AE23E35AF620890D2EBC62FA0FD4FE7DC0172
      SHA-256:27A3BF630F8EC7982C40C7D27121C2FFDBDD5AC6CC215960885A70080D2D60D4
      SHA-512:D9C3C8A3B902464660F6992030E18EB64C525BDAD80FD76E689F891D748F07F97B1EE67847296376E129C74279460560A360AFDE6797960C8A764012F975EE93
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W......+IDATx..Y.P.g.~..rH..@. .....Z.....GmW;Z.Suz...]w..^;....Z.=.R...G.......BP..!!....$..........3.|...o..y..}.x.....l ...?...~It.........!....k.L&...y..V+.f3jkk.....1((H.f..:....l()).".T.!.......w....A.x._.0....t.......<<........{....V.Ekk+.....PTT.....L.q..g.&`.....q#c.O.>..7........r...Y,.....Aod2C........(H'.....?x. v..E?..b.....P(DiiivYYYrnnn.c.\y~\v...............x.@@....'++k.3#....=....>>>NAP.O..P%..U...p.H..=.f...;v.J.......(.F....2+..UzzzB$.....s..U.E.....H."@.6...'.D.m(2|...j.T...,H.....t.!.u..S..[....m.:.......ai)Y.y........;p..).............6!..;...&;.{>i*L..z.....7.\.g...X.d.l...D.p$.'...j....N....)..G#.h.)3!.9>../].j..o......`#...d..b../.L..*)..*!......f.h.vL.1........N.sIs.....&..+..X....0fB..Cd.....ctL....0..YTS6.xW.qL......^.9.;Kw.$@:..........'...>..;vS.K.~=p.+V....80... ..{..T.d..U....5.O k....'N75[Z..rh...."AF.........d.O'..q....D.....u..'_|7.U...PK...t.m[..p...\..G>Ep.h.$C.............%s......C

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\PrerequisitesLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):14574
      Entropy (8bit):5.09532307002792
      Encrypted:false
      SSDEEP:
      MD5:CB5BF779DC306B354301F0D6B0EC2397
      SHA1:8021741081DB5E2C3070C6BE87943687D1A33A9A
      SHA-256:85389374087AD3AD75268F24A41005CC6EF8CB187ABADAF9E4CAD36560D0928C
      SHA-512:42A1622C1E95685B9273E74B69102A4F03119DC421DAA218D1DC4C25BFAE2FB360120536BCF64797E88759266884A06A7052F6A00834C88858C93465CA29ECF7
      Malicious:false
      Reputation:low
      Preview:......00..........6...00.... ..%............ .h....4..(...0...`...........................................>4..%%%..--.0/..211.432.443.654.877.887.:98.=<;.>==.G:..H;..I<..J=..L?..E<#.@??..c,..e-..h...i2..j4..m7..q2..{2..|5..r9..}?.M@..NA!.NA$.K@+.PC".PD".RE$.TF'.TG(.2jK.!uF.@@@.DCB.EDC.FEF.IGG.IHG.JIH.LKJ.JJM.MLM.PON.QPO.TSR.XWV.YXW.]\Z.EiU.a`^.nnn.csj.ppp.ssu.vvv.vvy.xxy..b...e...h...i...l...n...p...r...r...t...v...y...x...y...{...}...i?...>...:...G...Q...I...C...@...U...`...h...u.K.i.W.s.].x...Q...Q...W...^...b...h...n...g...k...l...s...d...f...a...m...z..........................................."...#...8...=......."..%..&..(..*..-...1..0..1..5..7...8..8...?..8..7..9..=...O..Q..@..B..D..F..H..I..M..T..P..Q..V..U..Z..Y..Y..]..]..R..U..X..]..Z..]..a..a..a..f..d..e..i..l..b..e..j..m..a..`..a..e..g..e..i..i..i..m..m..m..j..l.i...r...x...|................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\PrerequisitesLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2000
      Entropy (8bit):7.846743449850469
      Encrypted:false
      SSDEEP:
      MD5:27940CA2AF30DA01FB6B23E5AC01A381
      SHA1:9EA750C9251C9DFB62E6E8329E357D25546A6A50
      SHA-256:0984D6C0195F69B7248D738F4766A6B4109B8A666D129D33BE56902A2819A0C5
      SHA-512:D51FC3BE08B03ACB1E8FE0CBFD2F1D01B0ED0346EF629B989D273EE5E9C4DFF859F3A8FEE1D862BC7F30FACB2101FF4C2207D8427AF2366466C13290A6AF1D71
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......IDATx..yL.W....Q.W.m.Ek..M..Kk..].#.......bj.mM...-..ZDdQ.......H.1UQ...j.".....................,.%M.<....}~....a.eMSII.@...M.lvr..Mh.....m..d......~}.5...?.Q2.G.....^..G@..l..G..>L.../.Z.y......{m.....Q.x...dA>....h0..2...T(.4...NJ......(..d^#....i.G..cI.ki...j0..F444..8.nb.T...).y.QF..)..'.A$03..............Z...@.... .D... /<.iJ.}Nx{..G..q.n+....n..0..m..i...4....D......l8@L....%<qf...fm..%[.j...'..m...Lu.N.'.-...E. h.VN...\..-.%...>..#e.......vJ.J.j..J.....R...o>`.0..7....6.Z......aB..k.....\du.?..U..i=...z.H.....i.<.c.C..Ab:....s......T..#...G.r/...nW.....Y.Qxk*.^........y.6.P...0..L]."Y...oB.y..j.B....z.KX...'...0,n.>;.!...N.....:...p5S.`..F)....c....J.....'.f..Y.R..............|...L.E4^T...f.,...........x......|.B1.oT._H.....=2sQq\Q.....1.l.N.,.Q..].........j.......Srs...6.5...d&.n^.1..[%.u<.{.Sq...!.x#1[.\..-.5......;...vSM.. ''.yyy^.5.L.1c..~8......L...0.Z..,...V.^E.-olG.Y....8'3...v.....HJJ.E

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\ShortcutLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 5 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):17630
      Entropy (8bit):4.440514946286623
      Encrypted:false
      SSDEEP:
      MD5:CA7EACBA1C2DAC092A70B083433E4B24
      SHA1:4C3EA764CB3FE3BC5CF9710EAE0B0BBFA54BF529
      SHA-256:23CA37BE74B751AC6A69E6319D01B13D7F3B3CF67B684F25CFF05BB87BE0A6F7
      SHA-512:C7EBC63D0C98FF59DD0B51FE464EF13543AC3EAE43ABDCA06F5E4322660462950A0F3BDF55C8867C1A1668BE5830E114B4DF4E47ECFB61C5C7B2C489265EF555
      Malicious:false
      Reputation:low
      Preview:......00......h...V...00......................h...f...00.... ..%............ .h...v@..(...0...`....................................................................................................................................................................................................................................................................................wwx.............................................................x...o.......................o....................f.vo....................vffo.....................ffo.....................vfo......................fo.......................o..x..............................................................wwwwwwwx...............................................................wwwwwwwwww......................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\SqlLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 5 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):17630
      Entropy (8bit):5.302271283647283
      Encrypted:false
      SSDEEP:
      MD5:BC6362DB32630CABC40B70682541BEE8
      SHA1:A9897E490CD45FE05899DA621086E339DADEDD6D
      SHA-256:62F2406E303DBA4A4CF20BB6AE04E7CD85777E87FE3786CF1BA8AF00147B1846
      SHA-512:A5630A53C4C85CC3D762190E7E7AB1555C41D640A49ECD0E5E2D901895D3616CBF6F22CE2A97921CC2097D87C124140BCF9DC6D4B84D02BC7191423FAA22EB66
      Malicious:false
      Reputation:low
      Preview:......00......h...V...00......................h...f...00.... ..%............ .h...v@..(...0...`....................................................................................................www..................3.....333p.............x......s333.....................33.8...........8......f..33............8.......g.333...........8.......vx.33...........8.......gg..3...........8.......gvx.3...........8........wv.............8........w.h............8........hhv............8......3.w..g...........8.33.3338..h............3x...s338.hf.g..........8.3....33.h............7x........v...g.........x.............x........8......ffffh...........8..............h.......8......xf.............8......h........h......8.....................8.......h.......h.....8.......n...fffff......8............w..........8......8.h...x.........8.33.333.~............3x...s338......h........8.3....37.h...........7x......3xv...h.......x.......38.x............8.......33.h.....g......8.......33........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\SqlServerLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):3687
      Entropy (8bit):7.944168569080914
      Encrypted:false
      SSDEEP:
      MD5:DE497AAEA767B8ED6E5DDD097F91A664
      SHA1:4A6BD0A40C5F8368319F3603CFFBB975C82E0142
      SHA-256:521EF71FA18DE32152A87694135167136CD96E30999A47A887721DD9BA273DD5
      SHA-512:CD7E726C44FD48EAE038EFA1C6239DC4F142E948BC40E0DABAACF7EB37A3471965E1321EA34B0B891D78EADE93F76FC087A40DBAA8D281428523A99CC92F27F5
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......IDATx.Z.xSe.~..{.M.4-.^-".;......qF.......UW\vqfgWe..q..}.].."RT..J...)`......J.5m....vrr.;I.m.........~......A..F.;#ri....$."..w.5..b.K'.....!...~.~K6.,.L.S'@...<.1#.BM....&.9....s.g...#FC.c'..l#..=...........c.I.\k.<.....`9.......7a.:.....i....!...n....]vx..~o.../D./.E.-......d....zt.HpD"H....x:....+.p0.....G......dn....".1\..._.*.fN....].....~/:-&............".&!.c...|.E...H.5...o.....ng.r......DJ....b:$ja......FM..V..i2.e.....H....h%k..D...........a:.....[.$J.d.d........!..|>.}l..H*...'..4.(.$.9#^.m......k-.......#d........{"a...#U\.U.....$c.....F.......@...G...P..A.. .T..:%.S..... F]....W.~..;.....}y.<.|.LP.......yM...d..7 .hR..&R...p...7.w."..d..n.....'B.2bQ.q....d:...H........).M.s.s....f7.......Xrk.r.......\(..~x.HT.%M.;~.VV..;e..~.DX(.A....UMv<.../..Y........wW.Zul........!...Q......=...W.C...+|m.#.....^.z...'....#.m6.....n..........1...Q.g/F[(..k|...dL.M@.5.K.......Q.5..^<.`={..g.6l8.n.:K,.C...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\StartMenuLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2258
      Entropy (8bit):7.878963340609507
      Encrypted:false
      SSDEEP:
      MD5:28E5BF6A2F20A30E71D73E64CB29701B
      SHA1:0AF51877EE46CD008C3A7E7D101F69D8CAEDB21F
      SHA-256:26A6161394A66A4A6F645634E6356B51A9F386334CC09302A75ACCC09CDD82BF
      SHA-512:40705B42073ECCA2FF3BB0A831EDF6FF221A852D456EC36A3E9EC437775CEBD5C25543E85A6E577857C46FA0F7AABD1DDAA22D03CBF1123839F45D815D52C308
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......IDATx...PT.........Q.1.Q.PF0....5.T.I..5}.ic....N.6t.1....+...c..I.5:.DE.y.A0.A..e.].e.e...{...!..-~3...,...w....s/....:u....Z.....6./.....<n....2..".WCM0..`.XPXX....E........j....B..K...)--.=t.P.=.@.......HIM..:.U.6.........@ee%....F..P.-.......I999.s..8...a$..A.@..hnn........vvv..9.PVV..n.....$..(D{k+z.........>....[..H"@..!HSvu....J......9.@....=.%.1.e.....^...o.h4.....o.....`Do@."....b..+....L.3..n..s....q..s8$$.r......:ASI*.AA.T=..9..t:.r. .H......*.b....z_......./.$E'&7.......... .. '....D.i.I.c.O&..$|...1$.. ...t...B....U..0!m.#.3.......O.....(.7i...8...if./.[|..U.>.@...R&...Gq.DP!....[Q..I...*C.&.B..D...(..F,(...l..!'.\....7....)g&..g...pr3..L......8..o......^.8......p......:.p.f.....n..=....~.^......D"1."....J(.r.(.....D..'...).U..~OEU.&.U O.+....^.mn..U.n.....Y9.6.*...D&..-.J.."Pt).....i..?...4..w.~..}.....W/.......f.N.YY..Z....;1a5../g.9G>..._...P...\....:?..Yd.~.......C:=.....w.E.....'..u._....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\TomcatLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):15086
      Entropy (8bit):3.7160922891772286
      Encrypted:false
      SSDEEP:
      MD5:6B63C7F5A2235E96D5A250F30F148718
      SHA1:CBE0BBFF0B1765E8E768F034007493A9956A0F95
      SHA-256:44139785A6D98E409E73DAB11D3CA4F4035F0F7843B16F1576D40EC1C3DB64ED
      SHA-512:F3F7FB19F9647397BA5C9BBD3F11DC74BE58A049D7E192029F6F73AB806C31FADDFAD1E61B25E7DC4F113CC914046161BB93AE3046B34F8DA0F52C1B8135B9C0
      Malicious:false
      Reputation:low
      Preview:......00......h...6...00..............00.... ..%..F...(...0...`................................................................................................................................................................................................................................................................................................3...................;.0....................;37..;.......wp........;......7...............;;7....s..............3.3.p.....3p..........q3.;37.......7..p.p...w.3.33.p............p.w.3;.3337..............33;.333;3p........s0;3....3333;1.............3..333333..s............33..3333;0x.w..........;.;3.3333.....p.......p.q3;33333;0....p.......p...;.3;3...................33;.;30..w.x............p..0;30x.....w...........q0..3.x.7.x.s............p......7w................p3.8....w..p...............x..x.7..p...............x.s.w0w.0.....p....wp...8..8..x................w...8..sx.......wxw.....w..w8..............wp...w..s.8..................x.............

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\TomcatLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):3542
      Entropy (8bit):7.942538598080064
      Encrypted:false
      SSDEEP:
      MD5:451CB76DC879D5A552FEFD5EAD9A7B6E
      SHA1:1132C3281417537CDCAF7DB0693344B1AAF37501
      SHA-256:95CDFDAAAB83EA3C70719F812DF324562417EEAF174E8EE1371EAB481BB6B62E
      SHA-512:8782F2C04E88F40D1EAA1A6AFA22264EFA64C65CE63A5A462B39681905A77B02B8EA1888C85F84315083A0721D61EE997CFDFE11DF096DE30EBA590CCB886789
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......IDATx...T......{...hQR..M%[2.H15(..!i..%.:3.H.j*.j..ES.0..$LQZ..6.R.{ow.?.:...........9.S.g.....|....q...._...._...._...78..[u...f....uO?u.7W.......?.|V..m.....S...j./r..K...2?2|{......._$+#.......,[...T]...].:.....EEEm......GDD.~VU;l.hM..T.r......v..r.U...9....%m)).......i^CC.}........'F: #....o...........V.1..c..yI[.y.J.!..}U4..4J...Y....B.ddd...._VUU..(..Q<~.....u...k..G.&.g..zM.o..CA&.....].H>y....`....j2P.CDL)r.>..W3..GMU3j_.q.Q=.Z..e*..R.........@.........Og.am../N..i<l...n.N........R4\..1.......I...x..z./........S*........GuvqG.kh...w...m......i.........-$....N.l~k.....h.X7Q.EGk3.1.......NC1.?... ...()...J.!p.........*r.... )1....}A,.4]^^..J+..%..a....o.I..Bww...N...M.......S.nY>...R...............RN?$.2.l.......$..V../.0h....0.1.".......w..:..n..o..N.i;../hk.MH...<>.oslll.V.\>........2%.y.s.*..@g7._t..q.,.k.]<..V.-^fPVa.7!'..e=....r.8j ...@..b.Sw..9..+....p.l..^^.?.\9..g........8.}r.%.g.E..nz

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\UserRegLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 4 icons, 48x48, 8 bits/pixel, 16x16, 8 bits/pixel
      Category:dropped
      Size (bytes):15974
      Entropy (8bit):4.626673255405561
      Encrypted:false
      SSDEEP:
      MD5:07CBE480B70788B5F3BD74FFBBFE8C17
      SHA1:ED7B864CCF725887AB9A14369B39B32B052DB28F
      SHA-256:44BA930FD1BE21B124ECD8FD824893670DA72E1D614A3DF1F0AF8F007E1AC09E
      SHA-512:74B9BE887BA255DA47C73E8CAB731A565567C5A2DE3E0760DB72F64D4E01EAC416C03400049FE424DD56AADA6073B28C77C05AD13A4B689907C0631811ABE233
      Malicious:false
      Reputation:low
      Preview:......00..........F...........h.......00.... ..%..V......... .h....9..(...0...`...................................................$$$.&'(.---./00.445.:::.SF=...N...N...O...R...P...Q...R...W...Y...^..#K.. S.."T..$U..'U..(V..*W..'Z.#.X.$/Z.&1[.*5[./8[.09_...g...a.."l..'d..(s..(...,~.#/b.-9e./<l.+7z.?@A.9A_.7@c.:Cc.6Ai.7F}.;I|.BBB.FHJ.JJJ.]QL.JOS.SSS.SX[.YYY.QXo.BNw.@M}.JSs.SSy.QZ{.d^u.eee.fil.jjj.jn~.zou.npq.vvv.qvz.~~~..w...y...{...l-..k9..|h..zr...0...L...X...d...}..k..m..{..........'... ...!...'.. 7..(?.. 8..."...#...&...*...%...%...&...(...*.......0...1...2...4...7...8...;..>L..3F..9K..?P..1A..<P...@..5N..7P.. A..BI..OY..ET..Sb..cj..ip..ou..lx..y|..rx..x|..t|..AY..La..Sf..H`..........""..33..*J..-L..3Q..4R..9V..>[..E_..Ng..Oh..Fa..Je..Oi..Wn..Qk..Tm..Zr..\t..g|..i...`w..cz..ff..ww..}...z.......l...r...{................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\FolderLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):14574
      Entropy (8bit):5.186966033332467
      Encrypted:false
      SSDEEP:
      MD5:17780B507A253C687F744FD9B2627864
      SHA1:9CD8B0B9847CAE223D9E2433572E10C1EB38244B
      SHA-256:451331950FF77FC77E7E58C8F1AC8A099268C75A872DFAE3B7B475F33F9A5E70
      SHA-512:2177638DBAF9A48F4B64572936BA4C553EE56C756BEA224133F4AF63B1EF4291661CB8D769EC99A58874187DABD02AE23F3A1748212B30B52E991D91EA5FF58C
      Malicious:false
      Reputation:low
      Preview:......00..........6...00.... ..%............ .h....4..(...0...`...................................AA7.ooH.}|_.qqq.www.zzz.}}}...................................'...'...(...,...+...0...2.......4...9... ...$...,...3...2...5...:...;...;...6...=...3...:...:...Y...X...J...B...C...H...D...C...J...N...K...V...R...S...[...b...b...c...e...d...}...|...}...l...h...g...d...m...r...q...j...D...K...R...m...y...M...S...S...V...Z...Z...[...Z...\..._...^...f...a...b...f...c...k...j...a...a...d...e...i...i...j...m...c...k...m...u...}...p...q...u...t...w...w...s...z...x...}...{...~........................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\FolderLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):3236
      Entropy (8bit):7.922153292930446
      Encrypted:false
      SSDEEP:
      MD5:E23585A91A8AFE9A48AD97C9566AF6F4
      SHA1:CBC854304526A23490DF687A14EBBB2BC5E5666B
      SHA-256:D7463CF3F61FA454AB220454379C599309913A0E64AD331EA70E149DB11D1D30
      SHA-512:92FB6FDAB270B8CB4FAB8283A49E80A0BCEFC3F782052AE9570F3E35BD6F237CE8F7209CD613CB49E07D9A1C7C08CBC5AEDF7407897D9F07A0C52B4E2DF9B65D
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<...FIDATx.Z.]U._.q.w.N.=..N..Z..P...cL.EA....L....? ..#_.j.....`".S.b..IM..!...".J...h..y..9{...{.{:sK..w...=...o..z.[a.....^...O...=t....t......R9..jo..?^..}.v..=....p)..._.K,^./.g...Dm..<..>x.@D1Di.q.B.$P.5T@.U@.U...J.$..AL.Z.854..=Wo.===...<...4.....wMuhP..HCV........h?(|..1..(......8.^.A...8...\^..Jz....'..O?...R...|.d.y..[.y.A.....`ldX4....*ZC?.477.{...{.|...M4..O...g.U......`..u..0.R.....<D8.B....m.So.s......w...n_.X..%.....H.....\...P....7l.?|..p..J..h..W......?8...p..-ky.**.ar....F0}Q..J.;.n{t.=w...,.`.0h..R... .k....!x`..<v......b..EJ..VcM.xs.R..k....F...........p. ......N.......-.....$..?Da.e...r.M....>.l..X|..J\QH.....a.Z..$.^P...L.U..`.50....9a...L%.;...>.B....uay....F.p$pn.........j....Cn^s@.1nxK...f.u..$Z*Y.%k..?a..@w...'Q..']..(..8g...h..Y...&>.3.Q&a....z......k..".<o0.S..`....6..G.W..5(Qx.3..gX.e.Dk..H..dg.R.J...F..f.F.F...D)+..X...P.3.i..o.E.qsn....$Gy"C..g.E.../{

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\InstallLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):13430
      Entropy (8bit):5.533892984961994
      Encrypted:false
      SSDEEP:
      MD5:2D030BB775A8D74CC5D39910601FA7D6
      SHA1:CE30F7E4F5913A85BC363331F883E5F6F5BF7DAD
      SHA-256:FA387D12AEF97734A3B8A079B462447FB977ABEEF5987D5EE5B4217F1057CC2D
      SHA-512:123F393B8A5736D717B5FB7E9C8BAF414C86C4E7CDA486D3F5F21B333EF46B6C7A2302D915A57B1F0F9B0646EE619846745B34E0FCA59C0ED1A31B907E718893
      Malicious:false
      Reputation:low
      Preview:......00..........&...00.... ..%......(...0...`...........................................>4..#"".$##.%%%..--.0/.."!1.110.432.443.654.877.887.:98.=<;.>==.G:..J=..E<#.@??..|".0n?.+|?.M@..NA!.NA$.K@+.PC".PD".RE$.TF'.TG(.UH*.VI,.]N9.@@@.DCB.EDC.FEF.IGG.IHG.JIH.LKJ.JJM.MLM.[O@.PON.QPO.LLP.TSR.XWV.YXW.ZYY.\[Y.]\[.ZY\.^]\.a`^.qqr.ssu.vvy.xxz..S...T...V...X...Z...]..._...a...c...e...h...i...l...n...p...r...r...t...v...y...x...y...{...}....$...'...*...6...9...=...+.../.../... ..."...,.".6...'...-...*...*...*...,.......2...0...3...0...1...6...9...2...5...1...3...4...9...=.+.?.!.>...5...7...8.%.C.+.F.3.I.;.S.$.D.*.F./.L.0.I.8.T.9.Q.,.P.,.R.4.V.G.[.I.c.A.`.G.h.I.i.T.f.X.s.d.{...C...H.-.A.,.D.,.K.7.L.(.F...J.<.P.?.U.,.R.:.U.8.U.9.W.?.].;.\...B...G.#.M.+.S.7.Z.3.X.3.X.3.X.<._.4.Z.9.^.<.a.A.X.A.[.D._.E.a.G.d.A.b.M.j.E.h.N.o.\.{..........................................."...#...:......."..%..&..+...1..3..7...8..;..8..7..9..=..Q..@..B..D..F..H..L..T..Q..Z..[..T..X..]..Z..]..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\InstallLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2033
      Entropy (8bit):7.858071044175929
      Encrypted:false
      SSDEEP:
      MD5:0E74712A4A9022BE84E134FB4921BED5
      SHA1:E280F2AB3D3B31AE80656B4D81E5CC3A64B7F41B
      SHA-256:E3AFC4FCF970750DFCD018F606A84846EB4D0F1709A15F70A1EAB088C8FCFBBA
      SHA-512:F515D8FC922330AF3E916C3622CF65BB77C52F1537D510B0291D9D63045F2DD924B81A889A5321E921E7E007812C4FD45C1E5FED77D82D86797191420DBF2F15
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......IDATx...pT......d.0...%...J.i......q.qZGgdZ..k.[..v,..Z[.C..k.Z...<..l..B....da....&$.!....s..{..g.>J{fO..9{..}.;.9..WT.........!D.~.T.r.,..#..K.].o...O....iP%..'~J..=.d...%..$..D.j"u.!...Q]|"A.....j..:....2@...x....._.h...A)y.T.i.d.Tm.._....D.S...9".P_...#....._....>c....K.Ce..."e./.R..P..T..}..*.m...h.APxa...P.0.A...*.`@y.aiAk}Ey..c..\...u~...............t....Et............<]..@..6.e....L..e....8.....A....v...V..(...3.C....P...=.......!.?...]6..U...... %.......utf@i...>...Z>.Sxq.. c.{..ES...U....*..m..>..v........}?Aw..\'2.`...P..5T6.y$y .5F.....<LA@.ytf....Gq..;.a.,.+..M..._.c.].vg^g&4.....^|....nS.-.\....._.k..c.......}8.5`B.(.-{..s~.O...u....u....I..9.q..q.7fk......^6..D.....T2:..Z..5......(..@.B.........F.....[T|PV<..0.BZ...6...?....U...>......8.M.\..@...Q...P....ZwQ...q4....f)%.........o<.t./...o..qm......cSV7.u|....tPw.6...A7.V.#RP....a....\..(.|(...cp....*=A#.a2.&w....'.V...%......Fz.r.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\OptionsLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):14574
      Entropy (8bit):5.3443821670858815
      Encrypted:false
      SSDEEP:
      MD5:373EFF7C71D2499B52D742200F53D5A0
      SHA1:4B172D3F45156FD1B51CCD0A282D9020E74BE47D
      SHA-256:82E35D8D4A476052B677F6FAA1FF7C6770A62CC2289783DFC1E7D794466C08F9
      SHA-512:A0082D36911B0102823DBDD06F7E47234C8139A45D5E7D75CEDE75B57DB188FB243A13E23E65F4894DF41E071983C4BE6E3C9E12DB33896E60E53EDE31AE1CC5
      Malicious:false
      Reputation:low
      Preview:......00..........6...00.... ..%............ .h....4..(...0...`...................................KKK.[\T.[[[.suR.lll.rrr.vvv.zzz.}}}...Y...3...3...8...<...<...>...U...W...[...Y..._...U..._..._...T...^...E...J...A...F...M...F...O...M...R...U...V..._...]...Z...b...i...q...{...e...`...b...h...j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\OptionsLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):4206
      Entropy (8bit):7.935935445037593
      Encrypted:false
      SSDEEP:
      MD5:367C9720FF477EB1282F8D36A9DE5D0D
      SHA1:629C1AEBD0057E5B989952C6F21CE44742DE0E17
      SHA-256:F5FB9A6D207B86D9B179E3979CB24D27F1A3BD1143D842FD62FFB8E80F478E2C
      SHA-512:9CA5C1488FF934BF2772BEDFB885B92FD32BEAF83EC248F9CE6B30E5A89DA9B4AC2D89C76251595FB6AAB13465A3837332B7B0F84683CF692A4075DBE864C190
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W......5IDATx..Yyt.U.......I........@..@....L.FyO.p9...y..C.q.o..9.{..D.a|.22..A..e...[.....twU..}........W9.ouu....~.r+..S....'...$Q....:B....i.c..qp.........6........3..L...6.N..A)x.Y..q......_..w..WV....x..B.1.."*..<.....9.0w.{.G..Z.......(..y....w]...3......q9.l...k.....y...y|TpJ.Q_..t.......F. ...D<.~0.E.Z/...e..;..~s...9....a..G@.....d....'...,.=7.3.av./..'D...p..EQ.<!....eh....{h..+;.}..s.......aM.%..7.4.g....<V>."9....".5@..N...X.I...;;...U.sYV.LU2.,.....||..`p?X...!...O..._....O...p..hA."#.......aG........*p.,K.j.E...@r2%.]..[...c..s.H..=...g...N...HyI.b..b....t.c..K..!6....<..d.<$.AVr..{.}r.?.Z...r:}k.4.L7...L*.t...z....r.D.M"h..(..x .ZD.....$If..& iV..Q4Iuy.....#o.|.....B@_j.LK...Z...Q........)l.yf....V^....."ZE....$)..U.cc$4?@.VB.N.^.4t........m@.u.. .g....F...X2}Y|.%E.P2.'......VY.T.('..#.J...4...I...d.C2.I...f........9[.k..'~..5Gn.....S.|IQ..yc.y@..b.W..,....=.:G...D&...N$F..rBgV4.......a..T.),?.>.r........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\ReadmeLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):15086
      Entropy (8bit):5.161654640155959
      Encrypted:false
      SSDEEP:
      MD5:CB0AA254BC3FCDBDA15C94B933432AAC
      SHA1:CF9DE22BFD82BDF157F203BC6FCD35006A50604D
      SHA-256:A2A9FAC2360500150EC0DCB007EEB049082E7F9118342CB0DE30791999B7CAE4
      SHA-512:B82EB4344BDC61AF60F1DBDE3C6B8537343EE0F001C23C62051DEDBC6760C1F15B0B8F2E1566317D9C864246EDE48BCCD306507A36E98763DAE47148191CAB75
      Malicious:false
      Reputation:low
      Preview:......00......h...6...00..............00.... ..%..F...(...0...`.............................................................................................................................wffwp..................v""""&p................r""""""&...............vffffffffg..............ffffffffffp............vffff..vfffg............fffff..vffffw...........fffff..vffffh..........vfffff..vffffg..........gfffff..vfffff..........wvffff...fffffx.........xwwwww...wwwwwx.........x.wwww...wwwwwx.........x.wwww...wwwwwx...........wwww...wwwwww............www...wwwwww.............ww...wwwwww.............ww...wwwwwx..............w...wwwwwx.......................x....................................................................................................................................................................................................................x.....................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\ReadmeLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2539
      Entropy (8bit):7.9076585716186845
      Encrypted:false
      SSDEEP:
      MD5:243A06F2E846BFAA25D0D85D60B507D0
      SHA1:B817C85E19004FAAB726A4CEDB890F8C42D64769
      SHA-256:BA24E9C84796D60A5453BE11CAE3156F555696B0056F2F38EA3A55197E38352E
      SHA-512:789DCF3FD387035ADB8D273479BFF53EDCD567223891773ADB2E451303AA952CC2F0C4EC6B9887ED913304AF72FAD5AFFCF2B079341B07D0C05D1D5874280199
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......IDATx...PT......w.,...,/...@..P..[..j.0I..LtdR.iRM...I....N5..f2..'.....B.d|..A..APPda..=............|.s....\...C.....F.....?......r..'=.>|.v.e.#uVF..<r5..2.......0...[...../[..2....'...........Ek...'N..8p..;. ZSS.n67c.<\.r...........[......t....@.....lo3...g.............].G..$yhjjD......n..;.Mj.s......,.....!.o.@G[.P__.....?....K. O...B.B.5Zn4................{..i.yRp^.@.}.........>....5i..*/.N.4..T.....A..@.+~5..._..).....7........0..*..:;&...X,.y...z........R......`..:.....7..I...@Z..12.,.9..H]N.Q,.k....l.8.Z...F,4IUh.B..(9}b..&..<cd..3....H.a..w.@...iiib..........@I#$..P..P..%.....a..?....q...-..jR.H.&lJ[.....Y..E.!H23..z.>.....@..h4.IEd2.[.;;Y..@...K....sV.Z...&.?.S.9G..&..6..z. v..h.Z...Q:>f..F}<....lS%@...KF|.6%4.rk.Y...~.W.....i...Tp..(FTHT..*...I.LT......#..e..F...|6*..8..&oI|+.gr%.y.qH....W.#K....0.^.O...dsr.xG.$x1...|/g..s.....=.....K...L:"""..1.....)..;..b.N..c....q....D....bP._.-..!.._A]2b..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\UpgradeLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):14574
      Entropy (8bit):4.6497465791591805
      Encrypted:false
      SSDEEP:
      MD5:27EAE5F3D10B51610D6DE58437A1D7EE
      SHA1:CABCC35D3EC688FF3C2AC7D8E32B9BA37D440A28
      SHA-256:43765B039416A0DFCBBE3E3A6133B754FB9D083E3135F693519630F77EFED1C5
      SHA-512:7B9A723A8BAD3DF8C6B5D5C40F28491F76E5C497253DA773DAE5B256BA6F130958F34161CC3CBA9C07740F60E454024561732E2E1E63936098E0C99A6D695A5F
      Malicious:false
      Reputation:low
      Preview:......00..........6...00.... ..%............ .h....4..(...0...`.....................................................,...,...-...2.%.5.<.<... ..."...%...'...-...0...2...5...2...4...7...9...=...?...?.).7...;.i.?. .F.).K.0.R.:.X.:.Z...B...F...G.#.M.%.R.+.S.1.W.5.^.4.Z.8.b.<.a.N.A.^.E.p.A.u.K.F.c.j.~.K.g.G.i.L.h.F.k.A.d.E.h.J.l.N.o.M.r.V.w.Y.w.Z.z.Q.q.V.u.[.x.\.{.a.}.`.}...................#...$...)...+...,.../...3...7...;...=...@...H...E...I...Q...d...s...G...N...N...X...V...]...]...[...`...a...d...d...e...h...l...n...m...n...q...u...v...v...w...z...|.......~.m..j..m..d..j..i..j..m..p..v..v..s..s..c...n...l...q..u..s..|..}.....................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\UpgradeLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):1938
      Entropy (8bit):7.865152132118548
      Encrypted:false
      SSDEEP:
      MD5:66C306FB94BD826B161E13388191320C
      SHA1:03C6B841B5A8003616B7BAB2FBE776DA74D3CCA3
      SHA-256:726C1CBF5E991AAFAD59996EA5E5C42B2D51FD1B68E18D59081E7775CC8F9425
      SHA-512:643B407D62A523C14447C57BBFC4D160A6E84648F022749393D8E0757A1413EDF94F711AA8DD85AA73ADDFBBF744D975DF028A764447DAD8B7BB3303A61C2196
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W......YIDATx...lS.......G...$qb..4...`...hG..jG.VU....2U.fV.h..U.C.@T.:i+.!.....U...Xa...........r..}....M.k..c.@5..........;..c':...<.?F....W.U.~t....A.O^}...-......-.n.o...;..t..y.qy`.{....."..o.......*..5.....l....z...u.9.}:.o.>...t.q./}pM..../#..]........D{...6$..V....`E/..\.......d.%....=.1i..P.....,...q..|..4..y.n.L.xg....G....s.h...3.,.=\.K.l....._.wb..=..[........1.P._...a(f9.1P...1.;......|..Yp.[..+7.....'Dc"/.Z.&.x{.u.....]........,......>>/.b.;...}.%.~.L.zqg.pc........[.$'...D......l;. o...%.9'......Y.P..K.D.V....o....x.n[.......r....6U:\P....>..Gg....Q..@...`.d..,._...#=...H"S....<3p.R....XW.S..>.....7@.>N..-.m.w.'n....>.)5............P........Qyv.O...C......../...cK.>...2..c.T...= ....q!.?!$:E1.o..w......n...-F..A.@...r/....i.............*}gJ..x.i..y..h#....d.............3g.T.f......b..=p...R..(@...T.y..xZ.h..;?a...#.....m*..T$.X|............N*X.....r.n7.Pd4A...q..sC... .K.......l7...3.!I...U

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\WaitLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):15086
      Entropy (8bit):3.9357395824149486
      Encrypted:false
      SSDEEP:
      MD5:5C95ADF9CBC1231E805DE8529778E1C4
      SHA1:904FE6D5FA10A557D5F02645AF3D65C670860214
      SHA-256:81873D1DB5399D8B42A371FD0BFCEB4FF9F4E21446E9B180245055CCBDCC1235
      SHA-512:45C5BAB3AC60F2CFBB50012CBA9972B77053037C8578DC5528B1908672122FF48D866A185ED0EF2789366D6B78186CE5C1662B4194F70BA6C2D928424369281B
      Malicious:false
      Reputation:low
      Preview:......00......h...6...00..............00.... ..%..F...(...0...`....................................................................................................ffffffffffffffp........fffffffffffffffg........h.......................h.......................g..............v........f..............h...........wwwwwwwwww..p.........o.......................h............v..........g............g..........v............`...................................h..........g............v..........`.............h........v..............w........x.......................................w......w.......................p.................x....w..................w....x.......................p.......................p.......................p.......................p.......................p..................w....x..................x....x..................................................................................................................wwwww............................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\WaitLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2135
      Entropy (8bit):7.906838653548799
      Encrypted:false
      SSDEEP:
      MD5:9289C3AA4D2FFDAD2A620736E6414000
      SHA1:3B200BB2F3CE3F54706A896A335159FFC33EE7A1
      SHA-256:18E8988D1BB6F97DAB2E8C71DC1D648D0970E64C943289B2351B81D17135889D
      SHA-512:9F096926FC5E9D4B46D15CBFF1A140BD445008288783C1C3CEA91E0D3169724F6216CBF5340A4595067CC270D6139686EE5F783E3B7AE75E21945B8BB1F239E5
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Z.PT....../...6<..!.P$&-.iR'I..Z.i..h3S'3.iF'.&N&m.45i...I.I.f::&FS.4.........(,.]....E.(..w.3..]........:wQ..v.3v7.|.Y...K..ED..........O........5.%"..o..O,.D..8E|4......E.....C^.9k..d..lP.%...=..K...T0C..Z..T.h....Z.....q..e....L.b...4.M)....E.....u.f.BR.........NvRS..*/..k#...+...hoM.H.p......Y.......aQ.pOU.............3m.KT.....{.+'..........b................x!>..d.....%Iz....i.~.....q.(.J^=...}.n...a..f.....7...8./.M@.I.^I..W=.|..0.k4....s..'.H;.C-...AW...U....|9iI.b....f...7...`.fS\.cW.P.'./....>.vVp...._v1.J[..j..8.s........k..'0.J....^Tt.)....b.0.h...jj.Q..c..*.&..?.....C...47:.+.lM./IG..|..#7..y_...<.N.<.=.....Y.I..'C...3.v......".........c.??.G:.p......7.r.=v...x./Jy.......TD...$-z.......A..(.%i1N1`.Qm...w.U.T.. ..,2.../...tux$..d.....u........>..t...S.1...;.E@...+..$...3.\....ucB....`..........]._...0Y-.seC&.~w.....$...8.A..h............o..-

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\applogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, -128x-128, 32 bits/pixel, 16x16, 32 bits/pixel
      Category:dropped
      Size (bytes):68790
      Entropy (8bit):5.05087155564842
      Encrypted:false
      SSDEEP:
      MD5:F99659A4E27D88A6482891F7E9A6F7C0
      SHA1:F7E1EB0BDDC5C7C4BC41EAFAEA98B6B215280BA8
      SHA-256:34E0D23EC2D955F9E64118B71F067FCFD45730CCA14B57E0C66FDC1A326D6245
      SHA-512:8FC4EB045F91AEC7DD666B909187FE6C882FF2F7AEC22E390869CA0123D5BD0A7076EC11570C6B2C9B423D68514D41B502BD9A3748A9DA59702BFA399934FA3F
      Malicious:false
      Reputation:low
      Preview:............ .(...&......... .h...N...(............. ...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\applogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):15951
      Entropy (8bit):7.974945333137216
      Encrypted:false
      SSDEEP:
      MD5:237F147811ADBEBD52FFDAE2EBA63604
      SHA1:1F3B41B4C2DBE3CBE9422BA49323907D5280563B
      SHA-256:0C96C448A093DDCBA3D577B4910EE064C4FB376542DCA323B837B1C7BB5616B8
      SHA-512:7D88410EA8B17D051449041BECC0157734BA0431428340DFE228AEE70B8CC301E74DA2EAD6ACFC4DE2C05474E7D3E40464D7463D4AF42B312F94E2BEFB132808
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR..............>a.....tEXtSoftware.Adobe ImageReadyq.e<..=.IDATx..}...Wu.Uo.....Zmd.`c.;aq...[B.|C.|d..0.&L.f.a>2..G>.@&3....LH...Y........ZRK.......s.K.k.2^Zjxv.W....:...?.=WH)a%....-. ?....~f.o...z...{/..'..t.2..bj.z.6.....,o.q;F.^...b..............S..x+n..}]..Y..-......=.wu..Bq...OO...._.......<.d..........bT..b.\....mM.^.v^...2..f`..;..o./X..I......X...=..>....G.....#...............k.R.. ..i.+....7......0...Cm.w.......kG...q...........7...`.7...d...?.fx.UW...Z-x...F...-.X...lB&..>.d...*.!`......P.>....r..d2.j........_.......o..T. ....P...w.....7@.7rdff...F.U+..........V..Y7.....y.XDE......x...z.z..........U. ..0....<./G.......\U.~lf..Q......J0U)..p...W. *....y.v..._.3..D.(.j7.c. .7....~...o..^.....&.%......GB:2=...;.....Z...O!T...|c..f...L;AKgF...%.3......B...(..o..W........7o..?~=.......=gAd......F.9$~..z.A....<.}..Pw1....R.....tK..1h.5c....d......_...@..@.>O.....>...H%s..~..N..(.t.(e..5}.C.........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\complete.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):14574
      Entropy (8bit):5.91141981922086
      Encrypted:false
      SSDEEP:
      MD5:86A2409FDE30090BE1B843BD5A9CF222
      SHA1:D5986A0FE4DFA2A8FA49CED2D35918267D74B9A2
      SHA-256:999A589BF9023A9AC9AE6B99CCDD2E8375B1452CCA7B77CB7C00EEA2E032BF40
      SHA-512:0CAF0BB952FB98AF8FA97D3D2825A4423AB30ADFD36E18BFC119B73662663C55AAC80F57B6EC982DC5C4731F2333BE54CD6E0E4B513906B7E6D906CB515FAD0C
      Malicious:false
      Reputation:low
      Preview:......00..........6...00.... ..%............ .h....4..(...0...`...................................gk..hl..lq..pt..pv..ty..`h..hr..nw..ny..u|..x~..s{..x~..SW#.W[+.]c#.fl!.bi+.ns%.nx..sz".sy(.lt3.rx9.zxH.hiZ.z|g.vvh.xxm.{...{...{...}...w.".}.".}. .y.(.v.7.~.5.}.;...:.x.E.}.Q...........................$...,...*...*... ...#...-...+...,...&...3...6...:...;...7...7...4...8...(...(...&...6...-...9...9...9...A...B...J...T...U...T...B...C...L...R...Z...G...L...E...M...W...Q...U...U...Y...Z...Z...`...m...m...h...b...l...m...p...x...~...p...d...e...h...i...t...r...v...{...s...q...s...v...~...z...K...U...S...[...X...d...b...c...m...k...w...]...n...g...s...{...z...{.....++..;;..BB..TT..cc..qq..vv..yy.....................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\complete.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):4307
      Entropy (8bit):7.941975794285528
      Encrypted:false
      SSDEEP:
      MD5:9DF26B3428EABCDDA118D284152B9CFD
      SHA1:03A5C8268B60D5E5554E8C64BF987BA1AB0BB676
      SHA-256:714C3893D1327061A65E5999FA7670CEEEF1F10CDF8D0BB8B0CADEB015931F6F
      SHA-512:1888B45EB0C42750A6610E4B3D46B73246353B6AE8A5F65E3482A9ABAAD7E87F0D8BF0FB96B14259DA8F326264FD8066CFDE4D039E0C0DDA2412C27DCD6CDE0B
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<...uIDATx.Z.p\.}..c.vu./Y.....$...;...NR.H;IiH.I....:.m.d&c.$.q.v.s.v........3...V....e.u.........{o..l..<....}......I.{7........*.....`4..xUU....).k..{..s...H&......{..i.e..6........1g`..+.....~...E.iN(L..*...&.......w.4M2....I*b..P0TE!..C].}..n.7...eYD<x.g.T....C..m.....e).=B... .4........9.qK..76..P.$j...K..R....Tr}|...........5.......y._..........._:}.R...|`....g!.c....!...eY&..|...,,.Y..n`]I.....x...j.W..q....Pb.^.t.df..on[../+o...(.DBf...7.i.o.$f.h.....Mu..(.0....n.*.@3.(.P..O.......).]PX-.B.....;.T.9](........]{.#.....,],h&.+.(e.y.._..I^/%^x...^..n.....{.>..U.T.<.......tX...*.E,.B....9..[.Y..w|.........^(.J.ok.............h3.{O...<........S.G.._.......oz.q.0z...q....a.. ...e.<.j.!.4..d....L;~..|.+.....|...........k......y..\U%.5b1:.e.E.{..(R.~=..,..T(..JB.Y.....x.9....'.!..,..Y...u<.Pq......).kd9.b9.s...]..<..3.fB..{..3.y.-....\.j...K.r.q...R..&?....`+z

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\completelarge.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 55 x 55, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):5577
      Entropy (8bit):7.9545888698559875
      Encrypted:false
      SSDEEP:
      MD5:8534B2F732C566E97E88A06204CA9249
      SHA1:D1CBE0693C8D3754BB7CCC08FA8530874C7D8EEA
      SHA-256:A7353AB2EDD2DAB3C5D6DFDD8FF6FF523B7FF990979E0001061D3DE0B98AB3ED
      SHA-512:8480AAE32BD7B262BB5F482EECCDDBD1569CEBC6A1E3A582006512074EA5B33DE6233FCC1454B07C1A4D8983F710E89242CE7CF1B042EAE35A74BD919E53D085
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...7...7........F....tEXtSoftware.Adobe ImageReadyq.e<...kIDATx.Z......._..MCK7-(....`.A.=&Fcr..M<#...b\....pPIT..w.1.q..9...H...@w...o..^.U.|..z..u7.dx.S...U......wo..m.6..._.3..*..A.0...sb..I~....Q.....e..m.....o.......|.=qx56+.rnIG...[.. .+.j_X6.(...\.r9.....7.k.M....{L......M....o........ne...=Sf(.$.x^..!.|..9......UT...Y...E.N.v......2.(.o..'.d.&u.b...(.zOy.B..TEvT....K....7;..~.w......G......{......T>.t;.....2..1aI...db.+..h"A...+.F...@<f}.?I..px...[.}......0I.o.shQ...,..fv.._UT...'......f...:............lZ..I.$...|.P..E......LP.eY&....r.o....V$.&y.4...:.}......t....A...N5.........:...%K.}Jw..N....:W..d{...^T@..]...'...h...."L.`....*`...."..;T....b...}l...8...sU.(.......%J&u...q.{s...x.?...@x........KT....P....xM..[.....h.%W..pbY,."\M...P.(O. <Xu...'..0......o...1.t......9.@|...s..qO...i.i...DS...p.X.dX.E......ct..(..W.n.%;:.w.z...^0o...X...g....~...T..&".- ...2h).B.8.;.%..h..w...dW..^..[..B.........(..{

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\custicon.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 4 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):18854
      Entropy (8bit):5.981005610402318
      Encrypted:false
      SSDEEP:
      MD5:AD01671EFDB909885DBA41FE0000E7A8
      SHA1:A47F789BF4C819B5DEDC91CB6F78B590DC7C3388
      SHA-256:F878250FBD9B41935A1F53CC475BAFCF8074F45DE528EBDEAFB424C5F491A1A5
      SHA-512:B6501BCF12B38677D4B418AE06221AB5A1CE0658A1F108F7E783C88C66E07D03811E74BF1C7C696E03D6A4B691B4AFE370255B2F2D0CB57AB1D61B7339CED072
      Malicious:false
      Reputation:low
      Preview:......00..........F...00.... ..%...... .... ......4........ .h...>E..(...0...`...................................gk..hl..lq..pt..pv..ty..`h..hr..nw..ny..u|..x~..s{..x~..SW#.W[+.]c#.fl!.bi+.ns%.nx..sz".sy(.lt3.rx9.zxH.hiZ.z|g.vvh.xxm.{...{...{...}...w.".}.".}. .y.(.v.7.~.5.}.;...:.x.E.}.Q...........................$...,...*...*... ...#...-...+...,...&...3...6...:...;...7...7...4...8...(...(...&...6...-...9...9...9...A...B...J...T...U...T...B...C...L...R...Z...G...L...E...M...W...Q...U...U...Y...Z...Z...`...m...m...h...b...l...m...p...x...~...p...d...e...h...i...t...r...v...{...s...q...s...v...~...z...K...U...S...[...X...d...b...c...m...k...w...]...n...g...s...{...{...{.....++..;;..BB..TT..cc..qq..vv..yy.....................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\custicon.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):4366
      Entropy (8bit):7.942922748523967
      Encrypted:false
      SSDEEP:
      MD5:312C3229EF23C99A7AD64866CC67036E
      SHA1:CA10606BCF8D3E7E8A36F4BECA28A74750F7F252
      SHA-256:2C5A136E00407013EFE5DE5AB27F80A55014D77B31F6E2F86B009106A4D0829A
      SHA-512:768FC4428E8690F2A1B092AB886D1510EAFE01D806911059238ABE44108E8DAF5CA192FF2485DAECCDDCA8F812885BA04CC457348D20B51B2E4C2148F1ACD0D7
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.Z..U.......^....tS......2.g.....MR.81...Q.!.3.I.R.%V...!...1...j,-.r.E.Q..i.i...<._..........y.Qz..}.s......s[.o..............5a4..xUU....!.ke.{.....H:.....k..i..e....5N...cN...V.?...{...;K..P....T...{GkM..;.i.d...%.T...C.P........v..o..}g.eYD<x...........-K...qe.w...k..l..Ue..~w.<....Z...L.%....i.#U,..q.J...B......!(..]U............-..O.f6..P..3.......L6......;AmG.R7.,.2....2....f..u%..K2O..x...J....{.g(../i..Z6..7.,h...|[Q.c<!3.......n.g.......5.I').0....n.*.@3.(.P..O.......)>...Z:..y.g...xR..T.@G....>r...h.$.k...U.rA.l)F).......H.z).......v.....w....V!P-.*......a9._...... .M.......*.eYx.{..J.{.k....X.-.tS...C........w.)..Q.....|...O......rJ..I.B......9;..$j}..QH.@...q..W.....9.&.<..0..3~.y.........~..W.C..\K.,^....?^_.W.,...BXcd..n.N...#...n.H.e..2.XPI.".p.p69.q.....IEH...*.a.V.|..g.*..z<.. et.,'_,'wnZ.F.KY7..\s..L.^}.T<{..o.I.o}..k...$.....lE...86.....[.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\custiconlarge.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 55 x 55, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):5368
      Entropy (8bit):7.9479964834144115
      Encrypted:false
      SSDEEP:
      MD5:B1436BE980085FA10A1385ADBAF7BA87
      SHA1:4A46F9CBF5206C757EC7971CDF11B8F060EE9031
      SHA-256:85B02FC00A6EF7B15DFCF459955D5AD3EDB5D0D8ED74D2DEDF3F0CD11E6FAE4C
      SHA-512:1D3295A3547AF4949E598A3ECE58CC6B17F6C822C595282EF5D08B0D4750D89F9363E4FF7D12C6F555FD87EA40084ECF09DEC7CC31E2450F07B6BF4A521643AF
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...7...7........F....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.Z.........^.ih.iQQ0(...8HP...$.$N.gtb.P.1c<G33Qp\H....1.C4..8:GAqC.....n....~{...._.^.t..)....._......~....n.J.m.......t5Z.s.h...y.....P.S....Yi.....N}...G....../..l...[.......q...^...+;.V.(...Sea..x=...$........0..|..dc_.5E...[...y..[.uO....#.{.w....|.~...)..[.e.W...[Z......"X@.:......D.. .<.B.] .l.,..tJ4.B...@`.....*.VUZ..+._z.......~}.x..zf\`......:q/.(....C.6...+.@R.%I"M...qO*E). ......%.9.I;..-k[.H....-.O.e...-.d..2\H.O.....<.......s..c.8..J..^ ..r.S..or.......6...GS)...x......j`.&.,.2..!...I.3.X.T....P!>.Z.<..........^..hOW'....|....8..YUo.|.]c.[:=&0..u.]K..N....z>Q.w,.......K......TUU."..nE..k..c4Yq...1......}....eCW....[\.l....M.v.Yx......~.h....e........ ......=ejk.w....g.J..d..'..t+..d.........Y.z4.H6..7.K.K....\...4..0A|.....'_..Sh.w...%..j.W.<..R....|..:z...3....]]...LxC..[.z5&"...|..PH...$..H.d....b..Z.P.7..A...ZC./.1@vu......+.)..p.._.m*....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\insticon.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):13430
      Entropy (8bit):5.355280564863048
      Encrypted:false
      SSDEEP:
      MD5:CA3157BFE3CA87F93FA28A2770A31065
      SHA1:D4DABE5945A1B378C3DBB8A19D6781AB0152EAAD
      SHA-256:6EB09814AD8C1F41EA70ED9F924171199A433574930A7D56E04DEA9F6A46D780
      SHA-512:DC75752BB6718BBAD307E7506496F2D11036EAE71C89FAF6961BE459452584CDDADB40C8AFEC9A0DA31E67AFA394CD6D997A9066CBB9E77476BE2402DA43244D
      Malicious:false
      Reputation:low
      Preview:......00..........&...00.... ..%......(...0...`...................................gk..hl..lq..pt..pv..ty..`h..hr..nw..ny..u|..x~..s{..x~..SW#.W[+.]c#.fl!.bi+.ns%.nx..sz".sy(.lt3.rx9.zxH.hiZ.z|g.vvh.xxm.{...{...{...}...w.".}.".}. .y.(.v.7.~.5.}.;...:.x.E.}.Q.......................................$...,...*...*... ...#...-...)...,...!...)...1...6...:...;...7...7...3...:...(...$...'...,.../...)...&...4...3...3...9...;...<...-...7...:...9...9...A...B...J...P...V...S...Z...U...T...E...R...Z...H...E...M...W...Q...U...U...Y...Z...`...m...m...h...b...l...m...p...x...~...p...d...e...h...i...t...r...v...{...s...q...s...v...~...z...K...U...S...[...X...f...w...]...n...g...w...z...{..............................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\insticon.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):3912
      Entropy (8bit):7.937843639685973
      Encrypted:false
      SSDEEP:
      MD5:8F634EAE088C2A020821EB26ACE8623E
      SHA1:007EBF1088C55F0748C59A45C7AF3CE8336A51CA
      SHA-256:FBA9DD1424AA78D9DC37BA0DB6535E0A4017342346B524F3EA03FF1121CFC6FF
      SHA-512:928649063554D1E893CD4A2D44E1E5AA1530C314A7CA2E49FE7F2484FAC92854B1EA3347223E1DF1333B537FCC4186C5D2E080DEA4E183FC51937EF9CFCA29E3
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.Z.l]W...z.a.g;~vb....'i..ZhhS.....B.Q....U."@,......-..)Q.J..U...#i.J.j..N.'./^.o.....^...v....w.9....ke..t.C.I.Q7.ylD..v...}...u..T[[..x......'..._.....O.7o...J..;..n.H.$...o.%..Y..niaaO...9.C....~hh..Q4...#C........<.#..c.....0..y/....6]I.R..T......9@.^.....!..q..!(.[....F+..|...._.E:|.......d,.....B....L...r.(..*...#..7....H.H.+xG~....d.6]...v....z..h..,...O.0.mk.t1OI.Q'k....]..r...9...\....\.{....^.(,..s5....j....(...C...=...P.....@N ...AS<N...dCs...Bk.y..4h..q...UU...;....V..... ...k............G....PO..T+..H.@..T.s....A.PH.:?.7......9..-l.b...w8pU...{.%.u..[._..E...*".*..w..q..l.FI.K....J..k.<?.=7..x<n.h.J.E^./^.;..!..nY4.R.7`-..4.....?C..E.....f-..".....?yW...7L.#~.v...~..............Yh.l.%p....B..c......K,...P...Z.!D.0..2.}.U......N....j.P...t.C@q......g.c1R.Ud&7.....W],.R.`...:.}N...G...K.@|....,$g#....[..9..P...Zcq....y_.A..5...bFH2.@.....~..o..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\insticonlarge.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 55 x 55, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):4713
      Entropy (8bit):7.946543721429904
      Encrypted:false
      SSDEEP:
      MD5:6E89EBAFAA59DAC3B472EE2091BD4757
      SHA1:60FDC5BDD08F45BC7E2EA5545F13998C49DE4213
      SHA-256:7DE94FC5CFE4511BEEC1286C751635D339A39EDAD816D8067A051B599CCE09C4
      SHA-512:4FC4DBEC235E0D481FB20E493FC9ABEB0A60476F1E6748327842FF94B82516C2E876CD8FB01BFC5465E0E86192E280F775F795F7B3D85734957BB9EB4EDED956
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...7...7........F....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.Z.p\.u>..w..]...-.,..y:....q.......%.0...!S.tB;.t.I..LK.@...fH:.!4$qH.l.q. ..OY.%[.{%..y......$..%E....w..........4.K....9....X.F.E.B..xgY<...D.n...=.....x...}..o........ay]u$B..J..C...?...~.,..d8<..v.R.9.r.vw=........nq.....o.X"B...Fj.U....k..`6s.I.....B.D.E..c.j....a.X..|.<]..x"{.=...6~`.B.3.O)....<B.'..B3d...e..n;..Q.q.#...>........*...g..Fp......G...|...D..5...W...a......X.p..W'.M.z....$B.I1X..........]LX...q;..4y..64..E.4..{.V>.}.....Ctfx...i:2.OG.............^..=.. ...x..[...l..d<....i.; .7...`.4.......ck.>..8..5.P6tsm..a.kT*..Z{......N>.W..G....._.F...W.y.......D..n.,>.|.!....x..U........,,._...B........2z....u.Z.|.....>...>.f.0.....a.6&..2.c.....l...........(H.-...i2.p..>.1....z..y.'.2..b...}..ewbraW..y.:.jXu]YM.p..dA..z.@b1.].o...<D.F........[...y.-.8].....E<l<MY.'.2.r:...H.......%.......j....wK..d...%...N^...P......O,.L...Wcb....X.....?r-M.\.0.5.N.<

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\remove.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):17710
      Entropy (8bit):3.477281314729237
      Encrypted:false
      SSDEEP:
      MD5:F39938F40CE3BD5CF79F3C155C11F775
      SHA1:A45806221E3D23ABE8D77713240CA0C74D7F0F5C
      SHA-256:DE53FD967F039D2CAF4D21D149B607EC7015884A870A877C5039A0F1888D97EE
      SHA-512:7A7AE8CFE22534C740E024AFCA74F5BF77AB6B117010240A0D7458CF750E0B1987F031B7BB5378E46A5920ABC49E58BB4A5DAB2784C95F3409EFDAA16BF8F95E
      Malicious:false
      Reputation:low
      Preview:......00..........6...00.... ..%...... .... ......4..(...0...`...................................+6x..8|.19r.19w.09x.?D`.HJ\.MO].UV\.\\].EHb.KMa.AFi.INo.NQ`.QSg.SUe.VXb.Z[c.KPv.OUx.bbb.eee.iii.iil.nnn.rrr.vvv.yyy.}}}..+...'...*...%..(5..3>.......................!...#...&...2...$... ...$...#... ...#...&...*...+...%...-...0..%6..+:..):..#6..->..!5..&;..6F..@I..CM..JS..NX..GR..EQ..HR..LW..xz..ah..jq..pv..CO..FR..HU..N[..Q\..ET..Q_..[g..`h..dm..`j..nv..w}..x~............... ...!...#...%...+...)...+...-.........../...0...2...5..#9..)=.. 6..!8..%;..'<..(>..-B..7I..5J../D..1F..3H..5J..8M..=Q..N]..AS..DW..HX..BV..@T..DW..FY..GZ..J]..Td..Vf.._m..Zj..^m..N`..Yg..Zi..\l..Pb..Rd..Se..Tf..Vh..Xj..[m..]n..^p..bp..oz..ix..du..ar.._q..ar..ct..du..iy..m}..}...}...x.......r...u.......t...{...r...t...}...z.........................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\remove.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2877
      Entropy (8bit):7.911332953897552
      Encrypted:false
      SSDEEP:
      MD5:0534A52D5AFFCEB00C993AF760DD6E9B
      SHA1:09321043FFDE72A6EC10953BEBF42F21C71851DD
      SHA-256:A610E5829F05B7AA45AAB5A3BC718BB5FAD6C856DD980B3C18175CF8616DF371
      SHA-512:3FC993546F74BACE6E6C88376309DA06A0A1572E5D2A5690C133FCDC4CEDAD439E15CEE90AA175AF1A01226EDFFA69D2CD00761B87829146105E08171901FDC1
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Y.pT....c.n6.......v..j...m.u.....QA.e.....j..b..h._mG..:...-.H.%........l.f..........l..<..3g.{.>.w..|..g)M...yQ_w......8........Lr.(.J......?K....R.;..1{..O.:.&_k..W,......;.,..|/"J.{.:+..h].h.K.obt...G../...Vl....`.hG.e..N/.......b..?^....8............!U......(.b..;..;V...../....@....V34.88oK..dY|.X........r'.j...P..<..dl.7].w^Er8.b.^../ U.!.hB.k......=+..=...Gj7....W.:..s...^U..1g ..>.v....H.p.\.$.0.....A...D}.'..~}.h.E.).qy..XbW.%.....y.......x.S..s...P.{..{.a.rOM]UC.).S.v..(..0...6<5....{..Q..t..-(v....-P..8d....P0....%Ug...i..P..QFR..Y...d.!.;....&..jj..t.n. Q....~G....7M.}..&.,?...*...n...i..M#&......_.....x.p-V*.`(.Jw=P.#...S%=..H..y..'-N.....]....05.M.g..w...7o......S.........Re...|..W.Ao&..\gh.U....@.:...d...`..n....sg..T.XG1."..7g.f..R..fP....L0...99.TlGmf[.3..V...m..)...m....uE....O9.....5.;}....................gks.....D.6...(.,(i~..].........4n..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\removelarge.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 55 x 55, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):3771
      Entropy (8bit):7.9373421931379555
      Encrypted:false
      SSDEEP:
      MD5:B8F31EE6A6215F95914ADF0172654345
      SHA1:E4FA76F104B0D560257586E97FEECD6BC66F0574
      SHA-256:CCABD9E54A23990DF30648FCB4E6E441C2DA64EF629B2E6EF5B9676CBB04F72F
      SHA-512:053607D6CEBED5B31F9035A1F5D1BD00DB08DC3E120E1CD38CCA56C3754EFDD579D3F70B25DBACC90D46418221B644F15CC04D0981180A03E1F2F84EFAEE0BDD
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...7...7........F....tEXtSoftware.Adobe ImageReadyq.e<...]IDATx..ZypTe...9g&3.CH...,.xRZ.Q.....".......Vi...A..(e=WQV.Uxr..$$.....!.$!....].............7o.............E...=.9.../~..]..]...$E....T..6.?...pJ.ok....d..../....&p.TM#.....?..^..../..YE...a...(.H..6r..]Y..5....6..T.5 ..K...y.F..._w.w...S.....68..2}s..(...;..b./..4U!."...Da..xk........:.|..`.2.c.Gy......OKF.....:..a%..u....'..v...d......D....$.,....g2..'...x.#.....ou..P.Psy.].1.....B..ZNA......G..`.....`j/p._. vW.=&.|$.PO|u5D.h..cX.p.#...".%H.~........h.kI..~...........D....a...u....tH.V...L....8E.......c..Z.8A.....P7b...d..-....I..~`...G.vVaH...M..9.l.'.z..'...v.K{....DM..........Z}.....MQH...t9...m........Gx.......0...v.....|..:....o..q..."..R....H.......Bp.`u.0....u..;...%.O.47R...._..Arw...........Up*..U..a@J......._..2.hm....^.tO...l.......2..8.7..spC.X3.L..na.....M.$1...C..#B...!L.M..g.~...]......j*.. ./..-x.%....v..V....r.._..3.f..L.c....d.....,.,}...s.Y...A.:..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\repair.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):17710
      Entropy (8bit):6.1012073128307485
      Encrypted:false
      SSDEEP:
      MD5:1DAA9E0524BF5AB7F4AA1EB8EED7E51B
      SHA1:7DF77363E83F7CE34167DED205BDE0E966C7CAD8
      SHA-256:2E2A4DEBA9877FEC0CF834B71FD500F27CF9A07CBBC2FE1DB47B500D44BCCE39
      SHA-512:591F1AFD42F13B99BB8B500DFBF31503E901C8836018D4ED7A40C071C163688BAE65489E88F4A0D51B3AD9C7BBCC96ED8C6E12D7A4880B164AAB5D73A89505C8
      Malicious:false
      Reputation:low
      Preview:......00..........6...00.... ..%...... .... ......4..(...0...`...................................gk..hl..lq..pt..pv..ty..`h..lv..u|..x~..s{..x~..SW#.W[+.]c#.fl!.bi+.ns%.nx..sz".sy(.lt3.rx9.OOO.SSQ.]]R.]]].zxH.fgR.aa].hiZ.vxR.bba.kkb.mml.z|g.vvh.xxm.uus.}}|..~z.{...{...z.#.v.7.~.5.}.;...:.x.E.}.Q...................(...&...&...1...6...;...;...6...4...(...(...&...6...-...9...9...9...A...B...J...P...V...T...S...Z...U...T...E...R...Z...H...E...M...U...Q...Y..._...Q...U...U...Y...Z...`...m...m...g...b...l...m...p...p...z...~...z...d...~...e...h...i...t...r...v...}...{...s...q...s...v...~...y...K...U...S...[...X...e...w...]...b...g...w...t...u...}...{...}...~...{...............................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\repair.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):4616
      Entropy (8bit):7.945216421007493
      Encrypted:false
      SSDEEP:
      MD5:ACDF26B8AEEDE0CD8879AEDC82A8F7BE
      SHA1:6F87277BDE6A2AD04E819452515820DF1245E443
      SHA-256:50A6EA3E1042B1B2812B8B06E6653772FC339E3AB62DBC985C39A0B0A3D3ED04
      SHA-512:90CE9F2952B18EDCB8F9CF80D2433558221E123DC69CB84026A36F4B4D43E0B09A4B77292B0BA8536E2945A60E9760F77279D2C59BCF0A69CDA1C0F4ED7120A3
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.Zy.].y...y..Y<.x.{.....N.@..Ch(..4i.:*i.".6)MSAD..?R@("...S.$R.,.P.2m...6....36f..o...w..w.}..x....:>w9....}.o9.o.>.....H.\xlD.....V....~eKkk..\.~..|x..z}4.}...../.}....b.-.....|....K[.V.E....ij....9.#.m..TJJ.....i.........X0.Ww........?{.......n(....^%[[..=.5M...?...rY...oB....Q"BP.[^....J.....G....h.K.>*...9..u]..M..04L.I.u.....!j..O.j.D.V....Q..1.+U,K.tt...........a...`..fMH.6.h6-..Q.5.A..S....cHcMD..D..AP.}...j...R...[..y.X.wG...8v..O.<.6.N.X.../..u......b1i.....#.....Z..)...>.....+.....a.A+.....E...........c....w..._..}...4C.C4.d@@.=.L-. ....3....A..{<.8.`....b5x......J.a.."....K...jJ.]..E..G..".1A)....j...s.{6...=..HLrVE\._\.w....=`.v.(..4...).<v8!..MR.a.J.\....g........[8b....?Y...).=.G....`i....5fRh],%.O.. ha@.Q......6.@.#.6k.B..B2.....X........y~..Z ..@.^.4!........bLc4*z..... |...j*.....t..._.j........... v..P...hT.|A...&4N.P.B^ ..1....q_.@.....{.@PE.S.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\aquamarine\default\repairlarge.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 55 x 55, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):5645
      Entropy (8bit):7.951233574493528
      Encrypted:false
      SSDEEP:
      MD5:C4DB3DAF842415E47FAB4111477FB373
      SHA1:EE24146B19DA83F3ED66D9BEF6A989B03DD694AA
      SHA-256:D65ECFE80ED27B73012AC22F50EC6534F2ECB0D043B798BE35BB5CA5BC0F7749
      SHA-512:D594D4DF3759F335A7478574721F8C7DE1AF4BB2A834521B6E8EDF5B1F1A433639CE5CBA99B58A2BEB760D34DB9C188FF10214E1D7A21EAEB48C1848A62F0DE2
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...7...7........F....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.Z.p..y..z...-.%cY..X.1........4Mh.!e2...).[p;d2...LJ..#.t..(.N.P(w[|..%.c.dI.,Y.{zz........$...k............={h...W..t....S.Ub.O...h.9.....W=...............+V..K.H.?.Z][WY..S}q..y=3.8..y.3....S..wA..D.;..?..y.?;|.....K.....Z...~r.J......a....d.P%.Be..L.G.e...A....y.8..P4.&S..4.N.M.n..u....T...y......Z*..1aI.HSd..=.JQJ..$....Q...3i....,.....a..v"F.i...L.d\S.......UE.w....j..z...W..7...o.M.&..T.BCE^/).B2.....z.....pL..y......jB..M..~l.&.....cc441AG.............s.5.....$..<TD..k..K......TUUb.d.*.j.....1d..'..X+..p^....PVtcE%.a.K......C....Q........,pr..!nE.....0Q. @.!u.G......m.k..|...Q.,@#.s....}T..j.tq..M..Sw..]VQy.../...PH..0$..H<d....b..ZrA(...cPbm..p.... .:...tX.4I......F%...-?.......Xs<A..6..\..0A.......;Z..8[sB ..=.....,.....1...Sgp.....i....}.........+Sr4.....8......$.I.0a...m..|....{....5!@.`.........K'.A......)4iO.mScba..`_...eOi...q/I.MSQl."O.qt,...q

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\brown\default\FolderLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):15086
      Entropy (8bit):5.2031710239571565
      Encrypted:false
      SSDEEP:
      MD5:4E95F8DC165B3FE062C650359017DEEA
      SHA1:7EAB22F180DD6564DCDE298E36B07018D24CE1C1
      SHA-256:AA8432BA99A30E2C0151F5604129623FD7BD04518B9070FE7216E5465B793A08
      SHA-512:AEB4586DBE3BB1E3AF80878F2BDBCF864822455835DABFA65685A999495296D50B7268935089E9E35532BA383C3827CEAD09CE061B02D7A6AC5DFA1A38571842
      Malicious:false
      Reputation:low
      Preview:......00......h...6...00..............00.... ..%..F...(...0...`.............................................................................................................................x.......................x......................yx......................wx.....w.....w..........wx...w.......w..........wx.wx.......ww..........wxwwx...................wxwwwx..................wxwwww..................wxqwwwwx................wx..wwwwx...............wx..wwwwww.............wwx..wwwwwwx............wwx..wwwwwww............wwx...wwwwwwx...........wwx...wwwwwww.p.........wwx...wwwwwww.p.........wwwq...wwwwww.p.........wwwx...wwwwwwx..........wwwx...wwwwwxp..........wwwx...wwwwwwp..........wwwx...wwwwwwp..........www....wwwwwwp..........x......wwwwwwp.................wwwww.p.................wwwww.p.................wwwwx.p.................wwwwx.p.................wwww..p.................wwww..p.................wwwx..p.................wwwx..p.................www...p.................www...p........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\brown\default\FolderLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):3869
      Entropy (8bit):7.90797986728068
      Encrypted:false
      SSDEEP:
      MD5:768370ED4F453F50AEC3697D08529229
      SHA1:B7B87E9B3ED5EE333C549F91455754B6B8D1A894
      SHA-256:7C70F0F32845E2EE6FD489BC21E8D278EE4B4BE0837EB2C4678E8D78B6F7FA21
      SHA-512:6925E1881CAE2C8DFA67FD1200F64EC5F57022C9554DA4ADB97341FEAB959D4F32D3E389F60F056723E02748C7265CFB555D9F16A55CC16D7E4E0900C6C1E0D1
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......IDATx...pU....].}K^.G"{QlD!...C..V..N....L.8.v...N...HQvE$.H...b.DE.m.).C...e#......[........P.G.;..}....w...|_$.v....|.uK..7.h..i...5zU......u,\ZZS]]..M.?........r...$......5...D>M%...W.1...~Y.0<aUV;e.^+.rX...}..k.....|.x..F.$I.....j...|.d%.$...c.k.V.U^N.I&(A..x5.|.!.......C.sN../...._.a...F..[....M'e.g.....kV....y.8........FI..H..n|.U.2.__E: .......C.. .k....yxC!.s.H..eE...F.q=.#....X,j.cM..n[.].>...n.....`dA.$)....$.X......v.....Jj....)(`x<.......g..../....I.U.utP.....3.\.l.dG.Q......vw.9{.5k..P$..6M.......^.@|$.-.............|...x..d@...N%..$I...D.....p..".Azz..........\.. .R.;6..qJ$K.....:.@.Zkj.{.N^W.......^.....7v.0:...}}$}J.....-.;w....x~......A@...Jv.a<$....e....8.`..&4{.C..`.F\}5)P...........x.......){.#.VY#....m9..<,.8.A....o....>.|.0.B,....s~.%..5...Q......!.c1.,..~...Zi..........g."~.F.........L....*..{0'@..P.0.''H..."..d.".N......xf.B.4f.p....AI..^...Q........p.D"......#<....y......B

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\brown\default\OptionsLogo.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):13430
      Entropy (8bit):5.2865042464840135
      Encrypted:false
      SSDEEP:
      MD5:408B48D149D53BDB5BB2581B2E6B4833
      SHA1:37473D8B740CD49591370A79C058B327CCD0242D
      SHA-256:C5A4BBB38B2935E18070FCE83BD55C3F202F6C0A9E756ACA95246B75DD3B7D8A
      SHA-512:74E79701C9E1766FF128A69036C6DC36DD9E6B1F73130C16E3075D3943782C2B72C7E5A7B0C0D8FA85D09F55AE2DA8982F196C56E2C859F92B064DA7DBD20186
      Malicious:false
      Reputation:low
      Preview:......00..........&...00.... ..%......(...0...`...................................KKK.U[].[[[.Xry.lll.rrr.vvv.zzz.}}}.[~..+.......?...5...7...=...Y...Z...W...S...[...b...p...z...h...b...c...e...a...E...b...?...D...E...J...K...L...Q...V...[...Z...c...o...o...b...e...h...j...r...w...v....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\brown\default\OptionsLogo.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):3708
      Entropy (8bit):7.930744709866819
      Encrypted:false
      SSDEEP:
      MD5:F02FDCE2F62A321C8BEE956FE4526190
      SHA1:0ABA7BC0CC093581A7FAF5189D6C63587A9B0357
      SHA-256:7346D91CD27C47EE3D30326A77A302E0B64A342C97F443EA6A6BF02B9F9823A4
      SHA-512:C3CE9F55554FE6DE1E6057D47C277014484E39A570E6F7994ABE00BB3D1D818DE8EC5CDA3C45BA2542E5F107B54E9A247C251577F8DE33778B303FF92BA01829
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W......CIDATx.Y.PT.....7......... ....b0Z2.SS'jl..t.m.I.I.v2I..t2.'..d2..$M..j.....+.. ./.y..}.......,."..3.....}....Y...}......b...=A...c.,..........{..7.."..c.V,..j5jPjT .IA*..X*./.........uC...,]..;..{[...dL?;.....q...Z0.c@........t.........6hkj.....@..C'....a...5;y|..............t....VS.4.5........C#.........6..\.%..*......H....;....Y.....p...q.H..'# ...:.jC....d...#...A...|...I....8...Z..Ks;.?q.\..R$......qq1..&...X....<..._..M.7..D.{}...Z..z..G...............A.|4a\...$.........!......l_.....!Z.>..sd....|...8...Hb.. .wc.Q.LE.!..7..7....y(.`-...I..^.b...?@..G..v.;..jk%.......,R..>+/.$b.p.P..#.l:.....}..'}..G.'...9A...C...p...H...K`....r.^.6.=..T....'T....}.F..._:..T....G.!..8...-...G...<.I.......!J.I..tf6..3......L$.A...78.n.i..U+... ..{..."....e..~......L.........h.. ...w.$\..Wh.......Un..`.{...y#........I.......s..0..'.........:.->.F!D..h.j0`.....lBM'dyA.b.Bw..v.?...x.^......$6:*`......D....PQY.j........1.1..D..1

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\client.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 6 icons, 48x48, 16 colors, 4 bits/pixel, 32x32, 16 colors, 4 bits/pixel
      Category:dropped
      Size (bytes):22358
      Entropy (8bit):5.559459069433945
      Encrypted:false
      SSDEEP:
      MD5:4FCF0B75B4AD98584F381FE0CB75083A
      SHA1:F041E905D435B09585D2737AFE91D76A34372D7A
      SHA-256:9D3DA8BCB9F287E8619AF950B0219B8477E17946B854A047CBE6219D03DD104A
      SHA-512:1886AB32B4BCF326881918F2241A298CA56EC6341F559BAB091375172E7CE716D610E7FAFC8384694227B4ADE5955C6431E9AFCD7ABE0004DF152CF24FDF29FB
      Malicious:false
      Reputation:low
      Preview:......00......h...f... ..............00.............. ..........^...00.... ..%...!.. .... ......F..(...0...`....................................................................................................................................................wwwwwwwwwwwwwwq........wwwwwwwwwwwwwwwwp.............wwwwp...................wx.wp...................w..wp...................w..wp...................w..wp...................w..wp...................w..wp...................wx.ww.........p.......................pffffffffffffffffffffff.pffffffffffffffffffffff.pffffffffffffffffffffff.pffffffffffffffffffffff.pffffffffffffffffffffff.pffffffffffffffffffffff.pffffffffffffffffffffff.pffffffffffffffffffffff.pffffffffffffffffffffff.pxvffffffffffffffffffff.px..fffffffffffffffffff.px...vfffffffffffffffff.pw.....ffffffffffffffff.pgw.....fffffffffffffff.pgwx.....ffffffffffffff.pgwwx.....vffffffffffff.pgwwwx.....vfffffffffff.pgwwww......vffffffffff.pgwwwww......ffffffffff.pgwwwwww......fffffffff.pf

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\client.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):1353
      Entropy (8bit):7.814970259904566
      Encrypted:false
      SSDEEP:
      MD5:0B032D476A15E3AD6B7C2AF32DF30AC3
      SHA1:516548A73154E5D7CE00D1675F6189DCB387349C
      SHA-256:70D37345D5BD33B4CA94967AC61C076483EB08B5B04F5E47DD5D5D27DA723DF7
      SHA-512:1F9076CAA6AE7F94D5B3E7254897B9A5F975EC7B035CE54C838D8C609146FB44F942D3E46BE669EB439CB08FD9985B1A5AAABAB7AC40ED8C907101F80EDF5FBA
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Z.n.D.>..j..HM...H.7o...z.....nA....pG.....I%..JU.MP..J.M..w7...yms.k.......TK....w.|....q.8....".|{....X.+.&.y9&.....g.....w........`e...../..Y..m.{....Q`..........+*m*...~.jo..,.7q....7...g9..A...>9...2..C..=.k:....N.vq.s..Z ..P.....glx..tPFci..u....z..G.t. "..A......o..8....%..X0.6...9<...t.d6N5.:V. ..%B...,h'.:...G-.....K..%...B.....$>E\..D.cZ..oj.C)3....(.`I.t...s.{.p|..1.>h.q.........(.....t........'.....oP......K..w.v7..h..6.^.x..N..) U.K.o....y.(<.m.~J..A`..........Kd..U.b....m......N...z>...P.GI.1,u.o.....S...%.u..u;.0....p"....o...>.H....O..i.U..b./@.~..x...E.]/ I.f..H....t....}f.}t..=.F..."R.29E.PH.....y..t.@o.'P..,b..x...w.3Q....l.Q.f.@..p..D..s...Q...=.}..8n/.oY.GO..QYC^7^..f../B..."f5.D.J.'..h.8O..`.4*@.z....H,.K.7B.Cx.......(.....8.D.s...A{...O.......Y....3.....Z.$.t....12.>x..N.M.M.K..E..7s.....:....._-.&....BA.....s.......|O..".}...=.A...D..s

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\client_server.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 8 icons, 48x48, 16 colors, 4 bits/pixel, 32x32, 16 colors, 4 bits/pixel
      Category:dropped
      Size (bytes):24902
      Entropy (8bit):5.527425983100196
      Encrypted:false
      SSDEEP:
      MD5:581827EB611DB27AC3553FA70B7766E7
      SHA1:BE3135D059EAAE8D1C0E67AB0465FCE6B393E62B
      SHA-256:C552DD3C07FAC7D1BE5C5483C0679B030AF4FBF9D2EE9AC201CBD5AA16CC6EE9
      SHA-512:C9CCDE28E538C666D8916332FD52A22977819E97BB5500BC4B4DB850FDBF8BE4A12ACB97FC740A017AC1B8A9473B0B7DF526A8AD14F2C83ED2F28ADD8FB5637F
      Malicious:false
      Reputation:low
      Preview:......00......h....... ..............00.............. ..........~...........h...&!..00.... ..%...&.. .... .....6L........ .h....\..(...0...`...............................................................................................wwwwp....wwwwp..........wwwwwwwwwwwwwp..........ww..........wp......................p.............w..wwww.p.p.............w..wwww.p.p.............wwp.....p.p.............wwp.....p.p.............wwwwwpw.p.wwwwwwwwww....xwwwwpw.p.p..wwx........xwwwwpw.p.p..w.x........xwwwwww.w.p..t.x........xwwwwwwwv.p...gx........xwwxwwxw.wG.p..x........xwwxw.xw.......w.......@xwwxwwwx.......DDDDDD..pxwwxwwww.......ffffff`.pwwwwwwwwG......ffffff`.................ffffff`.wwwwwwwwwp......ffffff`.wwwwwwwwww......ffffff`.wxwwwwwwwp......ffffff`.wxp.............ffffff`.wx..............ffffff`.wxwwwwww........ffffff`.wxwwwwwwv......fffffff`.wxwwwwwwwwww..vfffffff`.wxp.......ww...vffffff`.wxp......www....ffffff`.wxwwwwwwwwwww....fffff`.wxwwwwwwwwwwwx....ffff`.wxx.wwwwwwwwwwx..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\client_server.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2584
      Entropy (8bit):7.905292564018653
      Encrypted:false
      SSDEEP:
      MD5:60599D91309C3B10CD32466B4ADB6ED5
      SHA1:8AE7FCFEC7A98A8EA8539AAB7D7F998089D1812A
      SHA-256:73AB28B0A5645771DE997A98ADE3035C8A89F71C6A423151CF340C1107EB30C5
      SHA-512:15CCA1EFAD369819F1F23D06DA1A6D9A6170E3B476FADD033F1122138FDD5393A8D456FF154B442C08952D6CC54B13369CCD42ED71AE2272D793035C312A21F3
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Zkl...>3.k{..a...LCS.5Mb...VI.#.#.$m*...QA..._....U*U.$U%......"*.B.IZ... .......o{...^.......;{gvfm.v.t.3.3..;.;..s..Dkkk3.....!.....m%%%TVVF.MMFdrr...^....4.<..B...g/..b.......R."...H..k...y...4.....tK.xzz....h&..L.(\q..d..>......../..Hn..:.../Zq.j.c....Q....5.y.df....i.W.S....O..6...,....)$R_[K.[..s\.H&.N. q....IJ.k0.?.\]..fH......z..N$..7.o.V.......<..H......p........k.E....u..4..'........`..RY`..N..D...RF.............LP+.!3...p&..s2.e......M.g.F).e.{_._..+**..9....&.t........u+...r.._A......#.Hha.O(....k.Y........"...yo3.?.L.............6...E..]]]....9..7....q.Pq..*((...=.=&R..=.].[.E.......JG.8b.)...B.lR.g.'.LZ... `:^.`k!M...e/..;.D,R.....u.!EZ.s.X...Z`K.hz.ut...O...sg.Z.YN.abc$2`.....%.....}.3B}.Q"....-..K.^8..&.R.m.PF!......c.........=......Ff.....g.R..H...eN..|....~.t.......?I....d.an#.\.....y....i.....{... .[...Ht.I.y}!.<...m......\M...x.4.g..}..K....S.qs..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\exclamation.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 48x48, 8 bits/pixel, 48x48, 32 bits/pixel
      Category:dropped
      Size (bytes):13430
      Entropy (8bit):4.339511276304085
      Encrypted:false
      SSDEEP:
      MD5:93D722FA20A988A5C257A58BF155DC66
      SHA1:30C0D19F02CB39F8804DAFE6AF483A09C76E2338
      SHA-256:F587867EED0BEC33EF150F3A8525BDE9B6746C705543874E56653AA80EA53225
      SHA-512:BFB91739AE7432DD7D0A919F15B5B721E733675C3C2A4D5238C9955A6517DD4653042FA444F2D2627508908F6DA7DE0FBF22F37CF1A60476F59CBF254F62F736
      Malicious:false
      Reputation:low
      Preview:......00..........&...00.... ..%......(...0...`....................................-...<...I...L...P...S...S...T...G...@...K...V...W...Z...\...]..._...C..*^...`...`...f...a...f..&e.."f..*n..)v..3w..5v..2x..7|..8}..<}..B}..._...e...k...a...m...p...t...r...z......5...M{..............,...0...+... ...,...<...?...<...:.......................................;.......-...!...-...................................................#...#...*...6...5...;...'.../...#...(...,...(...,...:...;...6...1...:...A...@...K...J...L...B...A...S...D...K...V...\...R...M...M...K...M...e...`...`...k...d...m...s...z...Y...e...}.......z...J...G...J...B...E...V..._...]...U...[...Y...Q...L...G...F...B...M...J...P...[...R...\...P...Z...b...i...e...b...l...f...u...~...b...k...g...m...c...s...z...5...<...C...J...N...T...Z...U...X...]...g...c...m...c...h...z...s...z...t...}...i...r...u...t...~.....................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\info.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 6 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel
      Category:dropped
      Size (bytes):22486
      Entropy (8bit):5.511908704029649
      Encrypted:false
      SSDEEP:
      MD5:FD535E63F539EACB3F11D03B52B39A80
      SHA1:A7F8C942E5672F2972C82210A38CC8861435F643
      SHA-256:0086BC01150989F553A0A4AE0E14926C6E247CEDDA312E1F946AE35D575742AB
      SHA-512:716EAB95B5535D54359D12C9786F5A53F9560126D2C48EB1A94DB5BD383363B43EA686AC421080564B54450DA35AF9CE3E11CECD485AAF27C0CEAEE7836F4518
      Malicious:false
      Reputation:low
      Preview:......00..........f... ......................h.......00.... ..%...... .... ......B........ .h...nS..(...0...`....................................B...C...D...F!..H#..I#..J%..L&..N)..Q+..S-..U/..V5..W1..Y3..Y4..[5..\7..]7..]9.._:.._<..c?..`9..c=..d>..d=..`@..eC..fB..gD..hA..iF..kF..lG..kN..kI..lJ..oK..nL..jC..lE..oG..qO..pH..rN..rM..tO..uO..sK..uM..wO..pT..sP..vW..w]..tQ..wT..yV..xQ..zQ..{U..zT..|T..{Y..}Z..~Z..~X...\..}U..}d..[..^..^.._..W..Y..Y..[..]..\..]..]..].._..f..l..`..q..w..u..t..x..}..{...b..`..b..b..e..g..`..d..e..k..i..n..i..m..q..u..x.....z........................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\print.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 32x32, 32 bits/pixel
      Category:dropped
      Size (bytes):6518
      Entropy (8bit):5.116636834496781
      Encrypted:false
      SSDEEP:
      MD5:BDC280616F9670F41C57C16BF08E8387
      SHA1:48F574183BB500CD1808BAC20A25CFC82C05E482
      SHA-256:6E5C2E9E923569F943E9F8A86EE5023034B3DB1F6434118A0D95F429F90FFBE7
      SHA-512:EC3E5C0E6306773A3700889C2B19D6DD8EFF54F73C1BF3C7CF239807FA1B512DDE7E30D486FCD78130090125A21E2401EB0E8B7667C992863CF7FD52B11CA2C7
      Malicious:false
      Reputation:low
      Preview:...... ..........&... .... .........(... ...@...................................FEE.JJJ.MLL._UL.RQQ.ZZY.]]\.``_.uk^.}kZ.baa.mml.qhh.tkk.rnn.zoh.ypp.|tt.~~}..q^..ta..wd..zn..{h..~l.......p...t...y...}...}...{...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\server.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 6 icons, 48x48, 16 colors, 4 bits/pixel, 32x32, 16 colors, 4 bits/pixel
      Category:dropped
      Size (bytes):22358
      Entropy (8bit):4.105719040670869
      Encrypted:false
      SSDEEP:
      MD5:7B64A481B05CBB8F5928F82F11B5E143
      SHA1:193202FCE6837DCD5A3A520F460EE29E2E6A07B1
      SHA-256:559B39AB83F5A74B54B893AE54BB3605E5D82EA7ADA11D28A2C199E6FA7D760C
      SHA-512:72671C2A4125021D9451E054D5545B38FA37679DBC97113F802DDC383425DB400A4F68D8D3A1FD355A5B1998770C211322022F3DFCDAF0C5125770A18978FC50
      Malicious:false
      Reputation:low
      Preview:......00......h...f... ..............00.............. ..........^...00.... ..%...!.. .... ......F..(...0...`....................................................................................................wwww.....wwww...........wwwwwwwwwwwww...........wp..........w.............p.......................p..wwwp.................ppwwwwp.................ww......................ww....p.................wwwww.p..................wwww.p..................wwww.pw.................wwwwwpwp................wwwwwpwp................ww.wwwww................ww.wwwww................ww.wwwww................ww.wwwww...............wwwwwwwww..............p.......................wwwwwwwwwww.............wwwwwwwwwww.............w.wwwwwwwww.............w........ww.............w........ww.............w.wwwwwwwww.............w.wwwwwwwww.............w.wwwwwwwww.............w........ww.............w........ww.............w.wwwwwwwww.............w.wwwwwwwww.............w..wwwwwwww.............w...wwwwwww.........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\server.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):1632
      Entropy (8bit):7.821188279860668
      Encrypted:false
      SSDEEP:
      MD5:6AC10775BA1AFAA92725F3D4FB03B3C1
      SHA1:C1C1643564E9F6BE0CBEE0F4CED82DE78A7DAE7E
      SHA-256:9195B25266CD23D482B62A733DFEE43ABA9FB7ADB5070F4F8000E2417F89F6C3
      SHA-512:A9898CCE6BD9D2739EEDFC0C2E0DE35892E8F10CB843021F5630C5E5160F09721DCD17A0C978F8721211DD59DF22F80FC0EC24DA1CE33B0EBB625CDBF2B6D734
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...0...0.....W.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Z.O.G....7.7.9..Y.H..i(.AEM..bzJ$D....NA..+&E.Y4.l*..Md.9...w...k7....{.....i4.{w....{o.=.,qS3.C.SSSfsS...FE,.....F...$.......z.8v.<z....-.*...jggg......P..{x"pqq!. .577.......o.....wgG..q.2..;'..d.....d...,..!../....d...............L.<4l....r...g.Y...D?.b....K......GD.<....$.I. q.....k.R~....3 -.VW...[=C....-...J...(.I0..&..TJv...N..@....].}q~n_..v...`..%d...P..<.rN.s..]..+!m.......Duu.....;.....vww.L.c./..J.>G!.I..A...3...g.2..U.f.X[[.........>.....B9........v......LB..C...P.Ywtt..o.ha.2..eY..`.*]C..R@....brr.x.B.]~..^...N.".l.^.t..b!......s9.....]..X.TB...._.....x+0.)....p..h.m..JB.N.q...h/\...%K[7l..5!T...T..hee..C......'!.&....'O..C?.......$di.4..:`..~.v;+..9.i"p....e..P........X]].....=....z.9.PMl.2.e.,S.`.K.C>.HDD(Is..h.w/jjj....0......b..G.V....8.r.q!.54...8..SY;.B..G6....}+A`.%.y..,NY.b.{......H.s..8...)}p..e.}..upp.B..;%`....%..........Q.c....V....b

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\common-res\images\tabbackground.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 1 x 200 x 24, cbSize 854, bits offset 54
      Category:dropped
      Size (bytes):854
      Entropy (8bit):3.802531598764924
      Encrypted:false
      SSDEEP:
      MD5:4C3DDA35E23D44E273D82F7F4C38470A
      SHA1:B62BC59F3EED29D3509C7908DA72041BD9495178
      SHA-256:E728F79439E07DF1AFBCF03E8788FA0B8B08CF459DB31FC8568BC511BF799537
      SHA-512:AB27A59ECCDCAAB420B6E498F43FDFE857645E5DA8E88D3CFD0E12FE96B3BB8A5285515688C7EEC838BBE6C2A40EA7742A9763CF5438D740756905515D9B0CC5
      Malicious:false
      Reputation:low
      Preview:BMV.......6...(.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\fragments\UpgradeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4619
      Entropy (8bit):5.3409638267165125
      Encrypted:false
      SSDEEP:
      MD5:40A9E836B2E558075A5BEF8AD46C5349
      SHA1:13C14BF0E48B1E393895061651A93E4BD44B6536
      SHA-256:A857AA5B1785E8C56C52206771C59299361A78CCB8637AB663BD31D0DB0D386C
      SHA-512:6B868986CFED26B1BB6585713A9875661760BD87204C45C7A536541A0AE7354ABC2FAAA2325AD1DD95EDA1FE7CA3007A9FBDC5FCAD0747A7CE09C9A2784AB578
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_Upgrade_Question_Yes" ValueLocId="Property.AI_Upgrade_Question_Yes" Type="4"/>.. <ROW Property="AI_Upgrade_Question_No" ValueLocId="Property.AI_Upgrade_Question_No" Type="4"/>.. <ROW Property="AI_Upgrade_Replace_Question_Yes" ValueLocId="Property.AI_Upgrade_Replace_Question_Yes" Type="4"/>.. <ROW Property="AI_Upgrade_Replace_Question_No" ValueLocId="Property.AI_Upgrade_Replace_Question_No" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlConditionComponent">.. <ROW Dialog_="UpgradeDlg" Control_="Question" Action="Hide" Condition="AI_REPLACE_PRODUCTS"/>.. <ROW Dialog_="UpgradeDlg" Control_="QuestionReplace" Action="Hide" Condition="NOT AI_REPLACE_PRODUCTS"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="Upgr

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\fragments\VerifyRemoveDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3925
      Entropy (8bit):5.371050263363078
      Encrypted:false
      SSDEEP:
      MD5:64CD82EF63CCC7405D2739A1F34F349E
      SHA1:1D586A78CCE0BE7A231344D2DE9C5493729C7138
      SHA-256:E8D531DA204E5A729BF0DBF56A79F5B3E7AA6E362A00602AD459EE044969C0A0
      SHA-512:4B2B274D42D5A8BDAA5C2C82A18A0016E0A3778D3418DB06F1AC995CD506EFB1EFA6EEC684D32A4116BAC88D692CA972B845383A6AA4ABD4C261D6616EB224AE
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="VerifyRemoveDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Back" Type="PushButton" X="312" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Remove" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Remove]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Title" Type="Text" X="11" Y="9" Width="490" Height="15" A

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\fragments\VerifyRepairDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4078
      Entropy (8bit):5.346575060645489
      Encrypted:false
      SSDEEP:
      MD5:E9A9067562CC945BF24AB07AED810364
      SHA1:58A92F0F2571F3D5E37488DBEE16761D41A4C6F4
      SHA-256:EAC02D5A71DAB9CD5F0AB87606643CABAF18C8E3333531663E25AD95B9F6B489
      SHA-512:D760849B9B9DB09F257439D6B4DC5A46E5CECB39B79DEC80E6E4834176BB16EB86581E7A465AEF4F5E6F898D2FA144906467FB1D72227989530B7022FE1BBC21
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="VerifyRepairDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Repair" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Repair]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Back" Type="PushButton" X="312" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Title" Type="Text" X="11" Y="9" Width="480" Height="15" A

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\fragments\WelcomeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3015
      Entropy (8bit):5.24778723538566
      Encrypted:false
      SSDEEP:
      MD5:157926B83D4EEBE5382F8190E5361242
      SHA1:180AAF4FF2CCD36A47A547FEA435BAA6DEA2BAE0
      SHA-256:D2EC7D8D515748DAC5FCE9E43D47355EE7C8A93D11B1868ABD9DD61F1D6DEA52
      SHA-512:D50EC00E9AF00BA39D174E8A68AB0DEDCDCEAFABABD841107BEA5DAC9F3F7DFC32DF55CB4A7D190415FD160E7ED9B2BF3F9DA6B30ACB3B11C45922851BD600E0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomeDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="WelcomeDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="Back" Type="PushButton" X="312" Y="372" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="Title" Type="Text" X="11" Y="9" Width="488" Height="17" Attributes="196611" TextStyle=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\fragments\WelcomePrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3113
      Entropy (8bit):5.330602408512272
      Encrypted:false
      SSDEEP:
      MD5:A6AD21C689AD084141F75B1F45B40453
      SHA1:EA6BF9F23C917C0915C3F7BECC5B79AC68721C0B
      SHA-256:4F9769FD449855CA48A19F979E8A8B8D1573CC6694AE39BD6987CE785ABD8C18
      SHA-512:4E99C45E4561E6C50046672FF1C9253ED886D7D65D02270ECA7626438DF513EE013EBC2C9699870BE87B1FAA8D026AC9E1B818E1C0B2345217597B8BAF9F8E3F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="WelcomePrereqDlg" Sequence="250" Condition="AI_BOOTSTRAPPER AND (NOT AI_BOOTSTRAPPER_RESUME) AND AI_MISSING_PREREQS" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomePrereqDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="525" Height="395" Attributes="1048577" Text="[Background]" Order="100"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Next" Type="PushButton" X="368" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Cancel" Type="PushButton" X="436" Y="372" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomePrereqDlg" Control=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\arrow\1000.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1165
      Entropy (8bit):7.321486320927136
      Encrypted:false
      SSDEEP:
      MD5:40DBA2EAD6750CF1A566ABE2F6E9877E
      SHA1:244A7D7DF50C1ED17D83EF07F8D8CB04AE3A8DC7
      SHA-256:9470B49D3F9634812E4FBBD144067160D3F7E4773A8301C8CFF53B4646995A1A
      SHA-512:67C5C7BD79E35E8FB0008C3E2F8D04DC7E595A7371CEFAEA4C1C02E55AEB8A0312CB4A69503F6C81164AA35575745A0ED6DD6BBD9D17505990DFB8C2B5A59ACE
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s.....................................................................................1.!AQ...aq.."R.........2...34T56.......................!..1AQq.....a.."BRr.3.C.............?..6.......X...wQ.!..C%Xe.R.3..f.[...$..S...uuu..L..Wgr...jl8f.KON..Iy...hg]1/.y.@.x.Sim..[.}.U...5...7;R.K....oc..w..U.c..b4..>E......v.2S0.6...2.*"7.,S....o.......|....h......s.^...................OK..o@Kh....].wY.+-.G!_I6e;.{\.uo.vUk+i..e.....`...}cM..OK...V..+M.-Q.zK......Uu..NGeT.&{J...1..@...Y<G.......\b.n..U..wQ...=).\...r]'pj.;.U.EK]M.XO(.X..G_l..../.i..n...N..V..R....4+U.....C.B^.c....%..LI...&K..lDD=....U1X..E.u!..SS....M.2...I..Xz..En...6......(b....N."L&..Co...4..=..!.HJ....,`.f8.,...^p.4.K.8.,.>....'...%.."u-.8.c..\-R..jC..1..@....).E......x...'(bS.xx.,`.m6.5.~...4t.....).a!/k..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\arrow\2100.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1404
      Entropy (8bit):7.475437633005063
      Encrypted:false
      SSDEEP:
      MD5:EE8AF6994CD3B724B8F9896200E34976
      SHA1:433C5818ADA6C94C65650CA5011F0BCB9696D2FB
      SHA-256:D8285BA9B7F84633A0BF6FE6E43A9887CEF79CA786BDD2036ED438EE31637B4D
      SHA-512:EB220972AE5F10B9B05AAEF5E6C8C6B854C10B5FEC3021883196052097A6B527A4917D80166BE1BD308894C87814FF9833A811F4E1C0F5A99A8B13140E8AF9EA
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s..........................................................................................!1Q...A.q"2R.a..b.#....S.4.5...B3CU.6........................!1Q.A...a.R....C.qB#..............?....J.\..}.....T2...{..~.;kgK..ta...z...-..C3..=....\T...i...j....+.......kA......./.>....[.....Ct\..{..3.f..j...7.9..KW...<..T.V.]..hm]+:._-.sL....-...L...l.%....lbH.b1pr.+.o.....3.......>N.....EEC.l.l....I......V..t..e.O;co..54g....7&.M;R.t..:..S:..Q."...6[.Ec.A....T.e.. Q.J..xt..H..........Xsq......iP...|..b.#.K..T..;..;'G.....x.}.$.i.myw..m..f.cP.|.:.P.m.o...'..r#..h....u....v.o.[.I..+.Q4..K[C.{..:...0.v....T.Z....G&UZ{.5..|..F\.....FO...-...m\.;.#`...(.......<?.&....o.......G.....o....<...5....7.[.d..K...in.u...2.C:.%...s.Z-6...m...k...o&...9?^.N.n...VJ.......KC.G.t.vl....UD....A.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\arrow\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1607
      Entropy (8bit):7.559883011013285
      Encrypted:false
      SSDEEP:
      MD5:624236E03313D697B803A454C393BFFD
      SHA1:8956C9A8F7BC00AA4EC8CF6877F96E9C43A57DE8
      SHA-256:BAD78790D78D08782CB66560755CA781703B71956BCFDBF6CCCF883F74F4E2A0
      SHA-512:63F9F9108D7B3B6BC240E55C644984FD4149608D1C1E8464FBC5FB62914E9C66DE1602B928007F6FBAB35F768567784FE99E40BA0FE67845860499997F3537E6
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s...........................................................................................!1..AQ..aq"2R..b.#.4...5U.6...r3S.T........................!1Q....Aa.R...C.q....B#..............?..9..a.y.......-...z..`t.lKI..Y.L%^."........B..17%*#.{............]....?...~3...........).v.:f.........(.......#.`..z..Bf.Q.um.JIt.%O..f.%..Z.S%.....c..v....+..b4?.4;...v...gY........K.....p\....;/o..wV^.$.6...U..~.....T&S.U.L.5JT..sm..M.-L...P..A..l.W4..$.A$.1....72.\...-.Q..\sm....n.E.L@@#...,PL...Z)U.G......[k.n\..1..ZgG.J..9Z........Gy.. ^o7$(.y...jW..:WP'~.u......r......q..O...........j3.j.p^O....r.......N...Pg..NY.T....].1S.f.%..Z.S%.....e..v....+..b.?..;...v...gYj......._m....\ ..f....[.Gue..O;coN>%Q.<1....2.R..Q..#8.*bj]jm.*....(...E...Q...I .U.H=w...#...R

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\arrow\2221.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1828
      Entropy (8bit):7.654653059154532
      Encrypted:false
      SSDEEP:
      MD5:335E989284FA18F5185BF0C5D75F7B14
      SHA1:DC7DBB31824503411B1B116835E3F6D8D219E6EA
      SHA-256:247D98B12470C3847FB3F693BA4B70DEA2391F40424CD43DD3027AEBC81C2C43
      SHA-512:6CC2DE23B481684F4CCC98628F648E447221DBDC6B52B8DFBCB6985396706801150D9EE985E9FD492608B5884C3E075FDC3C3C398095405E86E109E1FBD7DD68
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s...........................................................................................!1..A..Q"2b..aq..R#45....T.U6....Br.3S.......................!1...Q....A.R..aq.."C.B#3c..............?..9..a.y...........z..`t.lKI..Y.L%].E..3..-d....bnJTG.}CbmJ.........]....?..............s..n..d;h...C..=...>..r..x.*X5@......Ts.[hR.]..S.Y..u&.V.....Z.b....c...7............KJ....{..bba`%...G=.B...H.h...........y..r..U..}n]...T"S.U.L.5JT..sm..M.-L...P..A..l.V.....A$.1....fJ...>...D.t)!W..@..f........1...b.&E|.*.J..8.`LM.2.\;p.....:=.VNU!..u.. .\.t.Y.B...rB...lM.Y.......>..~&.+.R....}.....s..n..d;h...=.y=.q...6.k.r..y:*X5A..a9f.Ps:..*It,.O.U.,.R`Uj.L.y..*.!...68(.$8......p.......[:.W.._..P..h}0....\.$z...7&.N......y..r..U..0..k.*..eJ.G.f.I.vFq.T....U.)Z.P7. .....Z...@ ...|w...G/.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x526, components 3
      Category:dropped
      Size (bytes):64835
      Entropy (8bit):7.9407977627535145
      Encrypted:false
      SSDEEP:
      MD5:763353D4C18CC8A4DF9DF5DB5EF1077F
      SHA1:7FC41487071FC782188B6665935247F8E40BAA5F
      SHA-256:0ABB37642949C5E2D9936028644F361616B4DD5E743FC71794375BF5B0728CEF
      SHA-512:5566603A369E90B427641175B02C2423DF9D4D824D54AD922307308F7872F0A5BCFEEA713C91E7B809BD20F3A0D1990A0D73E4E026D3A7AC9E65F98AF44967C9
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d........................................................................................................................................................................................................................................!..1AQ..aq..."...2.....B....R...#.$T.5&br...3Scs..4Ddt..%6F..C.EU..eV...'.u........................!1QqR...3S..A....D.a.$"2r#.....CB.E............?...9...|.}.K9..R....v.I&.IQ_....<fq.(.?=...g<3.?.P.+...T>...i.cd8..).x.O.7.=...S.....;.N..8.*....C.q...w.).q..T..l~....q....jt.i...P..;..C.q...w.).x.'...;.....i.cd'}...G.....z..a.V.CK..!'[S.;V...5....;.Ej=>.F6C3.........?....;..[..].....Jv.......zb2....Z..]...s.......s../.../....6...K..!.}F.Jv.k.IS.}'.z}.....}..l.....)....>.'...!6...........p...t.l....>.c/'..}.g.k^.K..!.}V.O-.....>..S....M...1....kt../W../.........{.....G..!..Z.<................U..=...s...ym..._.........{..Om......~.[d....[....\.q...AW.h.#d'....D|..J..=....._.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):4850
      Entropy (8bit):7.704453693922202
      Encrypted:false
      SSDEEP:
      MD5:3791839430AE6A8E3208813B47343C42
      SHA1:3749D0EC73CD8388DAE63F9AF0FB4998180DEA85
      SHA-256:1BB0E32D0C135A6048AE979E7A8469612110A5838E64B7E737ADEDBBE0756A7A
      SHA-512:DE4C2CA3CFE9537163DC495FA870471573EECECF2BDA6830ABD2131ED206AE5F5E4929AA3447FF2027BE61D372B76516830410C18C37825757B92475C03FA8E6
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@...............................................................................................!.1"...A.Qaq#..2B...3...bC.....................!1...A..Q..aq...."..2#.B3.D.............?...@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@.v.??..N..}E(F<......r[k...q..*[?p}G...z.I.:3(Z..0.....T-...]Cu.A..A-..~..k....7...U...$..m./.on..a..`..T..9.OP.~'.wl..._..e....w...."|...O..km75.............q.:...u..t..E1i[...\qE;>....z.S..i.......Y.HGp.tQ.I.....X.3..;...bqS...K.v>.\{v3e.r.=l.;......F..s....A...e*;...}>....-.,.wr.j.....T..W..S...........6.1.>(.{..}......Jq&...l)..-x.z......zt..UG_.DW..?j.....................................................................-(......;m......{......?_...2~....j.UP...V....0rs.q........M..&....8.W..IE.`.N.UVW...5..$.^n...6...=}H...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):68214
      Entropy (8bit):7.969908200079236
      Encrypted:false
      SSDEEP:
      MD5:11AAF912AC553C4ADD1631C6E6F1050C
      SHA1:810B93FBC6F31AD001B1CA87D927D163C875209D
      SHA-256:083E5516DE2D8272DAE31481B86C4BF37F9F2D874A3374F889A74CCE2EC06A14
      SHA-512:6562B80A955DC94C10784A1DDCD393894FE95C3C6B26CD98ED52CC2E3DDA04DB72DE171E8157866399D239BCCE5985DBA1489494257E966F937F20C6DB41FB75
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^..............................................................................................!.1A.Qa"..q.2.......#...B.R3$.b.&.CS%E.r..csdUF(...D.56'4t.e.v..7.....................!1AQ..aq.....".......2.S.B..Rr#3t..%5b..$Tu.s4dUecCD................?..|.s0E...+.;.k.F.....x..M..+..+.{......d....1....w2u.W.[5...O...xq|......9....A.. ....y.8....[.j.H......x.Q.d;......i........E[.BX.B.............;. .$.G2.f.S ...un...-.......)..].m..,..N..q...rcG.....\.%..{\..%N.:K...N....-.N^E\X......(.(.5....fF...r..WI\.(..R.ZS c,h.".:...t..ok.... ...{;...Y#vp@TR.#eth..;32......XxF......D.^......I#u.:...ft...@..T.......W......<.... .%.<...}.%..%]...RL.A.b}....7i.. .....+r.U..+......-...s{l...j.jO..%.....|..W...E:G...t...F...q0..u.R...fE........S.i..Dd)Z.nW.....A...ibMiA`.1.^..^..$... .

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x100, components 3
      Category:dropped
      Size (bytes):15808
      Entropy (8bit):7.940296240125294
      Encrypted:false
      SSDEEP:
      MD5:ED46B454A4D55A447FA6ED090524B99A
      SHA1:5892A1FE0748F790DE6EE8D9BE0BC2FF858A6A4A
      SHA-256:806757C03A7222A8E0E7C22AA9660B820130AAAB7BDEB515D87D51AEDE09B97C
      SHA-512:0718C1FDB12E22D5810EB18EE72A8EE88712D02560C8CBD5063DB90D708113DADFF62CB0725F1D31A78B2AFBB730034290D2E72FD631895723A5F02A356B6EE0
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d........................................................................................!1A..Qaq."...2...B......R#$b3rs.d.5...c4%.....................!.1.AQ...ra"34q..2#b$............?..A..._.........CO.._.G....z..........l..:.t.c.b.(..r.,.6..H.4.Z.1n..m.(.C..kL.l^.{,.E..Z....dH..x..0S..F....<.jq..........U.$..Q.H...g.1.$....|.. .$B1...;...DdK...Z.[.}.H..!..j.....[.".z..(^....F..kV.n.a...]nP..ac."......H.....H....y7zu..U..o.:.._o.!)9H.9`....)......@$..#.m.VN.j.u....9..#.$...D\+... ....'...........c..>..,FE...*...Y.HGk.&bS@"z+.c6.x.......v.`#.m....D...P..w......B...|..ZQ3..N..R4b....9O&....Hh.9..h.&..g...9W...l.Q...=.K:.....A.A..l..o..!JL.s.lQ.5.Y....i.H..(..A.1.(....s.Y......n...Gp....c.0I....H...}.......7$~;.{..!.m....Y.....1.p. .........|.S.b.G......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\radio\1000.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1934
      Entropy (8bit):7.677182248846221
      Encrypted:false
      SSDEEP:
      MD5:750B3CE655A3DBC7961306D52C7B22B5
      SHA1:2D5ED71C01ABB38628EB81E1AC216F324A5C6F9D
      SHA-256:E7FF02B62F83626E7115F8A98F017FA4EC2927541C87A8555F51398D39583FBD
      SHA-512:D765F9008BD58E7D87392A44804945CECF04515ED5E0B134192C1E7A6E55D3509C181AA65DE98D2C2AFABA55E808E6CD4B625042C0A96F62FF0A64DBF88EB6EB
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s..........................................................................................!1.Q.Aa2....q"RS4.3T.....BbCs.r.#56.......................1A..!Qq.....aB.."2Rr.3..C............?..,.g..K.=..z..M..B.6.'.u8.g.-....h(.'@s.<.;...tT...M.....i..."...l.E....[.........9....{.}..T.*...m..I*...mhZ..}.u....f4.R}.....je...I...6...q..x.......s~....Q....\?.KG......w..^....} .....kn..U.k.k].)`.R....s.]2..G...Y)..q....=....x.f.N..`.....-..7k...j..g..)P.)...lN'Zd.W..RP`..z.i..|G.............O.c..].W.4z..`.l..-.p],.*...s56.T...f...~.[.....=....DN.~S.]...-.z..,<.Cj.ihrTS..8......HR...Vc5M.DB.w.5.L6..H..H.L..e.....0..Et)!Y.n.45..0lM&. ..z.........9m..:JW..3..].&]U.'x9....dkPs.....Mk.#M.0SQ.....;..*..|.....6....aq.rIZ..II<S....V..v.....6.o...-.G........^.u..P......L..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\radio\2100.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2013
      Entropy (8bit):7.670388895096183
      Encrypted:false
      SSDEEP:
      MD5:C420154355E85D1B2CA8CC6DE2F78FDE
      SHA1:014707B5BC98D52E92C68B77D299E22075D2A561
      SHA-256:47B996F1D726DFFCC482BCEE2117ECAAFED5DF5E05CF8673BDDFC769DB08C3C0
      SHA-512:1506CD5AD09FC2CB99E2860CB94C70EC88F1AE97DF8F75F5391827C9481C4E265DD0F1DC83CBD844678FD2F68C92DFE588338EA845E50E16EFFDE24EFD322143
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s...........................................................................................!1..AQ..a2R.4.q"3ST......bCsr#d.6.........................!1q.AQa......B.....2r.3..."R............?...\..kj.ZSJ....g....Yn.Nd..>.......T`...i..p$...zc+..H...k.......z..Lz.:.e.C..[.....%r.f..f......>.]...(.a...-...!.)W.uC......~...mr.%.m...L..g..p..}..=2.8.p.BNf.Q}A.pe.............D..?T.TL`..KM.b..u8.f.F..E?..>iu^_.hIJ..j._rM....R.e...-....KA.1.y.j.(*.G.0..kVoQVR2....?.......O..O...uzm.t.5h....r.......3....Tb...."..A.........UC..r.>.I....(...UN..r.^..*P.a.R.e0..S.+f<B......N;...WB..q...va..M& ..zN.T..E}.*.).D...f..k.q.L.jz.+^.../w.l .....-.........9.]]C.S;.[L....T1+X.2*Zzq:.s9.5l...+CNMr.......{.....T$.......IWp.]KkB.....0....1."g.f........JfU.....v..n.aK?.u?./..7.]._..e....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\radio\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2078
      Entropy (8bit):7.696269240445762
      Encrypted:false
      SSDEEP:
      MD5:6A6DDF6728D0BA09C6E2983A97B1031C
      SHA1:01352DED02319992C25D89DADC22E4631981B54E
      SHA-256:26AC8E8FD30E4BC4F66AAEE0CE0BDE0DB2293012AE39F96652E9B12E1542D8BE
      SHA-512:91A50AA21CEC298B555C86B8EE5FB559F0F8E4B5160038F07D9BE10BE2F5920249B9EB0E1B957CD2D7DCEF126115D5CBBADC74092A1C74C876DB8F25E0B6BD98
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s..........................................................................................!1...Q.Aa2R..q"3S4...bsT.....Br#Cd56.......................!1.AQaq........B...r.3..."2RC............?...l.....iM+Lj.Zq.f~f}e.}9.....P..;+QQ.R`M..<`...^......^3.}...]....z..Lz.:.e.C..[.....%r.f..f......?.*.F..0O...[..v...U...w..._..g...]e=..HI.*o@g...O..g..y.S...s4.....,f..-.@ .`..W2 mQ.L...\.Si....................9.%*...}.4K..Z.K)..jh...R..-...5..}..YH.T#kK8f.).....W.....?.S..Q......].N..l..).......R..yy..4.BV..{.@..6=Z5:....H};....)4...%......N@..S.J...j....o.6T.Q.j../..8.......$*...z0.l.&.....=g.H..".l.l.....eY..t....U.-.j~jye.}5...yPP../J.Tr.7.e.K.m..^....^..)....._....Z..Lz.<.]..M8..,..J.J..H...5.P.PU.a..Ur4.A.x.o...Y4'....G....v......]...{.$t.7.3..........).U.9.}E.....3...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\radio\2221.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2150
      Entropy (8bit):7.711214982185858
      Encrypted:false
      SSDEEP:
      MD5:B3D6CF5322B0A6E038FBF402B7A54F14
      SHA1:7C65F0EC826CD5EC68C72A4FA79D37B0A44A2D95
      SHA-256:5AE1D4AB295FD065B861F319ECC62D2E5740423E2B7FFC662FDF45AF9131CE40
      SHA-512:E6F1724C547555E58ADBC22584EA834996F912CD504BACDA41FD77CDB3793B57C4A93CBA9610DDE516A52F61448B7C78392823E159A24187F41364807AC1067B
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s............................................................................................!...1AQ.a"2R.S4.q3....BsT..bCd.6.......................!..1AQaq..........2Br..3..".RC............?...i.k;W..V..V..<.....t.s&.).....vV......{.<`.[P.G./.9.2......,......c....-.....fU.E(y+..#..17.P.PU.p.x.r4.Q.<C..l7.M..aW.uC....`.~w.....r...yI7.3..a...s....).5.9.}E.....3.....0DOW. l.....\2Si......%l..in.........9.%*...}.4K..Z.K)..jh...R..-.....u..r...8......u.e#).5q.......}..m?3......Fe...n=...&..j....&i....;.{.@..6...9}.Q.P..d...)4...%....S.........6.6...L5.t..G.d./._.;x....RB.8....v..."i1.....;-".L...*.1C#K...+..\.Kf.\[<.....t.k$.....^....Jn&.....s.x../.9.>........,......c......9i..g.P.W/*F(]..*....]...+....Y..?.e..<.*....o.r......M....(..$..C5.....3.j...$.i......X.+.[..@<

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\blue-cave\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x29, components 3
      Category:dropped
      Size (bytes):5246
      Entropy (8bit):7.892295770541198
      Encrypted:false
      SSDEEP:
      MD5:4B7409E531AACEFFE3501A028F5F1275
      SHA1:B541A456E98D649CBF54F95A425F7F9A2A0B3144
      SHA-256:E17B4AE5EBB25BDB95E998C9DBC23A66DF478E10571D6120D4C313F5C175FE28
      SHA-512:1C8B4E61329254EE685ECB0D0AB891E30D11C09ABC72013B6F93915E3918C14F7CE1664B3F0AC79F5F2AC1181450389079B99FD287A365BEF881553DB0A51789
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d.............................................................................................................................................................................................................................................!1..AQa..q......".4T...B.$5U.2r..s..dt..%..c6FRb.#3..V.......................R...!.1QqA...3a...2CSD."............?......e6%2R$IH*R..*Q..I(..Ho.a.C....^....Z..~&..{........G.Z...{...p{$t3..".....i^...GC\8.R.Z......p{$t5.."....Ri~...GC<8.R.Z.....W.@....;T...73..{.....p.Hyk.s=.O.@....;T...73.........8.R.Z....zO.@....;T...72....0;$t5.. ....Q.....GC<8.R.Z....jG...Q...;T...72.E.......pc.H9...E.......pc.I.5w9.(..a..a.3... ..2.......>.x1.....X..]....>.x1.g.%.e.....~..C\..RFy.\.Rh4_....}..c.I.6K....'....>.x1...%.b.....n..U..v. ..s.b.C..t.a......$g.%.e..B..[...k...H9.\..N]..[,.1...+T..|.9...@..e..}Vx1Z.....2....F.......I.>[..-P>.....U.|V.#;.nse.,..%y..uZ..j....9...2...*N.G..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\arrow\1000.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1667
      Entropy (8bit):7.614322128225992
      Encrypted:false
      SSDEEP:
      MD5:61BC4BDC9B0D28099FFA370913991AD8
      SHA1:1CF107CB17DBFD74B5319DBD864CA2F98C3BB019
      SHA-256:935A3FFA2F73EF222EB1A12160487D1AD32E71BED97F86D62B34F83FF9A08CEA
      SHA-512:D9CF96B75A99F78C7FB5A2A110FA4FA64C320EDD10DCFA66811ECBF1F54CEE05DA2C4C1CF89208ED601BF0492E8B4A4865BBBA26B0113F551B5715F7A6E003D7
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s..........................................................................................!1.2.AQaq..Rb#3S...."rT..B.4U.....Cs$F......................!.1AQ..aq.."R........2br.3...................?..7!.?O|..Y.<~.73.=.....2n.W&.A.~q.u1.7E.mz:'...N6-...?.......[.{..cu+...3..U.y;%.....+&m..../.(I&].&.Z......6./2@@..Q._.u.,nX.q..S^s.s2.).y.x....~.+...2......_...+.s.W.2.y..r..r................r...35........].%|6...u..).....a.R!...v[.p"...}kW....+.we.........}..b...J...4..YCw.1....Pk.e0X...=..#.t.m.7.n..[....bU........D=...\:I......:..=vs|..0.p.GS.8Z...{.c.7.},T]........m..6..6.P..M...Z.Mp....GHS...H.OH[.T[1u=..95#6....lAMM$.n.d.....I..ru....j..k..w.u..{...3..X..'..m.n.]..Q.....|.wcg-&...u^.....%...6....5..)Cj..m.^6.....o....8+..3r.*~I~..*M.o.....e......}.........$.......n.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\arrow\2100.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1772
      Entropy (8bit):7.64716370685827
      Encrypted:false
      SSDEEP:
      MD5:532668D78E637660C46CF357582C3A72
      SHA1:F1C9A4FD58C62D063622ABAF3508CAC9287C673A
      SHA-256:DA4E5F40D487A362CD38B9CE3567F63F5DB2615B34B7AE9BAB7FB58B88636885
      SHA-512:094B202ECC1687DC37E8C94FBC35911FDD066D324B20A345206F88557B2873D23EAC5D2ED43CB542507EE5C0E2F64624EC2C85C97ED97CCE11B1F0A55AD9FC86
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s..........................................................................................!1...Q2.Aaq"Rb#3S....Br.4T....Cs.5U.6..c.........................!1Q..Aa...Rq..."..2r.....b...#3..............?..H..<..+..\L..ane..b..4.^.V....V....?....l..b..H{...iR...X7P.\. ....mI.P.l....2.wN0.i....G...sg.[.G.............>a.h.b..3.....u.r.>.|u.3....JJ.u.F..`..,...4...R...r.>.x,.RkP..|...[M..Z2D..,......_..$r'..|$.KP....1.3|..o30.,.,L.......$A....y|..;..(f3...*Y..m..B..K..Z...Z>.z.l.o.J.7.......^.bw..zVfQ[F....ap.[...$.A.....$.....Zu...7 ..0[.).#..64r.N..[pY.k.C_U.......{..'....8.v.U.(.....kU...,%.j(5...\"j.v....6.......-.]N...MH....)......Uz|.i3..S....Unk\.C..i........McOT......Z]....}.........mL.....O.s&c...y.16f..&|.!!(L....E..*..Ev..M.D../..;..rrZ..:k.z....{

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\arrow\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2046
      Entropy (8bit):7.724783457823099
      Encrypted:false
      SSDEEP:
      MD5:20A403D7A8FD2E61C289CFEF40B1F429
      SHA1:A9CF94DF42C870F335F0C426AE085EE28182E32F
      SHA-256:AC1D261EF83F256AB71E049FC492F4CFC948C30D5378F4EDA452F2645D2425C3
      SHA-512:F8262437E50147BF88D054D9536560CF3BF864FABFFC0E3DC3519B9563AE8BBC02E84AD629B83DE1184D02D0B04D04A53B41202478F664389545E0C670A9FEB8
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s...........................................................................................!1...Q2..Aaq"b3.4.BRST......r#sU.6.....CcD5FV..........................!1AQ..a...q.."R......b.Br.................?..H..<..+..\L..ane..b..i.\......V....x~%...)..NA!.[0M.Jc.e`.C..pp..@7..$)B..Cd.'v?EcO.t..e...k........V.Q.3...~..n..........;..6..O.]a.i...:.3..;......r4.k...e.NI..uhB...+S.W..u&...7.../...N..$K.K....!J..._.D.......j..r..3.o.tm.f..e..T_Q.uu..4...O.t.z.7..F...eK?...............8...w...cw..S....3&1.....f....V.K..f.\ V.!I0.}.@..2Z.d.c..~h.N.6.......y%1.yA..=4. knK%.sHk...O..^k.v...jy.W....8.) q....v...q(XJ&.Pj-M..D.z.)\..Tq.X[....:......C...6 ...~...Uz}.4y.k...L~.75.l!../....c..5.=Rz.Km.z..3.#!.m.....;.4.Ql*.8.&.NK...m".~rj>P.....n..b7.y...8.i..W.......s...w].{fbd).W..D.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\arrow\2221.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2238
      Entropy (8bit):7.765541007892357
      Encrypted:false
      SSDEEP:
      MD5:6D124E15FA643F63CE5504AE6627843D
      SHA1:BA7BDA3126CC0339955866D394153E0BACABB107
      SHA-256:0FA9D6B9B01A25B974D05DF7B89CEED38725100EC312EEB081D4D8483D8009ED
      SHA-512:A3E2EB13533DD6DD854E05C92188DA619B30DB342C49ADB4E4BD5F16FC2D6CAF5B0CC6E598A8A831BF7DF157826CF2BB7D8A7A3786BE4A153FA1F03A727423D7
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s...........................................................................................1....!2..Qab3.4TA."BR#S.U.q.r..Ccs56V.....DE.......................!..1AQ.a....q.."R..Bb....r..................?...T.x. ^.:..IjV.A*^.Jw...p{7.k...........6\-...I..={b.."b.d.l....8...".Z...%j.Ch.'.?.X..wV0.c...g.a....=...-.F.T.\./.7,8..E..7..o.R.%.w}.&n<...%r.4p4.5pOH....`..0.!...}.+Hj...$L...x.M..-.".QO.@.].H....#.7}...N.d..r.......y...fYbd4+..OB.A.....O....;....m6.T..>....B_.&....p}..T....X.l..yw.7.$.0....L..2..`..6f.8AM.AP.a...@...Z.h.c....N.6....8..xTb..2<.pycK..m.d..i.|..........j...S...V...r.ioM.......\.n...M...V..L".-Y.9IJ..:G;{B..E..[.U....q\.i.jhW..*..O....c....l..5...6..nX.e.">......4<..=ZM......K..}n..M....d.:#..'%.....CG....% m._3r.[1..._...l.qO|..|..8._/r........R..0...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x526, components 3
      Category:dropped
      Size (bytes):59600
      Entropy (8bit):7.976925822260913
      Encrypted:false
      SSDEEP:
      MD5:4F3AA5F66365AA5983BB73A529C6B6C2
      SHA1:4EE7E3F7A6D85E9F04D408050B51200ED3A67C17
      SHA-256:523B11E201B9FE2FF6EAA559B10E209B4E6798D50785722D3E885D79EF5ACFA8
      SHA-512:DCF7503C2FE45CE82D836EF4DCD293A4EEF2D06445BDD360733968084B268704E7D7DEEDA3D60BF7AB85616ADC9C037984F6C4C527736006B8110731A2DD8990
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d...........................................................................................................................................................................................................................................!.1..AQ".aq.......2BR#...r.b...3CS...c$T.....4Ds.dt.5EU6.F&V....%......................!.1AQa..q......R..."2B.b.3C.r....#..............?...>/..Qp........i....9F...j...CG....KO.j.C.....zxB.h.....zxG.............&1;...s.....I.w..^}]...JL..<.y.v.Ir....\gDpj........j..}...t.....px....:k'......KXit..q.'LpfuK..I0a+Q......k........N..u.wh.....\.wf.......\..^..#..\....BT.r_.z?...T.r_.?...G.f..A:`.......'L/\...'.^.:..t...4..\.../..:c..)=....L5.${.M.......I..7..N..u.Owi.C.U...)=.c..J.1.z..CO.x.:c..%..=..N..uH......../.....t...K.l..2.1..:+>.Lp:.|..w.S.8.R_%g....T......t...K..{.2.Lp:.....).....'o..zc..%.x.t...G.[.|e:c..%....N..uI...w...:.|..u:#..#.m.N..u..[{..8.r>V.......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):6348
      Entropy (8bit):7.759134498841521
      Encrypted:false
      SSDEEP:
      MD5:64EC145F660DA9955E0958D3DB7CE7D3
      SHA1:4804CB6FC0F5714D984E4EF41C37DBF84956D7D0
      SHA-256:90966FCCEA680CD781293F2867FB65B8595A573E94F2C35C6F9D40FCCE39FB18
      SHA-512:0EAECD18A17F73F1D79D83D20AD6C23DBEC14919A3FE8D0A14B4A56544D322DF1ADF5B6B822EB3F1D5F52574FA23EF6A0C2DDAD07E12E394CB71AC18027546A3
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@................................................................................................!..."1..A.Qq.a.2#...3$.....BRr%....................!.1....AQ.a.q.."2B......Rb.#.3................?....@....@....@....@....@....@....@....@....@....@....@....@....@....@......c..R...v..@z..?..m..w]...|..[........-.1u5R.h.......p...._..>.[o....}h.`=....h.r....+..K0..d......U w[..e..~..w6.....X.[jV..Z)....+UU$.G...cGi>..!5.W[.D.....a.?.....k...7.y]r.e>7dU.b.+.y.K.q..{.r..r.2..~...2.e...e........l.vi....|>3w..N.C........[b.|.^..n$}....kk.`.......Um.{..!..i}...Z.V=MK..k...o.....7..OR.t...4...'=T/........6wj.7.{.].q........`...p.pI...&,.e.X.zz..N..........9...%k..i........Cg|.......%.Dt.I..k.1<~............\..nsO$.<..OE9..... .... .... .... .... .... .... .... .... .... .... .... ..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):74456
      Entropy (8bit):7.977142787808979
      Encrypted:false
      SSDEEP:
      MD5:9E28939E93ECFDE30BD84247384B2181
      SHA1:2D37F4714B80AF99DD8B000E402028654C1AC3EE
      SHA-256:262641A1BAEA1F18D80883C71405BEFF90217694843C571A1279ABD0A0DB62A7
      SHA-512:37FDF20EF21E0B5FA1210D26A1274E645E24A3D265E09E15F2ECA9D2C681677B8501677B0F312B3B434BD37C278D68736A2CCE31C5C3213759F173039B6D47F1
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^..............................................................................................!..1A.Qa"..q2#......B...R3$...bCr.4%.&..Sc.(.D5.'...t8s..T...E.6Fv.Hh.....................!.1A..Q".aq2.......B#.Rb..3C..r...S..cs$4dt%5D.eu&6..T.EU..............?..8>u..`a.[{H...UV5$.2jT.3.*FZ)Zg...m..&.......1....7.0.......$Ti.ppc/..8.z.t.A.<..0...=DU.......3..,24:.h.O5:..:....5.sp~sz"$d|1......._.s...(O._..%...T...#....Q.F...(.T..,K.N.{Cn<.....'.bN.....7[.q.vS.s....$....#G}`.s.'..Em-z1.......]N..+=.I#!iO...1A..lF..)....i..L.....yo...m...^O....-X.t.<...m~zU.;f0\......=...`.*.*=.Y0WB..q....d..W.....4.3...a.W.X.r4.r)]T...gN...OvA.....1..Cl.v]*.......Yt.U..q]L.T..(Q.....L.i.I..K@.da,K.Z[. ..j...1.C...0.q.2.'...!Zm.2.K.....B...;f.......U.\..)....F.e,|-...oQ..cM2=.s.Hr\..^....7t.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x100, components 3
      Category:dropped
      Size (bytes):21704
      Entropy (8bit):7.963305014002268
      Encrypted:false
      SSDEEP:
      MD5:AE0B85EDB30F2E83806A2C0079F23599
      SHA1:57D064BD582BB6EE110E4EB2B7BBBD58BE462116
      SHA-256:1A65D99F1859294A177A467FFD8FA22432EAC18037031CDCEFC2F45C958B9882
      SHA-512:075D5C643512B5A3B7A09ACE741CAC7474AD01CF6FDA1BE3B0506806E8F15DA190ED0D91E19E3B0F1AA0D16C2D3AED11441CF06DF15C904D1BC7EF7B3417503E
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d........................................................................................!.1..A".Qa2..q.BR#..b.....r3S...C4.$..D%Td5&6.......................!1.AQaq......."2BRb...r....#.3.C.c.............?....}K.%P....2 .Fq...u#A....^....V.K..F...q.R...L."..D...JJ.0.mU.3..uC2./..8..F..I..o.M..M.UT.C..Dywm.aY.dB7.T).gC.H...+R.5.,b.|.m..@..Xm'P..d..#.7..h......|.Ff.r2..3..A.V*=.O`t..J3.Aqy.......h..Xw..d..M...Relv...9.x.k"beUL..N8.....$ZA........].r#.s3...r... ....;.H..cLq-..\'..m....;......%.E...."e.x...?8.9..qa..........O.[..SK.3...6.......e..&....nK-.6...(..4..i.6.}`2d|.v1.+..ZH.......$...*..{@..dtA....p.mUU....D...!..y..F...a.....sz......k5...R^.J=.....1.6<^<c{.h1q..W={R....j.....{QC...r$...cJ....g&.....Q.A...u..c...to{...<..S1!...A:zEc..q.9X..6...H.=5.$.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\radio\1000.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2079
      Entropy (8bit):7.698287721811026
      Encrypted:false
      SSDEEP:
      MD5:A578E99E5B86423B0146277B96391B85
      SHA1:08A3158983DCD612A6507FDFC7C5695F979F3BB4
      SHA-256:7519CA0C2A3A3666D80884D225CE1F7444080CDAA8C4956D8E5AF3B677F362E3
      SHA-512:0ABE3ED915777C5151781A665D8E52B033874D17CC98A219555D300820EFCF263134998C292FDD08A50DB219E90F66E46C77F51AC5DDAD113419553E63950D70
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s...........................................................................................!1..2.AQaR3.4T..."br#S.q.B.CU....s5F.....................1..!Q..Aa..q..R......"2..br..3................?...A.y{.4....Y.......2n.W&.A.~q..1.9Fc.....1.u.............7cz..?.g..&...h-V..Tf.9Q...$....-.@].}..k.....Q._.k.X.b...n...9R........q...!.y...n'......-.g6.IN.. .M6A.k..e.HQ.....>..^.N.54.U.!s.[.OR..^.s..:.`..T...B..h.A...p#b..z..................M..NY.w....cM.MH,....r.......rZ...^.._..4...7....B.s..3....-M.f.!.%....'......]..]Y..H0.....8......;.n.69......f...q\..#....n....,%.j(7...|"n....W3..8....(...J....C..6 ...~....u.....c..v8..z...6..n.E.....U..mc..OI.q.f.n..g.%K...=..^.t>..I.FzU...6..\...d..)-.LB.".\bn.q6.5:.......*Zq.8_kn].A.h3.5..L.4...1.(.\.....x.~..ik^.....S~...q.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\radio\2100.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2142
      Entropy (8bit):7.7185607920462385
      Encrypted:false
      SSDEEP:
      MD5:25D7E5DDFDAD1877DF31C3C03AB80B22
      SHA1:8E090F5E066F1FFF061C469BE26E945F3D8F8702
      SHA-256:1E35DDB279C838C795EC581E2A03D8CA83C079D78B36638517A757C0AABB4EF4
      SHA-512:8B8D4BF2397EB9A44A0135C1BA70A2DB24FDFA2BF782C1BD4748DB22864669EAAC0183A86F45DDBDA06F6BF545735790FD8F1AE7245FDF5C926689D35F0A2740
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s...........................................................................................!..12.QaR3.T..Aq"b#S4..rC..s..B...5U6.....................1.!AQ......R.aq......"r.2....b.C............?.....W..u$Qi..ju...*2.G.....I..s .^.%*%X%8.n...e.../...t.fn..>.M.5-..4.U...G..kPi...#.C...\.o*..(*.C1..\\C.B.....B.0._..v..J?..w..}..;>w.y.?yOt|...{Z..|2...B...=V..D.A{P.,..^Xm....\7...../M..+.E..._%...s..!.......i.sI..3.3:uo....9..).Im."....y@..l..P.5..3#..}....L."...g.(...I..........h....^G....K..QR.0%..q..P^..z.V.o.6....Z.w.J...?-jr...:y...^..S...B...KXN;P}v...&.&.F)........,.~.g....3}X....O....p...l.#....$6.P..KQA..-8.y.6]...\....W.Qm..<.....Z..vYb.5)'.9I.c....f1..c...(nk\.C..^4..R>1W...c..OY.v....[.l.|...y..]-L.-.|...B...a.5w+aJ.iH....I7).....N..*.w$..1.U../[../F.kf[

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\radio\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2193
      Entropy (8bit):7.7015283792683285
      Encrypted:false
      SSDEEP:
      MD5:ECA7FD65D320A17B1297D59770EFD5F7
      SHA1:81F7222FE2181B9D47CA21B8690F88F26E568E42
      SHA-256:BBB375EEE59231E523CCDC572FA32DD51685730B7153C102FF044D3A8D344FF4
      SHA-512:9441123F7EE338CB9F1A9166ADDD92B6BC8970B0850954D2840561CFC2F41AB72E59B67739F9946807D54FC18DA71D9B4642B6995FC2238212C668D3AF14292A
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s...........................................................................................!1...2.T..AQa"Rb34q.r#S.....s5U..B.CDF.....................1.!AQ..a.....q..R...".....2r..B............?...../s..D..%....".&..C....1A........).MQKP.=[M\..i.4_...t.fn..?.&..fY5.g....F...,....Z(!."...)....B.`5%^.c,9.....o.?...."..m..zQ.9..........z)?YO.|<.>....|....fE.I....-.db.a3W...pM..X.)...-k.Dj.i_L.).S3..{.[.w?L2......+...7.e7.e.._>...4d..n..NS_..D.(V......3Mm"...>.....d....3..]..SrX...h..........c8..c...&""...v..&b.bA.&H.E.@..L.:.[.b.=..mW....s..I..T.).P. r).c..]..M7G#I.......r......7.a^.%.V..l4;?....f..K8..8..~?.T..!..va .);-p..z....g.Xq.'.Qm..;...t....5Wa.$....q...._=&c.lv8..sZ.............P....|[l......... .=.;.........5~i$.f..h.......qhu.%E..X. %.o.Lc...(...f.@$0...7F9..d

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\radio\2221.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2266
      Entropy (8bit):7.743106507601585
      Encrypted:false
      SSDEEP:
      MD5:C8B2A4FF9E361C155AA92430B9F2C9EE
      SHA1:DC0018A90C63FA659771DBAE42A0594BB5C2E688
      SHA-256:10AEFB95E1D0ADBBB327829665BC30AA6F6AC53E14972085E910B2852FC4E005
      SHA-512:25860387B056356EEAAAF9C16EA0FB889C3DC2BAD7051FB8909B69B4A56BE9CD1A5C9DE96FEF071DCC8960B2BA84AED37E63330BEED674FD1EFA679D4D46806E
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s...........................................................................................1.!.2.QaR.TA"b3S.4..q..rs.#C5U.....BD6.....................1.!Q....A...aq...."BR....r....2............?..>Xr.N..".l..s.<.q.r=.(,,.$H..AX.....lJv..[M\..i.4o.5.h....?J&.&nZ6.i.....+.kPi.......j.].ouT.PV.^.c,1b.;v(.....L...!..}.G......_.z..../.S../%.zZ.1..u..B.%Zz....h...TY.$...+.w.\4....;*.7.V.......[.w?L2......+.y.9.i9.ft.gN....!C....Ko..S*RF..@.v.~..ki.fG.....h.ZfA...C?.Q|b>../..N..,U.#.G.d~..a.W.%$;...-...U...eT..^..52..n....=..qW..........dR...8.A.-.w.Z.v....9.M8.i.......v7Y...}.5.w-........G.n.P.........q(XJ%...-KN.T....zC......x.xJ-.]..^..Pe.....SR..v..$l.....f1.._~..i.5.l!..o.].+..].......=.yu.....G!..J.....kS..U.z.....z#h.Pj)....xU,..SU....;.*R....(Qvm..C.Z......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\deep-sea\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x29, components 3
      Category:dropped
      Size (bytes):3273
      Entropy (8bit):7.784067107329461
      Encrypted:false
      SSDEEP:
      MD5:917156AED365C9848705D39134BBE80A
      SHA1:5E5FE8E3CF56642AD6D70DE063A65544C97A9373
      SHA-256:634E7D8FC9722DD86A5253B33F682838E4CCDCA26AD1983EEEB56238070729E9
      SHA-512:30ABF452BA8131C419318A44A2E620BFB408CEDABB0B81354D5CE15D6479A665B3A209197D7D7FDA2D9B419A8252C9B511AA33FA8BCE6813DED002DE0A182DA2
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d..............................................................................................................................................................................................................................................a#.Q....R...!AS1q"...2B3C%E.......................!Q1A...aq...BC.#.............?....*#"...?x...p........|.....'.)8P....pa.I....6.'.(..='.)8P.I..-...-3mB...-B..0.........F.Z.......Y.E.`.FaE.L'@S;..:...K$.(.....v]24.F1i9J.t.:gi=29CX..OJ....&.V.CX..OJ.(k.&.zF.CX..OF.(..F.6.CX.v.........._.5....L...'.g...c..WD.&..`.OB.'...K....O.5....,rm0.:6..1......+....a.tm+....=.Q..'...m=.Ttm+...m=.Q...-...GF.t.&.....{l.&.....J..Ox......OxTtm'..|{OxT.J.......{d....Bm'.J|{OxR.$.r......I.r...o.6...=.....{T..[..IR..=..*:M..|[Ox......|E.....EI...Y......%...&.{D..Z.xQ...H|%...I...!...F.{E?.-..y]....y=....7......v..7.N.O/.KhQ...T..%.Z7...%....X:t..B.o-..(.5...{........JX..'P...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\default\arrow\1000.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):674
      Entropy (8bit):6.403565025710873
      Encrypted:false
      SSDEEP:
      MD5:7A8CDAEEBFA027E7E6D9A8491B953B12
      SHA1:5AC6168CE0CD9F1B4D452328CC17C30A343393E9
      SHA-256:EA5E447F2CD78E6DB01A63D02B5B2300CF4A952A93778B1E7733298F48C916FD
      SHA-512:5A6FB64A26C55479E338936819FA4E5C745908F6404D0A02D879C1039676C38FABDA1A8A768425F259530DA341EB0463CE96CC6FECE594B69C3448761B7D8082
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......:......Adobe.d................................................................ ................ ......s...............|....................................................................!A..1Qa.Rr.#S.4..B......................!.Aq..Qa.B................?..m..p.&.).v..d.MY,.v.[.~.bk..j.c..K^fq.b..N'r.&/.r2".g.'....].]..^eo]JE".F...-MgZ....3..'...}...KGtx..h...m.3?mYl}.v......s.W.r#..^.Kc5..L.l^k<g0...[....<....I35cR'#.U..l.6......V...i......7....}N.I...>.~..>.f/=..U...N..=7...M).J...bp.}..1h.....r..Ns c..QZ....W/....be=...9.bQ....................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\default\arrow\2100.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):845
      Entropy (8bit):6.793995119691982
      Encrypted:false
      SSDEEP:
      MD5:2AA7EDEC2AA4C3E63DDE3C5D2313F428
      SHA1:2B4B1E6430A950C262F996B4A5651AC3E4CF9E90
      SHA-256:33BF60D8A28388A0C76FD749E89014220938212F3E0A0DCF902B0728D51226B8
      SHA-512:A939BEDCE3826D5B90403D377B35B55B75E2F472AB14B2CCFFA0BCB74280AB23DF858C5DE421795A165950133C917287491F47EE9F46A608C9F3B2BDFF555FE1
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......:......Adobe.d................................................................ ................ ......s........................................................................................!1.AQa..S.4..q."2BRr#3T.5.....................!.Aq..Qa.B................?....K..e..Z...H.a..58..)..Q.jW.....n..'>I....^.....f...|.D...j...m...-.C.(..y...h.Z..2.5..1..h.id.^........\...*.4.\[...K....Y{...,7..F......w...P.j4.'..X...........*.lRe.....U:.M.:j..)l.7U...|.R.Q,...E..R.Q../.j...e..1.(.:L....4..QQ[....Z.y.....O....:~..B...^>}....f._...=..WM..em)J..%k.xb-.T.#..u|\..H.9....>.l:..y..$.p.XEP..4.l...1.n.F...\.?.i.b{.#=.g..c._>.~..>.2.^.R".G~.SK-H3..!.%[..N.M...,..j..JR.B....dTj?P..^..'..........................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\default\arrow\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1000
      Entropy (8bit):7.191239992800983
      Encrypted:false
      SSDEEP:
      MD5:4B7E172809A6C1FDD8E23163512EB94D
      SHA1:EA6D62C8785E91E2EEED2B6B679AADB1B349C7AD
      SHA-256:4F0E6648F7D3FC6D3940CF3C4FDA210683D09204A3DE4623D3CDA1A54A5625EE
      SHA-512:EFE5EC84E3B743787926B1C2B6EB79F0038DD1D98BB7D18F0FE5012D5587E0C2D0592302B9152594F8632F85CA4AED7443A987D349EC6CB3A3C58190DA7597FB
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......:......Adobe.d................................................................ ................ ......s........................................................................................1!a.AQ.3S4.q."2BRr#.T5........................!A.q...Qa.B...............?...b%.......hm....qUV8..2+....)..k.n..&.I.........v..{....t.i.K..7K...(...F...u..d"..|Z...~.r.\.K'.5..x.....E....s.....pE...C$....Jr.z..4`./=N.N.2.k0q.Q!^t$.. ......@.,7...%...6.I.UX./D....^..I.q.:...&..T?..~..].k...t$A.q../.8../R.V<.......I.i...q.jb.9.I..r.,.l.3..V.....F.S....n......S-..OTwu)...rH.l..;..;......D.y.j@.....@...Mj.c..k.GNW+..U.;h...i.\...w$R.Q,...E..S'%.K_..\E.ce..$I..y.|.*+aa......?.n~.w.......B...^>|..Z.,...M7h~..WT.h.DS4M...=.b.5Mp<..wW..h...Wp.:O.....<.@Q.C..l.JR.l.l..2c..V.{......m.....^^.....W#..}}<.e..r.Li..E..4..^yl..%[..N.M..u.R}..{j..0..>..UQy&JK.F..{.l.....sU..D.... ......@... ....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\default\arrow\2221.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1158
      Entropy (8bit):7.362756129214628
      Encrypted:false
      SSDEEP:
      MD5:2D7F992168E403FF70B62715B475BB1B
      SHA1:CA94DE8CBCF691288381CD6C6E6E18931DF15954
      SHA-256:77F0EE6897AEA69D18A6DEB30978940938CF0F10E29CC24E5EAA3F271E29DAFE
      SHA-512:9522C84AF95A40ECAB9D8799F2D643D9F8317F2B0934B36F6BC50BDBBBB84133557BC7415AD46052DEFB659511507D3E75F8AF75AADB4A89E053BC7B4A75E0A0
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......:......Adobe.d................................................................ ................ ......s.....................................................................................1....!a..AQ"B3S4...q.2RrT5.#.....................!..A.q....Qa.B..............?.[6.%.......hm....MUX........R.~.......n..C./'.i...{=....0q../tq.\^.4.yE.9h.@..R.Nb.D'.'(....V..Yd..s;^%j.o.#n.I.\./P......Nh.....%).....b..YjuJ.:.Ed..Q3.LQ.....A..............[...@.A ...@..%.=.1.....-..)I.D...j..^O.....{c.. `.Ib^..t..JiX.:r.......(.O4NQ.....W(....v.J.>..F...t..^....)T...9..IvJS...).......zu....f......A...0..0..0.,7...!...&.A5Ub.;.J0{.cuJ..<Z..R.>..........w....c$@......qz....t.Y...H59.Q..h../.H9Z.Qe.[5..x..}....I'..s .C.:(R..9.s.>..,7.R5..Ee..*.......D.%1G.......`..`...Mj.c..k.GNk...QR..CJR..uM.....m+U..v.")Tb.9..-~CqP..:*o.1..(...<._..EEl,3+{..^k.p.3s....?..l!../......_....*.@x"t.c<...N..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\default\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):2113
      Entropy (8bit):6.655986953195977
      Encrypted:false
      SSDEEP:
      MD5:47AA360ECE55064D7F19221DB764BEFE
      SHA1:5C620EF9E6DAB672412B1B1A2DA074C2EC91223E
      SHA-256:4FEDBA398AB1B6F8502D9FA8AD4937E136449FADB6137D1CF271E4C8A167CB5D
      SHA-512:25DDFAEC8E1E0278492D55D7894BF263F612162734F41E811EFD5DEB7B1EE14930BE00358A53450D5C0A3DD714E45354B3FEC14FC1DBD64BC4B7DF67A03CADB9
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@..............................................................................................!1AQ..a."..q....#.Bc.2S.....................!.A1Q..aq..............?...H.....................................................E..m...U......f9.Q..#[.c..&."H.GS./..VmW.H5...u.$......{.0..(..vg...b...#..G+c.&#.4.....r.j*.1..{.qe.......6.zX+.e..J..M..v}M.-.]<...........V1.M....Bh.QJ..G.#k..:....................................................*.".$....?P.......?r....v.f..P..#Z...jK..E...s.*=.(Y.V.Yd........r/c......{...u./.KY)..O..z..o...L...k.:Em.W..nD.DW.AW7...-.C.=4.S.S...b!...t.:"%<.|<|......-.G$....................................................Pdn...G..U..0O.Z...o?..d.iM..,..-_.H<..t._/..WI.wmNe..(vi.}..$.]:Y..1.ig.W.......\J.LPB.=.....f?.{.D.w;6...MI."XI#l...Z..l..X.[_L.=N......9...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\default\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):27861
      Entropy (8bit):7.929666628537515
      Encrypted:false
      SSDEEP:
      MD5:FB704BBBA435BB4A8BEDB32B16F3214C
      SHA1:200966E1F1FCFBF61B3F1669B4FD79F390245A6B
      SHA-256:021D8E2EC6D43AC3C8B4CC2C3F56BF953727FC62B0B6FBCF326890389FE4CAD8
      SHA-512:B39D3B9629C042E24953C4D7351B882C61ED0770DB4627F2213AA471A9BDF144663FF14FBB57F0893FEC70BC652DD0625E618C8A84C8A035237132D940921D19
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^..........................................................................................!.1..AQa..q".......2...Bb#....R..r..3v...C$&9..c'..ST%f.s4dFVGW.....................!..1AQaq......R..4.2b.#.."r..3..$..BCc............?....c...................$X.u.?r.8...?.\.. ......Rv;'.D..\~R...9..V.._...U......G.r......X............................................Az....................I.4.........JW....2..*..g..o.K.....+.-..o...?=.Y.?,=....^../j+.}B...............................................\@@@@@@@@@@@@@@@@@A+U..{?..=./..}A~"7@=H"......vL..........s..y....?g.?..~./o.................................................:...yq.........................!m.g.....t..n...\...H.n..#.X0A....=.....d....K.._._._..+.....g........../j..}b...............................................\@@@@@@@@@@@@@@@@A

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\default\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x100, components 3
      Category:dropped
      Size (bytes):24265
      Entropy (8bit):7.697806808050582
      Encrypted:false
      SSDEEP:
      MD5:A2555864446C6036282EB225E110196F
      SHA1:0946B8A5C42447F0C329D02AE92A55B1E6A23BF4
      SHA-256:06EB0FAFC640AF6C30EF1B2EBEEE813C42C9865B29EFD2071308EDD1543B87A8
      SHA-512:E95C735CAFDBF9553D175CDF799E49C8812756CD71E562287770CCEBF2BC5911F2E4704BD23E21921EE60D4B18565FE7C7A14AE298D12B564E3BFCCDFB20BF05
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d...............o..............................................................!..Aq..1BQ".#a..23.T.S%b.$5................................?..x+j...3}8|.?k.4....l2V.9......D........M.($..8.....q....92....].(..,...[.7..3..gMk....+.?.gE....}...W4...!lL.N.<...4..7An3....O$A..........B.Hi3..b.7......!0..5...B.k..3}..?{Vt........t_.N:...]..s@ ............h.Jl+st..9......D........M.($..8.....q....92....].(..,...[.7..3..gMk....+.?.gE....}...W4...!lL.N.<...4..7An3....O$A..........B.Hi3..b.7......!0..5...B.k..3}..?{Vt........t_.N:...]..s@ ............h.Jl+st..9......D........M.($..8.....q....92....].(..,...[.7..3..gMk....+.?.gE....}...W4...!lL.N.<...4..7An3....O$A..........B.Hi3..b.7......!0..5...B.k..3}..?{Vt........t_.N:...]..s@ ............h.Jl+st..9......D.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\default\radio\2100.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2009:12:15 14:15:00], baseline, precision 8, 18x114, components 3
      Category:dropped
      Size (bytes):17689
      Entropy (8bit):6.7697008800292595
      Encrypted:false
      SSDEEP:
      MD5:EDF01ACDB11A0071AC6AC088FE9BB757
      SHA1:C4F9194F3BF351277E89680D02ED8ECB01090F22
      SHA-256:A0B679AE71E0F215B47275AB9E3B7012F3BE2A89697761327F436D06D100AAD0
      SHA-512:AC255D5DD8DFD577D7ED9C93F7936428A446D5E43BA6D5B38FB2FEACCE56DF17BF7CFEC916387D0746A0675C6AFF1F18449060C7C1A6F587DD64BB591C5E4639
      Malicious:false
      Reputation:low
      Preview:......JFIF.....H.H.....9Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop CS4 Windows.2009:12:15 14:15:00........................................r...........................................&.(.........................................H.......H..........JFIF.....H.H......Adobe_CM......Adobe.d.................................................................................................................................................r...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?...=.....r.*.....K.*a....{..gB...u4.{..&.z{]....g...Bx.........*e9...==.N...h}..d`.......".:.ZIi.....nsU.C..)J_.....g

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\default\radio\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2009:12:15 14:14:37], baseline, precision 8, 18x114, components 3
      Category:dropped
      Size (bytes):17991
      Entropy (8bit):6.800960018285449
      Encrypted:false
      SSDEEP:
      MD5:312446694D487E701EF9E9AEA5EC9923
      SHA1:BA6B80126B86F05019DA386CAD2B7F5809008D66
      SHA-256:1B2AA68A43AA1DDC00428DD4DBBFFF9E2E1407B24037301B6A3CCE7976E8AE1E
      SHA-512:B3D25A94FA3E64C3688AF4753A5CD31E65B77BAEFC063FE275882C2B948FF0C7FF052E1A6C2DEA8024BA5A315610829CE96F9EFE7862D0A217D920DCD87A5696
      Malicious:false
      Reputation:low
      Preview:......JFIF.....H.H.....eExif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop CS4 Windows.2009:12:15 14:14:37........................................r...........................................&.(................................./.......H.......H..........JFIF.....H.H......Adobe_CM......Adobe.d.................................................................................................................................................r...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?...=.....r.*.....K.*a....{..gB...u4.{..&.z{]....g...Bx.........*e9...==.N...h}..d`.......".:.ZIi.....nsU.C..)J_.....g

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\default\radio\2221.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2009:12:15 14:13:52], baseline, precision 8, 18x114, components 3
      Category:dropped
      Size (bytes):18576
      Entropy (8bit):6.799226856406121
      Encrypted:false
      SSDEEP:
      MD5:94179C98977C0A563BBADDA0B7A1604D
      SHA1:17DD03928260883970C0BB1395FF52CCD1698AD9
      SHA-256:4D379F0E801ACED6D12ECE91619B219A52D0DD13BCB57E6C6F46ED689124FC83
      SHA-512:B7C42C966DB0C9A079716FF4018A01746DFDC5E8E20A335682F61136374A2B7DE0AB88F1585B5C1D900710288A1B501843F955712C018E6858FEEE5E24E90558
      Malicious:false
      Reputation:low
      Preview:......JFIF.....H.H......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop CS4 Windows.2009:12:15 14:13:52........................................r...........................................&.(.................................W.......H.......H..........JFIF.....H.H......Adobe_CM......Adobe.d.................................................................................................................................................r...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?...=.....r.*.....K.*a....{..gB...u4.{..&.z{]....g...Bx.........*e9...==.N...h}..d`.......".:.ZIi.....nsU.C..)J_.....g

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\default\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x29, components 3
      Category:dropped
      Size (bytes):2405
      Entropy (8bit):6.802749489630171
      Encrypted:false
      SSDEEP:
      MD5:0220372E45986C99D4958D45C4B9B99E
      SHA1:7C86CBB075FE4A1D97649E59F656813FCB085888
      SHA-256:8E6077060F94FB9878415B3A8EE7D32C08933C3A2450B02E099FC43B74C055E6
      SHA-512:362D2581343E9A7F4811B43AB4E22F47F776845AA942E19DEC5CCFCE0004678A125B309B1BF17AB22EF8932B6190E43173240C03E423D60DD4DED1C7ED910429
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c138 79.159824, 2016/09/14-01:09:01 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="05007750B9B6567429F1929893FD2EBB" xmpMM:DocumentID="xmp.did:03A4B478B26A11E7A5AEA522A8844069" xmpMM:InstanceID="xmp.iid:03A4B477B26A11E7A5AEA522A8844069" xmp:CreatorTool="Adobe Photoshop CC 2017 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:2f3bf83a-4795-ee43-8c1d-86746b3ee8cc" stRef:documentID="adobe:docid:photoshop:a9f5cd99-b269-11e7-99a8-d75280bfd2e4"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d.............................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\metal\arrow\1000.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):818
      Entropy (8bit):6.891913796943972
      Encrypted:false
      SSDEEP:
      MD5:9764C4D94006555ADF9954DBD3EF5A56
      SHA1:25C41BCB413170BCCD838EA87C56B67E00686704
      SHA-256:0D46EA835B805E76175A2B45EC7EA61E92212CAE88A86AF8D668412BE20B07E4
      SHA-512:5E682D654EB2B34722C4FFB8FDAC73FF1ACFA0705AF6FBC891C3DC725677838DC6150E5BCB8A0B2D4B38C5C35451820DA7E0EA7FD0108EC0F1F86E1F3B46E50A
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......:......Adobe.d................................................................ ................ ......s......................................................................................!AQ.1a....q.."BRbS....3..rc5......................!A.1...QaB...............?..N..E.........x...~.03.M......N.m..JR-.}|CEiZ....T.ol...>.E3..e..F>..t..DwN|...:..Z..c...X..)}.:.~<.E..s......%...=Y..i2.]T...=.ZYt3?..3@....+^j..[Wx..~./.....F..e;*......k*&Ni........B.......w.G.fm..0.....W..;..}J..W.v.K..V..v..f.o....=.d..k:)....2h.|.L..+..F...O......f.... c..P@.........p.<....#..@.p...."@!.......g.iA;.......c...NSsJ..p;.......t........*.^A.@.w...l...7..........E.(4.c...|H,6....H.@.. Q.......1..P>..*.6....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\metal\arrow\2100.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):954
      Entropy (8bit):7.069304110172994
      Encrypted:false
      SSDEEP:
      MD5:710D6B771C55E4CFAFFC297FE742FA6F
      SHA1:C6AAC5291ABDE440771D537E75E8D446A459D1DA
      SHA-256:A2D78BB2758C2B86C4D06A874683BF4FEE1BA14E8942D161A550280925F1AB2C
      SHA-512:5E56B946B28F31543FFA20B139C32ECA06F9E4010CC51466A35087E7F3617FF91E1103A4C833D586E110BA1279CC5D26AC3BFDB8444FD1F3A423F4B4E77538E7
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......:......Adobe.d................................................................ ................ ......s.....................................................................................!1..AQa...."BR...qb3S.4...2.#CDT5E.......................!1..Aa.."B..............?...!y.@._.y..y...vR..3#.es.., .X.z.)%"..@&....k..._.......z..:..1.>qp.'.U2..q.B......:.L......q.S........>.8#&>Yyg.M36....:D.B\L.-W-b....I.....[..H.*).U=Cfm....]4.$..y.".u@.-...#9Hl.../.l..Z......#.......l...-+..5=<..@3qNJ.t..P..j...F..%6.l.b.).5...+.....<.,h..z...%.%f..s.E.g..|4L......|.w..3......_.|...|o.C(U&..RAS.t.y...2Ov.. .3.i.y.\..h...).R..a...V&.q.)kIA*mAhJR..IP..0T..fw.x.}.d._.........b+.>.b.o.S..D..B....8..M=V....}.Q..".j*..VJ.[d.o._v=...*N..&...Q.......W..Y..=Gt.[.T..A...h....D.b..8..'\..u..du.`..&..@...,'D.....X.Kh....T..b..y.}...[L.Vz.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\metal\arrow\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1096
      Entropy (8bit):7.293819663696126
      Encrypted:false
      SSDEEP:
      MD5:6B2DA1D66119B720209B9C11E7827591
      SHA1:4A86D1FCBCB12728D3F11F5205A378B634B15327
      SHA-256:FCE0919D3F6D7FC628F51D14E84C3F723FEBDF42B86E814727E6485223024626
      SHA-512:0537BC3FF34C86E798DCBD40AE9F7785DA03BEFA1ED0AD85E756F6AE66707409DE5EB8E74BE65EDAC23A4F28E767244B02C9A3F349F84A245A3061340943185F
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......:......Adobe.d................................................................ ................ ......s......................................................................................!1...Qa.Aq."R.3S..2Bb5.....4T.r#c......................!A.1...QaB...............?..:.........A.};)Hj......{..g,R.J....0&...3_...U./....._5..-.$.......L..5.B......:.L......q.S...... ..Dd.\3..SL..7l..'P..,KU.X..M..%';#..v.r..TR<.z...u..-*.iRH"...-*.d..@0...7J../n.....%?n...Ap..<........u...Ya.xqH.K..i...7..q......6....t.....\b.t.6..t..Z.B.2..i&kRRJ{.V...O.\..4...r}....p.a.Y.o8....I.%...U.X..L.`RRs..`...i.EM+..l....!i;R.. .2....~.y}..p.D...v....[.D..AC..e.f....*.f.,._t...E........-..JR-.}|CEiZ.......z.ty]...9P&...]]+.H.t....r....k.6...}bR......s...U.w..?..Q...=Y...v...h.Y...B.....U.,*...zV.."4....Gj....S9N..w.u%.gQP..3B...P.fR.C..[..(..x..W=.._X...s.?._.../v?mZ@.......e`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\metal\arrow\2221.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1255
      Entropy (8bit):7.411043414041631
      Encrypted:false
      SSDEEP:
      MD5:8B006525C7CD62BCEA852CCFE17D1322
      SHA1:71E0F9C559EA450C3B4F80ADF6E5671D244A390B
      SHA-256:72F8356EB832B88D79B38CF7D34548BAF031AD7E47547C9050FB65D504B868AB
      SHA-512:74EC5BBBE1981299E276F4B408A06DC31B7840341F061BCB20D538E26BF82EEFC4E5889D084B5D02CC7337D9D8B643CF8E2ED4B444CDE419D58800D82AC63BA8
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......:......Adobe.d................................................................ ................ ......s.......................................................................................!1...Q..aq."2b3S.A.R4T5..B#...Cc.....................!..A.1...Qa.B................?..:.z.@uz.....s_N.E..e1VW:..`.r.+.!....`...5....x.m..z.H.CI1.x..4uS,..a.....v...Efd"...ZN...u.o....}.h..xe.?.i...f.+.:.'@\.b2......%'>..{ ...t*).*z..m..(.....EH..)j.. ..T.$..RNI@%I~|..........\?.5.j.~T(.;(.YZ.*..,...E..........}f]._B...6.....$.....\b.t.6..t..Z.B.0$.hVfB*...i8.S..E....u.O.rU..M.e.&...n...p{FW......JN|]+.T.;H.T.t.......v........U.=.y}..8W.+.X.b.@,..z ..V{.:...s. f....C..u?e.[.J./.)j."...._f..Y....u....._...i6t_.4....i.;.2&..L...Ci...o1ZN...u.o....{..xg.s.2.+y.n.7\qS...$.8W..........@H.K...E+.1P...l..Wh..*@F..._|..v...v.....l....P....QA@.k...kY....c...,....V.A.....)...>..ZV..n..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\metal\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x526, components 3
      Category:dropped
      Size (bytes):28759
      Entropy (8bit):7.80109573064427
      Encrypted:false
      SSDEEP:
      MD5:440BAFA90AD424948ECE33382243258E
      SHA1:C2F9D3E70878CA6637D3135B34523057C0CE7731
      SHA-256:BA5916A0240CE19D16F6330AD142A27968FA1C268753702732955D6DFC051CAF
      SHA-512:DA877B61C52D2742FF1D42869F1EFB880E1541919D77485C97EECA9E585932C79ED407C7A1BA97FB02BE9938726BBD05495254DCBB104A7BBFC38E75A63B2432
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......A......Adobe.d...................................................................................................................................................................................................................................!1AQ..aq...."....2R...Bb.T..U.r......#3s.$4D..CS.dt%5...c...............................?...*w.y...x.Z<.3....j.ON...c.............7...9......5...9......7...9......5...9...|~#..>..@..|~#.}>..A=....._O..=....._O.._|w..<...|..|w..\...|..|w..\...|.......7...9..=...7...9..=...7...T.|...\...|...]...7...9...|.%..6..@..|.%..6..@..|.%..6..@..|.%..6..@..|~%..6..@..|.%..>..A=..?.s.O.._|...\...|..|...\..j|..|...\..j|..|...\...|..|...\...|..|...\..j|..|...\...|..|...\...|..|...\...|..|...\...|..|...<...|..|...<...|...=...7...9...|.#..>..@..|.#..>..@..|.#..6..@..|.#..6..A=..?...M.._|...<..j|..|...<..j|..|...<...|..|...<...|..|...<..j|...=...7..9...|.#..>..A=..?.s.O.._|...\...|..|...\...|..|...\...|..|...\..j|..|...\..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\metal\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x100, components 3
      Category:dropped
      Size (bytes):11164
      Entropy (8bit):7.891470327146528
      Encrypted:false
      SSDEEP:
      MD5:FBD9DC761E537B08D76E15998334BB24
      SHA1:7138054A6543846D91087D0D758F69A0C50A3604
      SHA-256:26159C3A44B9519FD313DD0D4A18E08241C208530E7773915A9B6B7C220EDF8C
      SHA-512:3E030AA9601517963543DA68534C7B3DD6D867346A4479CFDAC0C228C1FD76E071037762F6F30769358BC2A4430E0CBF556C0E94E63B30109A9BAFF15CA41969
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d...................................................................................!1Qq..Aa...."2R.Bbr.#...3CS.....c...s..$4DT.u.6.5.dEUe..............................?..D..P.........?...A...@p........4....vt../...q.....j...@p..-......P....lt..@......c.@Y.Z`...(.P..........t..1.I.:(...u..}.z..dl2.5.....4j...\.N..{i..C....p.i.n9.....o...T..9.K].Q..].....v.6~..&.....o. .^l..0i..n.$.x..:r.uG.C.l..O?...)..M........+.....ZP.mr 4.".<%.,.w...I.u..o......{1....n...^.G.....( .^..=..o..n&..p...2x.'...d.n.....H@X...n...m..=.6.8...1vg.q6!.A.*.#..Sr..F.KZ..x.P...*..h|.$....Pf.T.....G....a:.nx.A.......nq....D.J.8.9.K#. +..Af.-.c...E.lR66.w..~r...0.6c.../*.ccA..n-T.ck.#1.o.Pt.Y#X....v..H4...QAi...9c...~...=v...e!V%....*.*@..T...}...,A...#6....|n."\...|........N.K.^....)8=...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\metal\radio\1000.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1257
      Entropy (8bit):7.3628567696114064
      Encrypted:false
      SSDEEP:
      MD5:E3DE98631C401DFA0739710A7F6DE66E
      SHA1:DEE91C564833E202E54686262085641A1B6AB0E3
      SHA-256:195036EC976B123EC736B11FA28C833C727E70ABF48AABA63CB06F92AD4BDC63
      SHA-512:47A821C4DB20E7FB4C894214421C882E1B26165F4710A2CA7E5BF17C45C01FCC160FFAF87A882A35D96018CA5E7E49286447004A2315D9767AD4C7D6F94686EA
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......:......Adobe.d................................................................ ................ ......s......................................................................................1..!Q.S..A.."23.a.R#C4D.rq..b.E......................!1..Aa.."B..............?...[.2<.<....3l..h.dW....K.!4.).h.S.t.b.T.Up..4.1)..e.e.<..O......0.......N.o1U.%gEkZ..{Z.3>.T..f.&.$.......s....+..|5...q...Re5.D.9.:!....2N.iOH8.im7.4K...;T.%5.Z.m..y.*....C.Z.PJ.PZ.....T.....W.l.....O.l.W........y....>.b.o.R.Kw.E......d.i.8....A!KYZ...W.V..\..t.,...Z.I....K..S..l...V.....Pp....)D.HHS.>.R.8..GI......\..~tv..naJ.JI..@....../x<.......`..~e.8....f/.m.(yB.... ....g.1......aq..m..)J j....9v...\~.}..`......d...;.U.....,....m....!K`.......[J...6cw.,.p....,.Q...Z.e.s....U....(.)..}r.*Yf...t......?..;G.Gh|.......4....V....oG.......u.m...Z..'.e.1x.i...<.GZr..l...3.....IvB0...6.cJ...5X.u......%..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\metal\radio\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1363
      Entropy (8bit):7.444820582248723
      Encrypted:false
      SSDEEP:
      MD5:F2C8B97B1917023B66D788DBFC0DAB8C
      SHA1:229FAAB43E330FEA776BE9B71CA65D4ACAA68125
      SHA-256:829DA84FF7E1FFC48F3FA851A4B097F76092A65A03CEF86D45DA845E2503BBF2
      SHA-512:F6DF61BF99716D49892A601E54758D4EB8A53A599D95A95CF6348A8E57B7F6C084F6D91814E8360B84675FE3949232541436DD7C95B36429CFD301925F365B2D
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......:......Adobe.d................................................................ ................ ......s.........................................................................................1Q..!A."RS..q4Da.23CE..Bb.#........................!1a...A."B..............?...W..&...R.+..... ....H..%*e.\.*..Lk..v...T.....%.X.....H..-.>.....n.Ux...Pi...cG..m..Y9g..yC.};o.x6v.d.4.yM.[.)$PAm5.,..q...fF..r....-._..E......Aj.i..Z7.L.F..E.UVUGgg.v.S.....[}.K...{.+./Y.?...C.B..21G..I.|.5.....V...#3.....$(kJ.....O.....n...........QEwqu..V.....bDl....K..Z...z........{CE....V..9.....&"..#Y......j.M....>..[n.....+.(|......i.).u.6.j...C.....9\.'.*.%j..V::[.....T.%..s<..-..&I#.C"..*.....).[{qq.-..%............8....+.V(.c)*G...6F..3..l.;=?..?.y}..G).S.%..=..dm...Y...i....q.....kkK.yk{z.d...F~......U.)/)K..$iJ0.me....+.l4..2.E..9l..2#o..N.sAV..z+Z...P..~.*2}.=..g.$....>g...^.......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\metal\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x29, components 3
      Category:dropped
      Size (bytes):1810
      Entropy (8bit):7.211058657855335
      Encrypted:false
      SSDEEP:
      MD5:DC2BFA6DBB6B28B0ADA0BFE062058564
      SHA1:09CED9AFCA39710C780CD1261581A7A48AFD1D78
      SHA-256:B5960DFACD6E2E32A368070F3B62EB3BD2EC3B09B69B49D77D3CE0CF9774A79E
      SHA-512:38305EDEFC629C0A019BE48223934C4A5D95B85A984974BEDD96F6489D9FD28D76C2D803ABCA9DE7768425F17BBE74CEA20EFE17748CC82F545F6234E11424F8
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......A......Adobe.d.................................................................................................................................................................l.....................................................................!a..Aq"1Q..2..B.................................?..{D.......t.P.D.P.=.P..P....@.....-.Z.......-.h.@.....(..-.h.T.....j............................@Z.(...j..@Z.........(.....m.P.."t...z....[P..J..@P....-..........Z.r...w..]....F..L.uX....T.......s..rh.;_%...c~^.vJ..G.:..'.".#..8..W..m.P....e..m..g..I..{).+..GV....[.sZ.........v.lM.n.......'e+h..*.b=.TZ\.......ps21.s .\<;./!.s..%u..9..^..w.@a..g....G......Tm.H.kR.TD.......w.i12.+.....I.'r'..j:hh.]b*|.V.......-..Q....P.....j...Z...j...Z.-@...P.....j...Z.-@...P........Z.,.`..X.......,.`..X..%....`....-.h.@X.......-.o..@#z.m...V..@+S..5.[.........9....?.`3.....U.!....g.d.I.f..8[...6.1..e.'e..-mU.8.q.C..8..z|.30.b.E....;'"H...3.dH.b7....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\arrow\1000.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):778
      Entropy (8bit):6.747527747446714
      Encrypted:false
      SSDEEP:
      MD5:83C057C85B0F142128F8EE96F611C925
      SHA1:C613A07F6340540FC6FF869CC896B22F7B614F47
      SHA-256:A04626DD934FC8BE672AB1262765FE42B5BC7F4E4E002D8ED8E920F883446B1B
      SHA-512:046B25C392A160A37975D23E9FBD3A8073291824BB4A308319D8B1164B1F72323D9C637EA908E2558347A2E829BA875501DD11F597FD415197341F6B9894284C
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s.......................................................................................1..!AQqR.Ca.2B.S......................1AQ.!...q.2B..."..C............?..f.P....._H.d...rEIVp....w..J.OjX..>..c.... ........)/s.H.N...R.~.Z..q....+..WL.A.v.in....?./..~.\...jr.N..d..5L..Y.......}.F..+.x...._..C_..K>.kE.?.D'....35.6.u:/........,.....z...lV..]\.)RYNUT..I.r.iql.....q...Z..RI.ugg..........)~.G..O.....^......A.Dv.....Jk`.K0....ys..M..o../..# #.......F........4...f.h....0..b.A.E......91.8....b.f.^... .".(.2.....HnO.U.....EU@.....I....fI.U..b>$....h.........

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\arrow\2100.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1120
      Entropy (8bit):7.337310923713956
      Encrypted:false
      SSDEEP:
      MD5:786E4BE6A77081BD6158CA8A8FF35DA4
      SHA1:CB9EE42EE06EE93E3AE70F3C563E56D39A9D4296
      SHA-256:59196A9729216AA7D620131A83FDDE7E4AAC1B468A53625CA747BFFEA8F538E2
      SHA-512:DA3992E8DFC1D93DA09AFAA058E9BC72328DE136BDB67C0D88FA756A86B5F6FEDEBD7D1F10F04CB93EEB2A7E684387EDEF38952C85253889A776BF7EA1E15C59
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s.............................................................................................!1a.Q"Rb..Aq2B4..r.#ST.5U.6.......................!1Q.A...q"2R..Bb.a..r..C.............?....uxC.y.>^.t..j..b48.........N.-dY..U..HQ.lm.vTG..}....=.[.<_n,....!...7......k....v...U.3..{^..:.W....N..v..<..?..)...<..q.y....&\T.N..*It/j.mJ..K.6*...oq......[.h.Ks..Y..I........a.W.Z!|.....([..W0...$(`}.<.buv.....f...]...J..=..ooo}........4.q.An5.>.de..a..k1...\s..Q.SN..Z.Z.P>.E6.+.#%I*.@........D..P......&C..2..kK..b...XI.Z.'...s.,0.m......XW.I..n..K.-)..3<.4s..ipe..[u.>...T..I.R.k.>h.....~.v`...S..%........u.{...Z..8}9.^|....k3.....&3..6N........j...w.^.jy..A..5.....~-...`aiu.A. .....'...N..z.~.5'.........O.....7{.._.^...5}........#..}`%.........W4.g6...b...RH/8..n..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\arrow\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1398
      Entropy (8bit):7.484702786143677
      Encrypted:false
      SSDEEP:
      MD5:109BD1F6868EA5A53692090B2098919A
      SHA1:F151DAB62A5E6EFEF75A9D06B53ECDD65F598BEC
      SHA-256:01564F2496F1F6F7D91DAA8A5C620981D1563B380256C14404BDA07F22999D94
      SHA-512:14089E17EE10A03A71C16DE7F7735CA788A6127E085F21295A523B2C135A589FBFE26F66704471F3228F61F63A5E812327FD0A9327CBF44055DAB85B586F1C58
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s..........................................................................................!...1..Qab4q"2R.A..B.#T5U.6.rS.......................!1AQ...2..q."Rb.a..Br...C............?../..".^.O...7.Q..v..m#C.(...X..+.....X.1,W.BT.....q:.V.A....sq;bQ..\7..Z.._.............._K...^W.s8M.~[Uu.'ar'.~O.....E...q...t.E.\P\.....x..fCUtV.U.G.`a..x...oH.;R.d.C...p.....i....er+d.J./8...Ccxn...D....l..ft.g\L.>.,..v..T}.h..&ml..[i<...,.!..q.....i.....kQ...\u....N.V...P.}.D..U..p..AHD..u6...)..5.Sd..P.~...^...N....kh61...wX.d.,XM...Q..,...+..*i..J....Z..[.ZM....).........o.1|..=./...5=.....?o......v_..]?..\.._..?%5x.v'1.\doB...A...3.......<..d5WEl.](.z.......[.5N.4.!y..n?OI......W"vA.....<T67..d.H.I....gN.u..S....O;co*>.t..6.o{....`..e..+.+....i.....kR.;.[...Q.&.l.k..."...$\.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\arrow\2221.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1671
      Entropy (8bit):7.622640302610331
      Encrypted:false
      SSDEEP:
      MD5:D6E45A96A77B5671D58A31AFF106F177
      SHA1:54A447AB9F93C95CC4EF4354539AD589A08AF279
      SHA-256:04E15BB2C31725F344D93AB3E2D83D9C1E4A4F8AC13A1334D9EE3664DA3DF226
      SHA-512:79BA703C5CAC3BC4C81C5156164049DEACFA3615EA0CC09E5A2A1643F604001431949A46D9C6EE31A485B6C015A738F20B77030BC803830D181F0B839EE2A173
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s..........................................................................................!......1A2b4q"R#.5U.6Qa..CST.B.3......................!1AQ....2..".q..BRbr.a.C............?...?.E.".^.....7........$;.g.....J..E7.k".@.W...E.4....u..E.%...O.J_..X.k!....|....x~..k.c......x...w:M.~^*..'ar'z....)...9.....)..HL..8.Z.T..].y.+.Y....1....68/..;[.j..i2C!..n8{>..*}.n.Er+D/j.^pF..-.a..XT...0>..E1:.Q........]D....ch.f...........V ..le..#/.3..kY.U%.R.LJ..u.R.J.B....H.s{..G......:4.E......F......=..........j..i.."C..{!*1a4...Sz..(...y.!DY..J......."..nh...?.:..Y..&../..Gk...].ON............n...U..=..;...O.L.$]..m..7.O..Be.A....RK.w...Ad..B.iD#.00..^...T.CI...0&...NVd....m......y..<P.5..eaR$HP..hy....G\.$z.P.5'.......m;T..n..z...Y.C.X.....F_...L.,.S...q1*;.i..JU+A...lA".c

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x526, components 3
      Category:dropped
      Size (bytes):35778
      Entropy (8bit):7.943826171174218
      Encrypted:false
      SSDEEP:
      MD5:C12B97D5A230A72970B0947FFD1D2CE1
      SHA1:F5AA3204EE60F34D736303DBF61F7342F95EAAB2
      SHA-256:8DFA97D18ACAEAA0ED13A43CCA6802D5C3637EAD536991915AC3D88636BA08D5
      SHA-512:CC7DF1BCF4A8EE24BAD3A148783B5C0B447DDA62E74EF0C39D16473C0362B2710360F42B576E22A1FB7FF57D885DE5133A79704A11AF7FBE92E790D70F4A87ED
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.............................................................................................................................................................................................................................................!.1AQ.aq..."2..BR..T.....#.rS...b3C$.4cD.........................!1Q..R.A..q...2.S.a".r#...3B............?...5.E..s.UuoV..s|..}7.p..&k.&....uu../Dv.b.7..|^.....o.S.............z#...A.]Ok..Gh...|......,]..u=.....X....{_..;@.t...../Dv.b.7..|^.....o.S.............z#...A.]Ok..Gh...|......,]..u=.....X....{_..;@.t...../Dv.b.7..|^.....o.S.............z#...A.]Ok..Gh...|......,]..u=.....X....{_..;@.t...../Dv.b.7..|^.....o.S.............z#...A.]Ok..Gh...|......,]..u=.....X....{_..;@.t...../Dv.b.7..|^.....o.S.............z#...A.]Ok..Gh...|......,]..u=.....X....{_..;@.t...../Dv.b.7..|^.....o.S.............z#...A.]Ok..Gh...|......,]..u=.....X....{_..;@.t...../Dv.b.7..|^.....o.S.............z#...A.]Ok..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):4327
      Entropy (8bit):7.344738969494696
      Encrypted:false
      SSDEEP:
      MD5:153634532EC9B3F4ABAC468E38CDF695
      SHA1:1B970C95D79F3F37B389853F1241349B8C528ED3
      SHA-256:178F56CDDAE9FCA642E9CE514C1AD55761B36297465BB1A410D4317C7C9E3E7C
      SHA-512:5D02E0B36D5946FCF64F5D03EAA6857F9F10DD4A78ECF7C20271899353AEEC352D0D696AD3CB377DC7131F06E286B38B2060B43060D731A8FB3C56DC25A2BF98
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@................................................................................................!1A...Q..aq"B.....2R...#..34r........................!1..AQ.a.q....."2BR....3...br#....S4.5............?....................................................................R.9H..u*.........kprg..Z5....%<.B_M.sh.....6/3.....t.4:...m]..8.b...~..2......n.n......j...l.uUUi.s.s..!....[H.R.o....%'.B-.$.-.........^...:..q.F..n.M..c.^.W.r..L^.(.....]=U..O.//..n.O....8..%..3M..i........Z...b.w..i;.=...z_h..;Q:.b...m.frp...j.^k[..7.....J]......?...}3.\..Xz.mU..IW.E...U.k..^...,..^.Uf.U|.e..t....Y...R.......7Q.R.....E.};.5.n.Jt..I(.Q_.........g..E\....ywc.7..G~..y....^_..7.{....g.o...|g.1...................................................................x@.*.....y:.C...g.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):40622
      Entropy (8bit):7.957146118551244
      Encrypted:false
      SSDEEP:
      MD5:89A6389E066FC9594858407E17998DB9
      SHA1:F4655B7E7FAD95CDB69571B1C2E61A6E9AA2E38C
      SHA-256:A66D1F68A4002A4AB825321CE2CB445772C54BE4994BF1747351BEDE449BAD03
      SHA-512:0B38BAE42B14771F950A84650C0FFFFFE9FA0A4534AC60A0DE82C839CD15D1A386D0563F295A2BED0A506DCB1E109667D6F280865471B834F32AD7C80C14A219
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^.............................................................................................!..1AQa.q........"2....BR.b#3.r..$&.Ct.%V.(x..Sc..4DT.6F..'8Hh....s.d7X.........................!1.AQ..aq....."2.......S...BRr#3Tt...b..d%5..Cc.$4fvsD.UV'....u.&7............?...6...b*G.(.z.3.!...I...j.:..'..e.f.M...<.....:.I........k#a.$.....d..\...z..Y.`.....W..T."....'R..P.#..i...(....m.......P....lz~.n.G.g.=7{..3!..q.N....F.V...h..}.}.PT...{*DZ....r..b..s4...M.n.N/w.\02rE'.8..Wl......5Y.1.Q^.r..rs7.I."e"O...A..1.n^rDc.V....m.^r..a..T..yx..{..G......x.............#..........7.....g......v|..W').$..v.Y.....v.m....)$.!o$.1~....9...^{......\...<S.b..*s]dW...'D.U^.$.G.........?..BL.[...O..U.ku.;..<....._.8..9w..mg..n/...!."|y.I..Q.r2....V#...../).................>.>

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x100, components 3
      Category:dropped
      Size (bytes):8955
      Entropy (8bit):7.924419497502312
      Encrypted:false
      SSDEEP:
      MD5:EC713B6158A057B7825274AE4E1CF183
      SHA1:C8178CF6A46E14E82F4EBDE407FF04FF931CA7DD
      SHA-256:04942FB23C0FB15AA732881C411FD2B4F44A621267E2C1DE182C39B014A87211
      SHA-512:59D90C027C5D06338F8C410EA971961FBB6990394FF929A7CB5EC664901F9819566D0ABC1123A0B4F3730792D8CB30FB7FD4E3AB5A4154C9F41DCB00C4DDED9A
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d.........................................................................................!1A.Qq.a."2.....B..R.br#3...S.C...c$D......................!1.AQ.a."q...2....B..b#............?....[....:.Ut..0,-3.....\.jA.#r.....S.fmv.S.f-z5.....L..t..:..X.O.\....-+......S6.W;K-.d.Z....&..D..D. T"....] .^......H..<..H.t&.ax......!..a.K....w..5..}..R.e..u..?H.I$.:.A%..].D_5......)`.S.\.....mn^.(..C...*.^...5.O........EY.B.F.P.....m[.B..$X#@2..e.!.F.n].R9.Y.....8.Q.....p..$.S.. ..8.%t..V.\..f:.q.6...Z.3....3..[..X..'...... r..y..9v:.QX._....Zk..%_.....#g...:....[..........%..I..0.=.s.Qd.cl.M....cXjk#....."..?m.}.Q......:.6}..z...o)T./..I.I...nN.....G........r...VW.Q..[.m8.....I...e.)f..........4.[..$..I4.|.C.i1.1<N..........0.[%..!..WS7.:...:.v.ZS..c........L||}.n9l...r..[

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\radio\1000.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1790
      Entropy (8bit):7.625556970420797
      Encrypted:false
      SSDEEP:
      MD5:9A740549BD117BC16F6ACB8D884604D2
      SHA1:DA20E48ACDE3A7097F8335541DE40FE94C600E0A
      SHA-256:0DAED44A8E14750614AFDA54781621D400FED0D2ECEE9A4A402F5964D3CD3F5A
      SHA-512:3DA47437F97E28B4F7FBB0ABFF44A4811B96D8511AC736DABD24B598A98B274A2E8FB9C9475A08DE3478CD41683BA60DB771CE409E2ABA2799F866EC813A3E1E
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s............................................................................................!1R..Aaq.Q."BrC4...Scb..3........................1A.!Qa....q.."2Br.3....R...b..C.............?.....;+u..3..Qkk.dg.h].x_E1..=....../c.]-<.>..c.Ki.@.9....c.i..k8.......4.KA\...R{0W.....m. BRC.+..K....\^.~......8.-...>,9.P.....}.j;P....6.o..K...v...~.gD.g1.N....S.k...-..q.3a.~n...d..Y%..P.6..S...~D......z,!...9m.b..7....n.x|{.]...N.p...mY.d..#s..........X.mQ.{.b.....A..j...P..E.`..X..N.0A.'...L.&.:....4...S.3...p6..1[j...1.Pi.GPXf;.TT....049.$._.w...*..X...]...SS.[94.h..T...i...s.]sv0._V....d...C...........Y......m.7|....>.g...KZ.%....x{...[{.._`./...SN.!.l....b..PN.Z%.=....VS>.s.>.p.V...W.zS.....N...P.y!....$1.4s...3(.L.V.p.f.....~..[....0.....un..g.|.~.... [:...:..w..W....9...^.I].kz

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\radio\2100.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1799
      Entropy (8bit):7.627751600207026
      Encrypted:false
      SSDEEP:
      MD5:D20270537AE700B03B988FC7471C820E
      SHA1:3B68B1BE0A7D30DF6ED8952C34794E90102B77DF
      SHA-256:A8C29D7365A7ED4191B20D08BE6274215F5F12BE420E826852205C4F3755DBB4
      SHA-512:F8245BFF51757D1D44F4DA5DECE49F6B96D704E72A2B6D2EDFA517029A69EB410CDEA3945A2C3C29A32E6E9E0CB1A0B0938C4F7D3711446EC963913B4E6A3780
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s............................................................................................!1..AQaqR..."BrS..3Cc42..........................!1Q.Aaq....."BR3.....2br.......C.............?...T./.......QM....Wu6.a.=....6/Q.:.nIwm...v..-(....-..g..3,.4d..K.e'...$.K.`.@...*h.q ..8......'A.=JG......{|.6......6.K...Ksf\E#p.;.-b...0j...|.....1ARd..')9DM....tf..n.;.ksMc%..$.R.....#..$|4... .....)55.p.9..C.!...."4B...6..?.......s..Qxy.||.V...G..Hi...PJ..N..}.....S2e..L.r.k .....x...]........Ki....+Za.`..!....h0..C.....[.@.....Fp.......s..........T.Y2.>.3..r.r....x....:...I........4..A\..j..;{*....d.OI...K...P\^.|'5...'=A|......6&@c......./....o.3Gm#n..m.....Oa.~#....L}*..............!...q...:.$......{iL....cbj.Sw.x=.....-..L.O..Gw.....:..x........n...-.G.1.:..:.j

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\radio\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1794
      Entropy (8bit):7.61906650791519
      Encrypted:false
      SSDEEP:
      MD5:A98E2F7D5DC055AD4B4B6D92126D9190
      SHA1:C2DB85DCF7BF991E8BBA0D39F952748DC98D41D6
      SHA-256:65751616EDB29437B01CD352B8651835CA585942A78ADAAC589F9F8C16039470
      SHA-512:C10AA6FE00361AB2FD6D78496FD20CB2361F235563156D4C41EC6E2E86207C964CDC3B303B927FC64A3FE86D4F5930C0C775E8D0E213F0D63A79F22133128FEA
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s.............................................................................................!1Q..AaR.q."BrS..2.3c4...C........................!1AQ.aq....R....."2Bb..3..r.....C............?...>.._..'.E... ...w....m8.L{%7S.n]G&\.%.......iK.c..6c..E.'4....).......Q.u...........!..GP.i8.C.}~...w...a.YQ....oAt...nl..nZgcE.Y..w..Pw`O...}.a...2C.."&..j..5j.7X..5.....y.C)J..d....J.=.S......)55..9..C.!...."0./.Q.6..?w.......u......6.._..Z..2....P...^"..+...i...6.9...%!.e5^i......Sr......Za.`....m.A-..8..}S^.6:Q+... ....].m8\.Kb..U..V.....D;Nu.....pu..P..y..F.-VW."|,d.......`.@.Rk>.SH...8.9..u.[..<8)......W7.x>,I.U_......;. .]..D.6e.R.-.....m....Pwa....o..?...-t.t..[tY..p....)..nY.d..d..R.7Y..uz...v..R..x ]........8..z.8.... ..!}......~....}=....,..og.g.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\radio\2221.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1701
      Entropy (8bit):7.587567657324339
      Encrypted:false
      SSDEEP:
      MD5:02F6BBE060F32E49E3CAF2DE8E60EC7F
      SHA1:4674875A4F264A947DA6BF6F626B9BD50325D034
      SHA-256:20072AE2E122A6407DAC4771544158D7BCECEBF98404C22001B0E69F79C8580D
      SHA-512:DAAADBF113AF1AF0315333089E8B6FF4891D1FE0FA95E5ECAEAF763DA593BCB4A8E1A1A940F44A3A5B6E22A9296CAB1FA56E4D533CD938F434B565D6323FB588
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................s........................................................................................1..!AQ.a."2BR...qr3S.b.c4........................!1A.Qq........."2Bba..R...C............?...T./...cW...#J...P.....8R..{r_Q.Z..ys`.e-.........s\H..yL..FN9I{C.N.R..:...(.v.6`H.A.H./...Q'B..{......~O...)o[O.....m..D.6e.)..fw.j.a'..........>..@..4D.......:n.......5........#{d..{^....D...../.L.....).d.I.m..rC....a.mC.{...}z)...=N...5._..Z.......V.rp..]+....[B.'.. .|sO..JC.sJ..A..F.*.(t..s..&.AZ.+..F.)AQu.!>.....I9X..d...~...m5j..(...%(R.wSe<..n2...bT..|..f9.$l.<.f..'.K...w.(tn)..w1G..>.....:..E...J$.Y......'.s...u..R......$.of.%../.J.[3..V,.......\.HM.y......'M......:n......4.2[O3$2. ..41.z..G...N......3s|z.....}$I..I..4f.........w...Oo.....].\.Q..Yj$>v....XQ...c2..[hT..x..O....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-sweet\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x29, components 3
      Category:dropped
      Size (bytes):3149
      Entropy (8bit):7.162730516321651
      Encrypted:false
      SSDEEP:
      MD5:26F618D15F304AA9B222C4C0A15A8DCF
      SHA1:204B61900823C41AA154E42552453DF2601E5911
      SHA-256:50E672CD1D4127C4A1796002A5171C69ED17A7E7AFE20F7E1A76CA9C90C9729B
      SHA-512:12C3AFAEE3CF1006C3C30A19ABDF9E9076FCD0126F211CF0F3BA246A8E3EB80EB0210ABC714F78ED5A67FA4E75D2C735004B764AA9DA3ECB68EE025F211E656C
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d............................................................................................................................................................................................................................................".Q...!..1Aa2..#c%..3$......................!Q...R.A1..a"...q.B.#............?.....y3....utN.0...q...8@..?&W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yutN.0...q...8@..'..WD.....W.]].....y\yu

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\arrow\1000.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):885
      Entropy (8bit):6.982547302591145
      Encrypted:false
      SSDEEP:
      MD5:337849DE9C1BF9BF83EA963E9A3BA5E8
      SHA1:C46A52D835B70D8EFDD6E25F75317C84DC4EBD6A
      SHA-256:9DAAA1392B6C12457B8A06A29E287220F4DF60471FC13FF99E0C6A973C457C0B
      SHA-512:B67D7723B8E87B32B254A3105D64B7CDEE4CED42DA61D05D8C9F2EDCF7FFE2B8898D14169F3C5485B4FCAEA148097DD7756E48FF742FAEF101F60470102C9C19
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......S......Adobe.d.................................................................................................................................................s.........................................................................................!.1ARQaC...q".3S.5........................Q.!1A.q..a.BR.."2..3.D..............?........,.ld....c.-.b.d...vQ|..M...4T.'.G...f....)O..;qtm/.O..z.d.Y..:'m........rNS.3.Wc.....Ny8..j.......l].xN...cd.ss....)......3!.K......]...zW.S.._...{..|.&.~1dp......[L-.\.Uu..jrO...{,..;....V.5...:.{{..Yh..0.jm,.W......&..z...[|md..i.o....y...Wm........JO.....Hi..[.C......|..D.;..n.}.s.[..$.yLL..%.nN,..g-r.3.R....i...Tp...H..n.7.m.....C.k.8T...l..b*j"......e..1e..-.*_hDV...T.U.Qat.......,P..J.ES.(b.X.B..(.gT....,P....DV...T.4b-.....0..,...*,...T....,P..J.YS.(b.X.B...LU0b1e,X.,,..`D..cDK.?..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\arrow\2100.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1221
      Entropy (8bit):7.342797197307367
      Encrypted:false
      SSDEEP:
      MD5:7B5C3EC2030C1A51747E0236702DD3D7
      SHA1:5EAC90682E42B6D6A9DC69A45520E3C15C0FC67E
      SHA-256:058C82C11BD3DBB9C61C0203B326957DD67D2EF741A48C34270BD61FB564BE37
      SHA-512:156CC6CA140D159666D0930F20BE72530CEFC66C28698D478A32DEE0082AE9715D66C1D3A050F1CAB58A9138732D6B25A25CAE58D0A170645C4156D6AB5DD038
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......S......Adobe.d.................................................................................................................................................s............................................................................................1...!Aa"S.Qq2RC5b3c4T..6V.7........................!AQ.1..aq.2R....B3.."..D............?........G....zC..,."...e\..-..b..j.5..........%-4..'..R..ml.]@.[....\.bO.8...?........................]..N(.v/+..?....WD. .....L....e.Fu.I....y.Q6......S....*r........%8......88.3s}..t.$/8.....W....Axy..x?...ACnK......u...$7]N.kA;.p.}2..2....]\.6.Q.....s^M.q'....4..+.r1.^.Es,.l.f..],...M.{.;...R.0.....RV."D...#......PuU.0..%..OD.....jiL-U.R.`US.g.vl.Ccn.z.?..m...Jv.....k..Y$1.AN$...........3.O..M......>..Ld;.]=...=.ET.8..a.<.K.I=Q).qo..!...u..Hvm....k.-.y{.O..b....-..V.J.......e.7\....S...^^......nu..i).L.|55.Gl..2c{.......m...Dq...n.....m5vb..KT.......3.=.ne.ang.-.olW,..lg...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\arrow\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1556
      Entropy (8bit):7.525593511450212
      Encrypted:false
      SSDEEP:
      MD5:2B736C19F76C7194A0B3B0B4FA60E67A
      SHA1:FD4D0E12A0554C6DE44FB3793DBDD6D8DBB55CA2
      SHA-256:156AADEE7CB272C12413ED7B8A3CAFB36B94C8FAED8AD9678B4B7B900AAAB11F
      SHA-512:589191FECAB7F5A31B3D462EB0FAA38745600FFD98C06154331C7151FDA48F251DB4B0D846A44F5D7C41E069FC369A11A4D0A91FFC11C37D1753EF9D1B9D2169
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......S......Adobe.d.................................................................................................................................................s...............................................................................................1...!a"2SAqbCc.4T5Q.R.6V.7.........................!1AQ..aq.2...R3.B..."r..4.............?........G..O..!.G...\PkZ..Je..U...5g...mvZe...J..u...OiD...I.ml.]@...r........jT...~......_.-..X.....{N.....]....._K.._....V. .....L....e.Fu.I....y.Q6......S....*r........%8.."9..pp\g&..&..-&H^q.C.wa...W....Axy..x?...ACnK......u...$7]N.kA;.p.}2..2....]\.6.Q..g....^.O.....l5.A..:.E....-..Mt..*m7:%.(.4o.KT..F&.iIZL....8.BK.k.K.A.T.........%&$..jiL.S.R.b*......Og\IK.z?..,^"8..e\..-..j..j.5........t..$4.{J ..%JM.[WJ.....9.8......................}...?../i..#...........S.....V..".r...l...e.F..I..y.Q.......S....*r........%,.8.w....2\?*.....M&H$8.r:wl.T...3.e....;.../...r]..-M.u

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\arrow\2221.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1896
      Entropy (8bit):7.604882274796692
      Encrypted:false
      SSDEEP:
      MD5:F436987E41C5517E5BB1A9D3CB9E2B82
      SHA1:5CC68DDC49AB08BDE83539E2A06DA610DD8F1C0B
      SHA-256:E29815076D182D1A427DCFCD851D75C56A8F22DE0A9952719F197ABCE4E11F71
      SHA-512:950079663C60419ABB65A033CF623F24094923E066B204BEE68DFB2F05ECC1351A19F941B0C310BEF11E47292ECA28D5DBD9ECA849699BFFD7ED6F22C9699AF9
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......S......Adobe.d.................................................................................................................................................s................................................................................................!.1"2.AQabSc4T56V.7qBC..R.......................!1AQ..aq..2R..."3...Br..b.4.............?......:z<.n%~..t.-.X[.....*.I...B......1p..{..H.QUD.T./X..<.S..)..5..+z.$...2.n...S......fE.........{..o.go.yWf/..~.+......n..U.l.....vI...n2/Fu.I....3..2.)...:]...b...2..:....5......{.......Y..:....h8.9p9Y.....1.]....?.:...qUk.z..R......|....q.+v..@ ."../P*.[-.)}.Y.v9...m..[..Y.C..:...A9.s6e..m). .&M....]F..=./$.F).4......$.S\4.D...aO...#...m$.kQ.......6..iX....+....G.....kQ..JD..Q.*..8.L.......D.TUQ(.I..a...).[......z..7..|.s-&./?.eO.]k....7.?...1...b...2.yWf/..~..'........>*..E...~{&...7...z....N..f.S..Hq....Q1t...GH.K.PEr..8.....Xa.......T.fH.m..p.7B..y..-.m.h..A.J...qUk.Z..R...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x526, components 3
      Category:dropped
      Size (bytes):38859
      Entropy (8bit):7.888834481970462
      Encrypted:false
      SSDEEP:
      MD5:7C6BBD72E48DBAC831D4ED84B83886DD
      SHA1:1B2988CD2AF79F64DBA87A6D0FF7B268E3AA7C60
      SHA-256:90D8B3D8E5614A9E4CAF8120808D111EB4C71F2ADF454A63B23BC43C18EFB80E
      SHA-512:A59C0E8E011DF79D9079C0481D238A6F4CCFE0B32707592913DC338ADF1E756139B4DFDAF6629534EE3E08FBA359387B4825B8F10A57399F54AB66DD056362F3
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......S......Adobe.d............................................................................................................................................................................................................................................!.1AQa....q.."......2BR..TU.b...r.#CS..3..c.....$Dd.e'.stE.......................!A1Qaq.........b.."...S..2B...R..r.C.....3#............?......s...Zs..).].Rwqm...m.=.G.~V..G....O...(..u...[... ...?+s....{..n~.|.:.t......Q...Q...=..?.>@.G.~V..G....O...(..u...[... ...?+s....{..n~.|.:.t......Q...Q...=..?.>@.G.~V..G....O...(..u...[... ...?+s....{..n~.|.:.t......Q...Q...=..?.>@.G.~V..G....O...(..u...[... ...?+s....{..n~.|.:.t......Q...Q...=..?.>@.G.~V..G....O...(..u...[... ...?+s....{..n~.|.:.t......Q...Q...=..?.>@.G.~V..G....O...(..u...[... ...?+s....{..n~.|.:.t......Q...Q...=..?.>@.G.~V..G....O...(..u...[... ...?+s....{..n~.|.:.t......Q...Q...=..?.>@.G.~V..G....O...(

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):2282
      Entropy (8bit):6.907997308029317
      Encrypted:false
      SSDEEP:
      MD5:39388DC617542364776CFA35B33EC849
      SHA1:B268302181F4BFD47241F754A3D4CC780034DE62
      SHA-256:5A79E60E00B129A7C9328F58E575866B980C5B409AEF2B07FDCBD0062B42CDC6
      SHA-512:82BDD632A05F4DB8684823E04F8DB56FDDA7E2D8078550BA6DE784AE51D8D06614244837512E29851CF4CA9098215FE09D1C1CB95DB5B2F891733C021E6C1F48
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......H......Adobe.d.................................................................................................................................................@...........................................................................................!...1.AQa...q..."....2Rb..B.#.r....$........................!1a.AQ........q.."2B................?.....................................................6.9......x...X;...k2..F7......(.].V..L.R.....M&V+T..>ar..7......h.WV......&.o.!...rd......z..>..c.m..Z.ORt.P.T...m..;.>._.s_.......^.v..^VM/&..<..z8...Z..u?.`...z.zG..................................................s..f..7.).k2..`.o.O.I..Q..7.8..../y{V..&V......6....|......2_.....k.!.X.Om.......3w.......W..k.R....v./.e.6.o.>.g.X.n-.......sw)......j...Z.a+.#.?.................................................8..`Y\j.L.x.{p..&.+..).nI.W.+K.......k...^_kF..IVS.....R".._.m:Dk-..4./..=.R..uOQ:kj....X...^OE..\W...M.;.y.*......<H....\p.#.\.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):15877
      Entropy (8bit):7.738229819829414
      Encrypted:false
      SSDEEP:
      MD5:F0BE79BAE6C4E9C5346180579688033C
      SHA1:603ED44A0D26A97A799CF1361E510E1B1D879C6A
      SHA-256:27633986BF4664BC1ACF6BB7C6EED5B820968A431F33D143E66AC9FB50209E9C
      SHA-512:6D1896BDCCB7DFAC535FF087EF303405F18A3AE113BFB7C4C24B90EE768C065C481DE21A0C5EBA01C6DF97C3D42507124DC9065B4E32D6BB8E2A70FBB23B5794
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......M......Adobe.d.................................................................................................................................................^...........................................................................................!1AQ.".aq.........2B.R....br.#S.$UfcT...&v..C..D...V'..3..F...Eu......................!1..AQq....a."2R....r..S.3s.4..Bb.#$...............?......H.DnE.#r%"7"....H..DnD...d..H.H...&.p..0..0..0..0..0...x{..xS..........;..^..".q..>.R.c$.[m....|.z...?Y..x.Kd._7.U..{...J..h....L../..8...n..n.<.c...W..|...t|3...x....n9.....E.V/.GD.m....y........".xZ:#m....h.o...\./.ODk.........z...k....6Z.N.y.K..;?YsX.4.F.}..>3...K?Yr......./>*...Iz.....o..........n....'..~......!....|..+8...~v.9..v......FW~\.XGH..)..."...]WKa.V...X...`*.U...V...X...`*.U.....jZ.H..Y.HW);..],.9Jw.9....w8..O.2.#..qK+.>s......./......#=./._...|.dji...8..YqW...K.2..:.q...+.|M.r7.F2.%T.n...N.....|.z...,...d..".......d..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x100, components 3
      Category:dropped
      Size (bytes):12174
      Entropy (8bit):7.937477189857507
      Encrypted:false
      SSDEEP:
      MD5:D83B3CF388741DFC1CEB1FA5A5E18E11
      SHA1:957CAABFECA507496BB17CC7563A141040B89572
      SHA-256:8F30E243A58943FDFBC3622ED63BABE5768BDADAD292C2D71A5E0DC0F3BD9D2E
      SHA-512:1DBA1C3E383C5BFF02720769C9902A246EE0ECA5F9BE79AFAEDDFD6940093C74782D44E8A4245FB70D62DF512C59D4F21B9B8CC7143CA9BCE69C4D83567FCC3C
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d......................................................................................!1A..Qaq"2B.....R....b.#r.3CS...cs.........................!.1AQaq........."2..Bb..Rr.....................?............T/.[.......w{?R9...+L.k...7...O4.....^k.r.>....{o.S.(Q....sL.]..s.h.t]...V.9.nxDbrb.3....B.3..T.X........i..`n..{.,.3...Rc.k.r.L.).. .......QC[..... .v2.h..bn5...'....s+..1v..7..].N<..C2.<...&.WO..2q.m.......[f..6....N2.../6..y.......7.q..@..6........_..rq....^ ...z.N.#ZQ.w...j..a6.8.Yf...Q.)......tc.8....{.c.}*x..Z28..X.].k......9...0....5...k.1.+^..2q.......2.....M.J.%.y8.G.q .A.E.h..NL. @....@....@....@....@....@....@....@....@....@.........nGI..b..==....#.....q....rs....Vv..]s..I.a5~...iU#7w'..^.2j].F..6....sn#=.n.$...6h.]..z...E5.......x..i.h..|~;.Z.d.b..?

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\radio\1000.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):1969
      Entropy (8bit):7.683677525985796
      Encrypted:false
      SSDEEP:
      MD5:0D42387B9F29D03389C73DB1E2447BE0
      SHA1:3D34FA52877C3B972F90323B16B0F5BE9BD79458
      SHA-256:66CFBA5D70A608AD75303B97AEA8C67C03B5C6304BEBD5B65AF5F22DF1293692
      SHA-512:E1FCC8EB689AE2ED01A70664A80D760128A10BBA1337AF9404759750BB0F0B67B89091CFA3FC5D6568CDF1A531749BFE7B2CC382EE038A654C48B1062947E147
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......S......Adobe.d.................................................................................................................................................s...........................................................................................!1....Q...Aq2R.3S.a"#C.5B4E........................Q..!1Aaq.....2Br3..."R......D............?.......&..........1M\p.D.9....&.r`!......^............@.8..C...6.|.:'m.h.4....q.}..R...1U.`O}M?.1....kS.p\`.4r.MS......t.e..?.e[.2C...>........R.....j..};U..Z...x.p.....MzU=..l..{..c.NU.mu,...%.."..v.r.[MK1u...SG]z..P.......an......*.....7..!.:..]......#....'...u.....6..-....p.%.U4T.Qr\N.-..p.T...!....{.k.A}.pu..].(...!....U.T..f<.f@: .....A...$...b8.(....1.K......r.#+DaA..C&.d.!'H......*..W..Xk.C."J.\...9..u.0...i..d...>T...NJ%..@....m6k........T.r..?....R.....`%....c..(H.......c.......0.....h.>]....j.'|..Ih....f-n....LZ.Gl..&.p..7#.E\..p.&`{C.b..!F.y...L:..N.2|..U.\.=......6.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\radio\2100.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2019
      Entropy (8bit):7.678724269482596
      Encrypted:false
      SSDEEP:
      MD5:844C0F308D7FBF719E68DC524FF3B268
      SHA1:8EE91B7903D272AC9D54AE89EBA817EEFD1C138D
      SHA-256:2FBDF002758CDF3917008AA5BF1A2C2D65AE61C55E03D4F6FA1F3DC518B3DAE4
      SHA-512:884CABC5AFD5963F7F1E99A47DCC86F44CF952CA9F2BE9DD7336F3CBB1D8525F14F2E4AFBD5918B3C5CE0221CA602D2E82FD89514B42F2272220A6C5E35A950A
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......S......Adobe.d.................................................................................................................................................s..........................................................................................1.!....QS..Aaq2R.3.5"C...B#4E.......................Q..!1Aaq......2B.."Rr.3.......CD............?...=..ti..22.y..C.,hq#".}-..!BUA.."%.Ev.b|..rx....v.6.x.s.p.u.0..}.f..#.'.[.Vqz3pA]=.7.T.2.....+......iUJj....Z:......d.\{..gN..V....GN.*g.......~.f...:.....;.....+C.9.^.Ip...7.-[.<..F........%Dm.IJ.E.QF..T.q...c^2....0...m<.u.;.f.r%.y.....1.\b.z...3.c..a.sX.O<.cq.UX..:...Z"&+.L....!......6......7C..*#.....|G...a........#Y...R../7......`.G..+.+.r...r.-nY........(..i.(......\.v%5........g..\.......!..N.@"..+F...5. j-+.E.....j..........nd...9....LWN.6d..L.3.....T.tm..o?.........Y..v(..!.....g.QJ3N>O...WB..._F.1.......0.#Z.I'...&.[..3.9..|<$.('A.s(...7./......n,...DwZ...w.{......-.p...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\radio\2210.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2056
      Entropy (8bit):7.720132960548783
      Encrypted:false
      SSDEEP:
      MD5:33725DD372F96F3356A296D4889CF5C9
      SHA1:2573FE6B5B8126B983511F641D96EC98368EEC75
      SHA-256:E3682E0E72891DC0BC4A540924CEB6E09F2B014958DCE9AF20A3143AD0F8CE25
      SHA-512:7E1C97EF3A0E7449C9FE1485AC636E5D051FC5BB5E1196B8327619B774DCE6D88CC1AF52741B5EF42433EF8D584B86E9B8DC270F0D5D7F09C154E9168EA95196
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......S......Adobe.d.................................................................................................................................................s.............................................................................................!1...QS..aq."2..AR.3C4.5.Bb........................!1AQ..aq......B.3..."2Rr.......C4............?....g..F.zc).....<..$`m..R.$(...)R.~...X.....$jI..d.s<.yR.y..._...c......./Fn....3..K.... .3$K.....*..mW..e.....[.g2r.}.1./..._.I..9...g;...W..Q<.N.u.c{.N.......t.X....m.s".0...w.%...(..pJ$)^.).".Hy.%b..?.s..L..p..mUn~.hi.z.!..21.db.{)......n..&....I&8BS.Q.M..].d.#...3o.~zDY.K.<......><..?..=...k....m.}.9....w^.M.fr.I...;.v.. N...hn..r..1S..E..h-"oR.4P..$.....4H.U.T44<..de...R.X........U......Im..4..{.%.I.=.../'<...m.e...u....1....4....!J!)JR.(.);mg.r.px..&.....3..Je...\U~...s.&.b......!/FD.qW.f~.d......."\x..\..V.$.j..._...(.U....-s.-..'.../...l{.........N...M?.2W...w..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\radio\2221.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 18x115, components 3
      Category:dropped
      Size (bytes):2083
      Entropy (8bit):7.712406041456324
      Encrypted:false
      SSDEEP:
      MD5:2937EA521F4BEF8399B1B4AC5EC65E45
      SHA1:BABE44965ED4C65ABB93E17645EAD56996008828
      SHA-256:65257452B3724821D63488DBB1AEA633515006AF43BC3DB0D7F62D7D70343776
      SHA-512:C230DF99AF55882B09ECDF3F55DE5065AF6C6DE904BE814E5BADEEFAA9AC312084B02732E2E3F2B0BEB065C3C763E9357E2EC6CF616F9BB9CF5712B524247B48
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......S......Adobe.d.................................................................................................................................................s.............................................................................................!1Q"S..Aaq.2C.4.5..BRb3E........................!1AQ..a....q.."2B.3...Rr.....bC4............?..q..Q..6..S!./...48........!D..)J.......$.8;..cm.i....J....\U~....Z..'...../Fn....g!..&\4>A(fH..+...6..I.....]...(.U..q'...8..2........S...s.?..~..D......c~['....~..9S.R.*K...k.c.y..d......(..pJ$)].SBEF..H}...Hf..q..L..p..]Ul~.hf ..B..dcL...S.B..1...9.MS.=.n6.Lp........&..,.9.....".*\..U.N...Q..?.......j.....-..#9./...CSq...Rv.D.........vM....7+;LT......bo2.4P..$...W...6e.a....,...e..T.V".....F...9.):.,...).^..b..bamK..C...m.l...h.c....F...o%+RB.BR..JQ.Rzi'.r.pw..&...g....$.../.\.^M.b.....g...".7W...\.3!...C2D..]l...VZH....r..N}.@...k.8o.h.7.y.=$m.Cc.U..G..7..k.....<.....+....hm+.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\graphite\resources\variations\red-waves\rtlo-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x28, components 3
      Category:dropped
      Size (bytes):2733
      Entropy (8bit):7.059921095311247
      Encrypted:false
      SSDEEP:
      MD5:C329431F1A35FBBB1B23E8A4EE3C0D2A
      SHA1:35C4A1510E67EF1C2C19C45954576269298BF8AE
      SHA-256:9AC3BE5F4ED0C55C1B846E913EA6018D9997991438C84BDDF14C07727E7B1EC3
      SHA-512:D962327FC95ABBE0F1BB7F51EF5E2378CD41EB81D2798C7B0820C7A1EE2410C88D3BBAE1ED76DC1927006C602FB75E13927E3FB2B30621504C5EBB1BC29700BF
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......S......Adobe.d.................................................................................................................................................................v......................................................................#..T...Q...!"1A..a2....dtE...............................?........e...)m6.(.I..........'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl...v..&...'j.Rl..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\AdminRegistrationDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3593
      Entropy (8bit):5.209569997129555
      Encrypted:false
      SSDEEP:
      MD5:72C27A86690021215FB4E45BA01C6824
      SHA1:ADCED7C7F29D88EFB9A84081332375E0C7D32791
      SHA-256:DBCAAE7F0AB0DF74E6C7F60CF18F756D1CCCB42804C9DB715930BC90F8A22CA0
      SHA-512:552CC15DFD9D297020ED86EECE66D00C3DF458F0A9B27689C22A5431A2F3E200BCB0E4452EA537043A962402E13B9242E36AAC29F33874C4C36CEF8273C231D5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="AdminRegistrationDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="370" Height="44" Attributes="1048577" Text="[WhiteBackground]" Order="100"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="Title" Type="Text" X="15" Y="6" Width="200" Height="15" Attributes="196611" TextStyle="[DlgTitleFont]" Order="200" TextLocId="Control.Text.AdminRegistrationDlg#Title"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="Description" Type="Text" X="25" Y="23" Width="280" Height="15" Attributes="196611" Order="300" TextLocId="Control.Text.AdminRegistrationDlg#Description"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="BannerLine" Type="Line" X="0" Y="44" Width="372" Height="0" Attributes="1" Order="400"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="OrganizationLabel" Type="Text" X="45" Y="71" Width="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\BrowseIISWebsitesDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3116
      Entropy (8bit):5.303084060499587
      Encrypted:false
      SSDEEP:
      MD5:073927A0C8F265A993292BB239E8E25F
      SHA1:C36A3A78701295D0D194206BFB25478C3F2C6162
      SHA-256:5B442DCD49625143B897ECC9C791AD5DA10D8F22F66E317C5D438A6D19E14F99
      SHA-512:603B353B55B720F93E7856BB46AB77F7114C5A7119C2143FE2D7541795B3560DDAF83A830BB2E36C7258DB77B556149BB2027F6F64BDBF59FED1901B3B0E9204
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Description" Type="Text"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\ClientServerDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):6321
      Entropy (8bit):5.265745218064723
      Encrypted:false
      SSDEEP:
      MD5:93A04B1765B5FDFBBC4B5B723B6799EF
      SHA1:F0666C6619E4677AA0BA9B6950C45D0AFC985C4A
      SHA-256:968430E85ACA92312BE44A6DB3ADC8178DE0E0032D82B52431FB8F1E62C45474
      SHA-512:055871E70F1B519EC3368BFA58322343641B1334E1012A6F461104C6A9FC074055C4EFF797E8917CCE3530DE7674F6A1DB2ED390AC10ACA67BCB8ABD47D3BF28
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="clientic" SourcePath="&lt;AI_THEMES&gt;classic\resources\clientic.ico"/>.. <ROW Name="serveric" SourcePath="&lt;AI_THEMES&gt;classic\resources\serveric.ico"/>.. <ROW Name="clientserveric" SourcePath="&lt;AI_THEMES&gt;classic\resources\client-serveric.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ClientIcon" Value="clientic" Type="1"/>.. <ROW Property="ServerIcon" Value="serveric" Type="1"/>.. <ROW Property="ClientServerIcon" Value="clientserveric" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ClientServerDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\ConfigureDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2875
      Entropy (8bit):5.313027263643389
      Encrypted:false
      SSDEEP:
      MD5:048149F1E1D8A93CEEB6DBB248917760
      SHA1:F223CCD0FC03BFB1440DF1D08B04A448276F062C
      SHA-256:C61F130F723EC1D6BEC278BC76380ACEF948FD547E5E3F7266DE9AA43F4FE909
      SHA-512:02A53FF9D4872AB43086A6C545E6572E96590AA189653A5EBED4423886E925F9316409EAC8C67C93550D98461414B2DEA435E82F0203DA2A23B13AF4BFD851B1
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ConfigureDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100" HelpLocId="-"/>.. <ROW Dialog_="ConfigureDlg" Control="Title" Type="Text" X="8" Y="70" Width="240" Height="25" Attributes="196611" TextStyle="BoldTitle" Order="200" TextLocId="Control.Text.ConfigureDlg#Title"/>.. <ROW Dialog_="ConfigureDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="ConfigureDlg" Control="BottomLine" Type="Line" X="0" Y="379" Width="570" Height="0" Attributes="1" Order="400"/>.. <ROW Dialog_="ConfigureDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonTe

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\CustomizePage.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1387
      Entropy (8bit):5.298622117801902
      Encrypted:false
      SSDEEP:
      MD5:3514392F800685907A97D9D65DF8E66B
      SHA1:5147C4440BC1086605D8D2582AF9B3185A55DB27
      SHA-256:EBE50D0656F498EF312AD96BB6D6DDA25BF67D8AD72150A05A3580644B2989B0
      SHA-512:5044660A7AEB5CB7DA60005D6A6ACD87879BBF3B402FE25CEFCCC444BC1DD5E6A40CD97C5D342B479EA33980061418651D20FE05DFE515AC7B840B8D38B3A368
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="CustomizePage" Control="Description" Type="Text" X="15" Y="15" Width="240" Height="12" Attributes="196611" Order="100" TextLocId="Control.Text.CustomizeDlg#FeatsShortDescription"/>.. <ROW Dialog_="CustomizePage" Control="Tree" Type="QuickSelectionTree" X="15" Y="27" Width="241" Height="230" Attributes="7" Property="_BrowseProperty" Order="200" TextLocId="Control.Text.CustomizeDlg#Tree" ExtType="QuickSelectionTree"/>.. <ROW Dialog_="CustomizePage" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="" Order="300" TextLocId="-"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlEventComponent">.. <ROW Dialog_="CustomizePage" Control_="DefBut" Event="[AiStopPageChange]" Argument="{}" Condition="1" Ordering="100"/>.. <ROW Dialog_="CustomizePage

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\ExtRegDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3541
      Entropy (8bit):5.2858555974098085
      Encrypted:false
      SSDEEP:
      MD5:7F38F0F8FC22A4E936112706264F5866
      SHA1:3E1D0E9952944E08A6C87449AEE24B49B38E85A6
      SHA-256:E028BB3B95B13B8DCEC9522765A29BB5A1328FF8B97E7907585BC8F183B2042C
      SHA-512:D0E2F8902F01B313B143CF1BA383A655FC0207DFD1E7F2E5D140AE015D9B7F8CCDE58026CF819F6CD6D97800EBC537359F30BA9E3EC626543E648B2F76A3C1AA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ExtRegDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="ExtRegDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="ExtRegDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="ExtRegDlg" Control="Buttons" Type="RadioButtonGroup" X="11" Y="323" Width="240" Height="40" Attributes="3" Property="AI_EXTREG" Order="400"/>.. <ROW Dialog_="ExtRegDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[But

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\FileAssociationsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2999
      Entropy (8bit):5.259273805799068
      Encrypted:false
      SSDEEP:
      MD5:098ABF0C50B45E7AA7389540B3CC8D88
      SHA1:694A313DD76C3A502F958BB2E6D38D1C5105C38E
      SHA-256:F1ECA75DED17B545AD769309FEE4FD7734F96CCDA6D701EB17AEBDED178304EC
      SHA-512:6ED3CAB383BEB26E45717616E3957B1A8540C1339E933A3AE976ECF97767CB920DE94CC6DE1FDA688BB197D42424502A98D14A4FDEEC5BC6CC0D0164A032A4AD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FileAssociationsDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Title" Type="Text

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\FolderDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3826
      Entropy (8bit):5.25105327589871
      Encrypted:false
      SSDEEP:
      MD5:AE7D804A95C38E70CF0A301C1D379C51
      SHA1:4A6486A3A0F6EF4136F74A581E7E25A49B0916EF
      SHA-256:D291DC4CD95479612899645C975308A919FC63C6CBC2CA01BA399D3309AFDFE9
      SHA-512:DB99D535B58A2AE320869ECAC9EC7AD6FC42452D46B54AA99F12232A77B087481971AEE33AF73C82E39BFA55A9FF4C77318AC574093D7E99AE75CB3612BD9BF9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FolderDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100" HelpLocId="-"/>.. <ROW Dialog_="FolderDlg" Control="Title" Type="Text" X="8" Y="70" Width="200" Height="15" Attributes="196611" Text="Select Installation Folder" TextStyle="BoldTitle" Order="200" TextLocId="Control.Text.FolderDlg#Title"/>.. <ROW Dialog_="FolderDlg" Control="Text" Type="Text" X="278" Y="83" Width="276" Height="40" Attributes="196611" Order="300" TextLocId="Control.Text.FolderDlg#Text"/>.. <ROW Dialog_="FolderDlg" Control="Description" Type="Text" X="8" Y="90" Width="280" Height="15" Attributes="196611" Order="400" TextLocId="Control.Text.FolderDlg#Description"/>.. <ROW Dialog_="FolderDlg" Control="Next" Type="PushButton" X="435" Y="388

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\FolderPage.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3368
      Entropy (8bit):5.312629061395298
      Encrypted:false
      SSDEEP:
      MD5:F46E960734D893985CF65D81CE4F110C
      SHA1:E5BDEDCE247A8C722F30E6CFEDFADA62ADD42A83
      SHA-256:28B989C45675465945A2849A6A90DA24C0F90A3AF927C21E234DBB7CF34315E8
      SHA-512:F07E2528EB81EECC0A6409938D541D5E29BC26D99837F70EC7BF0F04D98B3745395FBA3A5351D553B780FE1721AD39D9133F9AF1414135FA76B287205342A77A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FolderPage" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="" Order="100" TextLocId="-"/>.. <ROW Dialog_="FolderPage" Control="Browse" Type="PushButton" X="211" Y="54" Width="56" Height="18" Attributes="3" Text="[ButtonText_Browse]" Help="|" Order="200" TextLocId="-" HelpLocId="Control.Help.FolderDlg#Browse"/>.. <ROW Dialog_="FolderPage" Control="FolderEdit" Type="PathEdit" X="15" Y="54" Width="194" Height="18" Attributes="7" Property="APPDIR" Help="|" Order="300" HelpLocId="Control.Help.FolderDlg#FolderEdit"/>.. <ROW Dialog_="FolderPage" Control="Text" Type="Text" X="15" Y="15" Width="257" Height="30" Attributes="196611" Order="400" TextLocId="Control.Text.FolderDlg#TextNoNext"/>.. <ROW Dialog_="FolderPage" Control="TotalSpaceText" Type="Text" X="144" Y=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\InstallDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5472
      Entropy (8bit):5.318876469123856
      Encrypted:false
      SSDEEP:
      MD5:5638F5A785BB0241182C9C3AB3CE6678
      SHA1:25E005DA0F2B70F7EC529DF3C1569F85DF6560AB
      SHA-256:1364DABB23B404270292DD9A0B590D271A9A2E3AAC3A36E9F13BD53D2BABAA7F
      SHA-512:7B193946F4DF65E107E375BDBE1665C8075636D128892253461890214224CB990415877C4190D25ED13FFF23D3A0103F1866DECE445D46976E689BDC7CDDF81F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="InstallDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100" HelpLocId="-"/>.. <ROW Dialog_="InstallDlg" Control="Title" Type="Text" X="8" Y="70" Width="200" Height="15" Attributes="196611" TextStyle="BoldTitle" Order="200" TextLocId="Control.Text.InstallDlg#Title"/>.. <ROW Dialog_="InstallDlg" Control="Text" Type="Text" X="278" Y="83" Width="276" Height="40" Attributes="196611" Order="300" TextLocId="Control.Text.FolderDlg#TextNoNext"/>.. <ROW Dialog_="InstallDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="InstallDlg" Control="BottomLine" Type="Line" X="0" Y="379" Width="570" Height="0"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\LanguageDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3465
      Entropy (8bit):5.361265926632994
      Encrypted:false
      SSDEEP:
      MD5:825348920B5138DD04B83E65F00CA689
      SHA1:8367AB3646C4876BD940199FD8A4723E4FA5E672
      SHA-256:A4381AFF874F38C3C2EA76F6E77CF32E8118521C66F2BD72A285BB5E09D883EA
      SHA-512:A842C2F76CADE3314049C9120BC8BC29A9AA75DFCAD10519552DF265EFF0BD1C783E5D16AB0210DAB18EC408FBDEF31C6497AE1C29B04B807EE47C0DF09F1EF0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent">.. <ROW Action="LanguageDlg" Sequence="75" Condition="AI_BOOTSTRAPPER AND (NOT AI_SKIPBOOTSTRAPPERLANG) AND (NOT Installed)" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_BOOTSTRAPPERLANG" Type="4" ValueLocId="Property.AI_BOOTSTRAPPERLANG"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LanguageDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="LanguageDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="LanguageDlg" Control="Cancel" Type="PushButton" X="497" Y

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\MaintenanceTypeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (358), with CRLF line terminators
      Category:dropped
      Size (bytes):6335
      Entropy (8bit):5.272242436220122
      Encrypted:false
      SSDEEP:
      MD5:02661051A5595561DF609AE28B6E0063
      SHA1:298CCE35427F470922AB61443FE2D5C94968EB5D
      SHA-256:3C65B44763B0A117C393DBB5CC2C3FD64460AD314CA097120F89C88239D52A2A
      SHA-512:A3A38FFA0B8A2678413F62529E73DB17704536EB723B7AC491832F759574A8766F64F3090523E2E8B4FCA7B9C051C69277ECC3B4BB54CFB704D9A382AF877AE5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MaintenanceTypeDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="1" Text="[ButtonText_Next]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="BottomLine" Type="Line" X="0" Y="38

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\MaintenanceWelcomeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3389
      Entropy (8bit):5.227769329541219
      Encrypted:false
      SSDEEP:
      MD5:2A03A46D234E2F9900141B0D6B3F6221
      SHA1:E305F892B0387758878E9E12130B91B02CD0F991
      SHA-256:D3D6083BABD717F862308BDD9D8482DB4A976BDBDB81589E289F2ABA40A0AF86
      SHA-512:6FD981109E2DEEC3A595058144FF77BD1BEA48AD70688662003B118A9B2BADCC2DD5DFB3464F5CC4495DE3457E516A0EFEB27A8A7DD0C770BE64BA508266273F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Title" Type="Text" X

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\MinProgressDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2196
      Entropy (8bit):5.246779259617357
      Encrypted:false
      SSDEEP:
      MD5:5ECDB777E22DC0728C3BA630EB0D39AB
      SHA1:44B7F7FEB6131E4923F31CB1221428C5080BD4A2
      SHA-256:12E645BD40B00C84D8321E49506884A127B062F16B99E47B4875D53D1E272D46
      SHA-512:27109C1EC1C42087A7C7C6F7765BDAE0D0B370C80C072384AD900E9B703A93B1F6A9331370DBAD7AC09DD372B3545F8BD3EDB0C229FD450A7AD142DE9E1ADE8F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MinProgressDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="568" Height="75" Attributes="1048577" Text="[MinBackground]" Control_Next="Back" Order="100"/>.. <ROW Dialog_="MinProgressDlg" Control="Back" Type="PushButton" X="353" Y="52" Width="56" Height="17" Attributes="2" Text="[ButtonText_Back]" Control_Next="Next" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="MinProgressDlg" Control="Next" Type="PushButton" X="413" Y="52" Width="56" Height="17" Attributes="2" Text="[ButtonText_Next]" Control_Next="Cancel" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="MinProgressDlg" Control="Cancel" Type="PushButton" X="487" Y="52" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="MinProgressDlg" Control="ProgressB

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\MultipleInstancesDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (301), with CRLF line terminators
      Category:dropped
      Size (bytes):7607
      Entropy (8bit):5.398780264225685
      Encrypted:false
      SSDEEP:
      MD5:225300CB6AB64F5BB7065A69231530E3
      SHA1:86B64ACFC03FD371AED25C19155783E01BA77B4C
      SHA-256:A2E7AACC8ABB70E57174AA07026A099F859D090811435D6CA08545E5914CCB1F
      SHA-512:D94C2D4F7F75E21EFB242B273E9D3EA39BFFD85E0A555FC0BAD320ADA866E199829AA8C8DB536E7973A0AE7C866647141432654467260ACDAEDC135742CBC2B5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="MultipleInstancesDlg" Sequence="450" Condition="AI_BOOTSTRAPPER AND AI_EXIST_INSTANCES" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent"> .. <ROW Property="INST_RADIOBUTTONGROUP_PROP" Type="4" ValueLocId="Property.INST_RADIOBUTTONGROUP_PROP"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCheckBoxComponent">.. <ROW Property="INSTNAME_CHECKBOX_PROP" Value="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MultipleInstancesDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="MultipleInstancesDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="1

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\OptionalFeatsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3668
      Entropy (8bit):5.275690242596506
      Encrypted:false
      SSDEEP:
      MD5:71910B3A37D475A7E7B6793A4AD2A8BA
      SHA1:A97EFE023B651165DD7B1D800C2477D14326A8C9
      SHA-256:DDB10309EA4FACA0C09C8BBCD4C13DCED453E98096F443880786011FF19C74AF
      SHA-512:C55C501D0E9FE66DB3C1ECDC85FDDCBA9B18A44E52B6FC0DA50A45B8362673BF37390143D4783A21CBE53BA2E71079EDD97D86D6836E18668D482E5C8D382240
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="OptionalFeatsDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Title" Type="Text" X="8" Y="70"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\PreparePrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3710
      Entropy (8bit):5.264960260907649
      Encrypted:false
      SSDEEP:
      MD5:72B84D3CBA1496E62E585A3DCC35D7F3
      SHA1:D41DEA8951F67EA1674D85AF6182B881191DD862
      SHA-256:29AEC03A5A49FD4D1C7358A83D95907E892C717D7F0F763B47C4DE25AA457257
      SHA-512:9B9AF2F1ECA58641DCA1ECAF9FAA1DC031C1465ACF1F6E8A865A1E98208E47686344A1DF1C12D751A3298DC26C78B40687A83EA86D162C383F40B1579BB49D45
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="PreparePrereqDlg" Sequence="150" Condition="AI_BOOTSTRAPPER" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="PreparePrereqDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="PreparePrereqDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="PreparePrereqDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="PreparePrereqDlg" Control="Back" Type="PushButton" X="379" Y="388" Widt

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\PrerequisitesDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (311), with CRLF line terminators
      Category:dropped
      Size (bytes):3264
      Entropy (8bit):5.283271064387811
      Encrypted:false
      SSDEEP:
      MD5:68094150A27611CD71AC9CF97E68BBC2
      SHA1:55075D52A8C6850EBFF3C244A70CB5542BA4C6F1
      SHA-256:1D64CF0C21918BA12CB4C2B7E7603CFBE07B072FD076202A6C0CAB3B6D496B74
      SHA-512:2993CB026ED466E7035EAC2775BFCFAD438DB0AB3397A2F5C4D36C75E294CAAD274C9B4B23AB31C78F16D431E6DAA59EC15D7E084DEEB57170238302CC74BECA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="PrerequisitesDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Description" Type="Text" X="8" Y

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\ProgressPrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3791
      Entropy (8bit):5.285911962614702
      Encrypted:false
      SSDEEP:
      MD5:8A253DC8D086FCBA3C361C876D000147
      SHA1:2BB483164DC0C7CE58F944BBEFD8A5D67D43E136
      SHA-256:289BC652945ABCACE1DAB107C8FB5357613B1BD191DE2A4032BB09983A020ECB
      SHA-512:88FD732113288B4F78B692A87E0D323D05CFBD514E996AB038F14F72CF792EAA6638E745971883C141EF11C42CB139E4D700FC32A0387428CD0BB0C38B7D6943
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent">.. <ROW Action="ProgressPrereqDlg" Sequence="300" Condition="AI_BOOTSTRAPPER AND AI_MISSING_PREREQS" SeqType="3"/> .. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ProgressPrereqDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="1" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Back" Type="Pus

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\ReadmeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3019
      Entropy (8bit):5.265116074354488
      Encrypted:false
      SSDEEP:
      MD5:66129914785E3393AB3E962988255BC6
      SHA1:11365BF0BC9FD1CBDEBDD60047EE55F5D7F8BD0C
      SHA-256:51924335E8F02C3F14A5DC781474E4921F546829DBAB2F1F03130176EBDF5AA5
      SHA-512:3EE2C8E05E724BA8696285769DF3A1FB1DA4926BB522412484E9E4E037A0C194C5B16EDB07B00157CFE27D04A2B0D4885E638CB0520D059267EA50F117A364E2
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ReadmeDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="ReadmeDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="ReadmeDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="ReadmeDlg" Control="ReadmeText" Type="ScrollableText" X="8" Y="108" Width="248" Height="255" Attributes="7" Order="400" TextLocId="Control.Text.ReadmeDlg#ReadmeText"/>.. <ROW Dialog_="ReadmeDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\SQLConnectionDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5468
      Entropy (8bit):5.27154304380588
      Encrypted:false
      SSDEEP:
      MD5:DDC8484517301CBC89D29361E76F1F47
      SHA1:4C848B401344BDA2A9048A239D7C1C70EFB66E39
      SHA-256:8C96016E7C75AB1317B0912181CB70AA4D0B5D1417519D071FF9DB300538B83F
      SHA-512:50D2F10E80846BBAF207D361CA0B4217A45DD4A08B48A23EEE23E77FBE1F870AA85D46FA7FD499E14522D6C1B4DFEDE9EE5BD879E4F92798ED441D49C86CB5B9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SQLConnectionDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="SQLConnectionDlg" Control="Title" Type="Text" X="8" Y="70" Width="248" Height="15" Attributes="196611" TextStyle="BoldTitle" Order="200" TextLocId="Control.Text.SQLConnectionDlg#Title"/>.. <ROW Dialog_="SQLConnectionDlg" Control="Description" Type="Text" X="8" Y="90" Width="248" Height="50" Attributes="196611" Order="300" TextLocId="Modern.Control.Text.SQLConnectionDlg#Description"/>.. <ROW Dialog_="SQLConnectionDlg" Control="OdbcResourceEdit" Type="Edit" X="74" Y="163" Width="174" Height="18" Attributes="3" Property="ODBC_RES_PROP" Order="400" TextLocId="Control.Text.SQLConnectionDlg#OdbcResourceEdit"/>.. <ROW Di

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\SQLServerConnectionDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):7599
      Entropy (8bit):5.348170433451438
      Encrypted:false
      SSDEEP:
      MD5:8E7081BB220AE06E8C6F7567CAEA8C63
      SHA1:A5A73066EAA898BD28D25DA0ABD9C4F6039C60F2
      SHA-256:2F95BB78C785ADFE72C794F0BC8BD3AA01238B55AA7DBE92A6BFB55E47CF0258
      SHA-512:A87F900D75BEAFF968BEB0C9938C30B615330F5DAF7B9DE733851D85CC969E584B8C695AB206C94FE5A96E0219696A7B3FAA4A3D0D3CDDD4A1BDC0D4E27096AA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="12.6" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent"> .. <ROW Dialog_="SQLServerConnectionDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="400" TextLocId="-" Options="1"/> .. <ROW Dialog_="SQLServe

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\SharePointLogDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2835
      Entropy (8bit):5.290005009428515
      Encrypted:false
      SSDEEP:
      MD5:D888A096548E3DF84B0A36AEED8A5693
      SHA1:B1CA10D923D83262C3DF448DCB5516A56D1CA451
      SHA-256:1364E6536CAC889B6DEC0D050E8A79377E09FBEF68AFD6B0DD3C743E01C8C481
      SHA-512:04D9E6EC9D90CE931B5147D06441DE2A2DD91BAC151CC614F736A623692E70461E867D06AC04B7EA583E67B31F24C7D84848F8F41E8D4E27566720702C06CB89
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SharePointLogDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="SharePointLogDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="SharePointLogDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="SharePointLogDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="1" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="SharePointLogDlg" Control="Title" Type="Text" X="8" Y="70" Width="200" H

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\ShortcutsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5407
      Entropy (8bit):5.366495037394234
      Encrypted:false
      SSDEEP:
      MD5:7019BC43BF1E67444BF6A12DD06DCAD0
      SHA1:015C1D50CBA89E40F9E9F93A4C9E8986A0E91AF5
      SHA-256:CD2A687BC2E0788FC3618415AECF51029AA571B1404CAE8B7F13C4CA1C8074D0
      SHA-512:A519E9DC6C832555189DD72528BD98D17BE5FB346E3A3A3EB7046393250D095B132B0CFC7A1DA34164215FF16237A637870499D0FABE5884581CA24749F9DA9B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_DESKTOP_SH" Value="1" Type="4"/>.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTMENU_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTUP_SH" Value="1" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCheckBoxComponent">.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1"/>.. <ROW Property="AI_STARTMENU_SH" Value="1"/>.. <ROW Property="AI_DESKTOP_SH" Value="1"/>.. <ROW Property="AI_STARTUP_SH" Value="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ShortcutsDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="ShortcutsDlg" Control="Next" Type="PushButton" X=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\StartMenuShortcutsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5012
      Entropy (8bit):5.288063567492787
      Encrypted:false
      SSDEEP:
      MD5:E4CA2BEA49D9579A85B2F5123BA93F1B
      SHA1:10950C4CF5CF42FAFDD4759A525785A3E0D1A08F
      SHA-256:DEAF73CAC825535FCACAF4B48830D4B791E7C2478BE63D4AD77104042E5EB327
      SHA-512:A3CBD4615DF54ABFB8DD5BBEA6CE15EECD87ABE2F0C1C04C9F824BDE1EACD064D0E9DDEF99BA2807437452333457CFDA2F3549CC04FCF96FFA90EE2F76B4B13E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiComboBoxComponent">.. <ROW Property="AI_SH_DIR" Order="1" Value="[ProductName]" Text="[ProductName]"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="StartMenuShortcutsDlg" Control="ShDirDialogInit" Type="DialogInitializer" X="0" Y="0" Width="0" Height="0" Attributes="0" Order="-1"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\TemplateChildDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1149
      Entropy (8bit):5.298834227537522
      Encrypted:false
      SSDEEP:
      MD5:281B7F3BF70D0C8DE7DF422FD5CE01B7
      SHA1:2C9019BDF7CC341BE9A3570A4804EE12C3210C56
      SHA-256:89CADA15705CCA1276C1C10EE75420F5E05E3F4F4F366C10528EE1EE23AC0B24
      SHA-512:C92F1B83DD088CFDDFCBD42D15E57FCB60D405DE0DCAA4A8813A8A7F07B01A0781184A5DD8FB25AEF4F0CB0C85D18921AFC89AEBF953FCFEC83BCDDD06FADF4C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateChildDlg" Control="Icon" Type="Icon" X="15" Y="30" Width="36" Height="36" Attributes="7340033" Text="[InfoIconEx]" Order="100"/>.. <ROW Dialog_="TemplateChildDlg" Control="Text" Type="Text" X="60" Y="30" Width="230" Height="50" Attributes="196611" Order="200" TextLocId="Control.Text.TemplateChildDlg#Text"/>.. <ROW Dialog_="TemplateChildDlg" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="" Order="300" TextLocId="-"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlEventComponent">.. <ROW Dialog_="TemplateChildDlg" Control_="DefBut" Event="[AiStopPageChange]" Argument="{}" Condition="1" Ordering="100"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiDialogComponent">.. <ROW Dialog="TemplateChildDlg" HCentering="5

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\TemplateDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2688
      Entropy (8bit):5.259052218075012
      Encrypted:false
      SSDEEP:
      MD5:14A4CF0C8C64E4A648BCC89987CA1883
      SHA1:8C97A1212C509F8EA9DED9B2350859F328B25714
      SHA-256:25EE301D21360469B4966659E67D2445CA2DF208EC8B264BF8896F56AB6CBAF9
      SHA-512:81D78F3924600391F98A99C04B2C7D77689C15AED08B4A917FF210BE73BE7E7DC375220B26D49447ABC6DF6D28D36E1EEC2A41370DCD0F18AF8899B0EC790790
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="TemplateDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Description" Type="Text" X="8" Y="90" Width="280" Height=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\TomcatServerDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4958
      Entropy (8bit):5.27665446282914
      Encrypted:false
      SSDEEP:
      MD5:B7364FFCD888CB7EAC1EEF87377471C6
      SHA1:6C50F7ED709C0383438EB91152CFC44D83D53227
      SHA-256:31C13FA934BFD3EBFB4A65CBA8FAE839194EE148F6043D92B4CC5594A24DA02A
      SHA-512:DC8C2BE0073D1D9171F8F0EDA552482E9A6F751091735540B8DFE53BDF0EC21B994393D110842C2BCDE305A9C9475B1888E67C0607D522D232E6A5C103CB11A5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TomcatServerDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="TomcatServerDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="TomcatServerDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TomcatServerDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="TomcatServerDlg" Control="Description" Type="Text" X="8" Y="90"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\UpgradeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4589
      Entropy (8bit):5.341628272793371
      Encrypted:false
      SSDEEP:
      MD5:9D80130E3FF121088645448BAFBAEB54
      SHA1:B23F332C2DA9C77E50EA5054E498E000A25A3314
      SHA-256:A730A27AD14C0B891428BA3E9DE9598FDA35B585109755DB386887BBEBD150FC
      SHA-512:3E467761F710C4989947E40366AC5CD91104403A4C487902E9D373F1B2C049BF40288A2244A3AA1F34C821119F711F00DBDBCFBF49361033A3FDFE4985002281
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_Upgrade_Question_Yes" ValueLocId="Property.AI_Upgrade_Question_Yes" Type="4"/>.. <ROW Property="AI_Upgrade_Question_No" ValueLocId="Property.AI_Upgrade_Question_No" Type="4"/>.. <ROW Property="AI_Upgrade_Replace_Question_Yes" ValueLocId="Property.AI_Upgrade_Replace_Question_Yes" Type="4"/>.. <ROW Property="AI_Upgrade_Replace_Question_No" ValueLocId="Property.AI_Upgrade_Replace_Question_No" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="UpgradeDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="UpgradeDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\UserRegistrationDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5084
      Entropy (8bit):5.279527612350382
      Encrypted:false
      SSDEEP:
      MD5:04AC597C1C74E1D30218E63C351AFC3B
      SHA1:9D097E2ADF67C38ED072F96BF56B44D589807833
      SHA-256:62B5C6CD9666791CE4C9067417B9FE1C927BCDA0AD5B90E8E979B4E604C3CC0A
      SHA-512:18A6FE4AF7F9FA2E451F9B81A16F5DD703E440255CBCD705BD6CBD42F5D645E7D89BB35BCB7ED03E078F5416D619B44BBE2D2E9CFB46281BDAFD147578D5B8BD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="UserRegistrationDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="UserRegistrationDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="UserRegistrationDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="UserRegistrationDlg" Control="NameLabel" Type="Text" X="22" Y="174" Width="100" Height="11" Attributes="65539" Text="&amp;User Name:" Order="400" TextLocId="Control.Text.UserRegistrationDlg#NameLabel"/>.. <ROW Dialog_="UserRegistrationDlg" Control="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\VerifyRemoveDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3947
      Entropy (8bit):5.373968208447972
      Encrypted:false
      SSDEEP:
      MD5:EEB2B913ABBEDE4EC4522DAF772623E0
      SHA1:B48D46E4429CE9428E382139EC014653BDEAAE40
      SHA-256:E17008FB357AD016C0E632EA0D4219758DF3131E30D6509C8CB5418F4B4245B4
      SHA-512:013542DD79F36EBDBE847461B74F89C472D0C224CA96C5FF70224DC39FEABFED44ED7B0AF6D0620605498C27F32884572F8BA5EBAECE92280882ED098EAC8FAE
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="VerifyRemoveDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Remove" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Remove]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="BottomNote" Type="Text" X="8" Y="335" Width="2

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\VerifyRepairDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4100
      Entropy (8bit):5.352352081378875
      Encrypted:false
      SSDEEP:
      MD5:5C3244EC72D4E42F1E57ABAC0B279494
      SHA1:7F654C5051ED9073289CDA8A458B8F5949D4322E
      SHA-256:BEB32CFC3210C842FEDD895B4A5DD81CF55F649B763F891F498114337F9C455D
      SHA-512:61C832111C6759BE966578DF8089A9F9CA9460436A87652C1323306ABC4D5D598D798AADEC3CCE3D5ECDE8C4D8BECE63919DDF9143EDE4CDB8E5DB089A854D72
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="VerifyRepairDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Repair" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Repair]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Back" Type="PushButton" X="379" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Back]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="BottomNote" Type="Text" X="8" Y="335" Width="2

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\WelcomeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3027
      Entropy (8bit):5.257242185922253
      Encrypted:false
      SSDEEP:
      MD5:2DA161C7AC4C9860B90DD63B1472CA7C
      SHA1:5A08F976572B9FE4B8F2BAB5F340C332F47ADF39
      SHA-256:010CDAA9825E20536FDA302363941C0FADD671FBAAC36E1CC847FDCE8E31995A
      SHA-512:1CA9C53183D266B160C12AE648D97F5D33C631724F99EFEC5AD9AC5EF97114E2CA1EBE5BA636BE5BA6F3ACBBC215A5AEBEA21BAFEA487CC6419412AACEE403D1
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomeDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="WelcomeDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="LogoIcon" Type="Icon" X="18" Y="11" Width="36" Height="36" Attributes="7340033" Text="[LogoIcon]" Order="400"/>.. <ROW Dialog_="WelcomeDlg" Control="AppName" Type="Text" X="62" Y="24" Width="143" Height="23" Attributes="196611" TextStyle="AppName" Order="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\fragments\WelcomePrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3199
      Entropy (8bit):5.330023279323329
      Encrypted:false
      SSDEEP:
      MD5:A2D03AFD78CCAF0D718FB4BF85C3DE73
      SHA1:63D31DBF44545B1CCEC7D693325B8F3D8F574BEC
      SHA-256:729A1AF22456B901A143CD718BB7BFA1F685915122A964B066D828CE2716E422
      SHA-512:4AB4D22D3E30A393B43B38D63AB2562A737F668D2335CCC1307443F0E68DA4899AD57E917AACEC1AC1E0C9E6F1E6BD55C661A3DEC28C245E0B23B51C2317E4BA
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="WelcomePrereqDlg" Sequence="250" Condition="AI_BOOTSTRAPPER AND (NOT AI_BOOTSTRAPPER_RESUME) AND AI_MISSING_PREREQS" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomePrereqDlg" Control="Background" Type="Bitmap" X="0" Y="0" Width="568" Height="379" Attributes="1048577" Text="[ThreeColorsBackground]" Order="100"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Next" Type="PushButton" X="435" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Cancel" Type="PushButton" X="497" Y="388" Width="56" Height="17" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomePrereqDl

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\modern.ini

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Generic INItialization configuration [InitialDialogs]
      Category:dropped
      Size (bytes):6333
      Entropy (8bit):5.418280637816301
      Encrypted:false
      SSDEEP:
      MD5:2C89A2EB069AD50AB8A30F2D2AAAE301
      SHA1:C35B296AF893C6C03208EECDCA2570804F034C98
      SHA-256:DF46DCBE4E81E31C601B206DD2CA7224C4D6AAD9EE6DCD9CE7D7253AEDA62285
      SHA-512:95B4162B7C1308FE217D8DC52CAAAB2EA2620A48125E3F67161D6E90B6CF150281C282DC0912CB24562F2BE3583A67E40F129C7536830A7781F9289FC1D7410F
      Malicious:false
      Reputation:low
      Preview:[Settings]..DisplayName = Modern..UseEnhancedUI = true..WatermarkSize = 603x493..BannerSize = 814x628..Highlight = 4px dotted #FF7070..VerifyRemoveDlgCheckboxBBox = 8 104 248 11....[InitialDialogs]..DLGIT_INSTALL = WelcomeDlg SetupTypeDlg VerifyReadyDlg..DLGIT_MAINTENANCE = MaintenanceWelcomeDlg MaintenanceTypeDlg CustomizeDlg VerifyReadyDlg..DLGIT_PATCH = PatchWelcomeDlg VerifyReadyDlg..DLGIT_RESUME = ResumeDlg....[AddDialogs]..; Values: DLGIT_INSTALL, DLGIT_MAINTENANCE, DLGIT_PATCH, DLGIT_RESUME, DLGIT_ALL_TYPES..WelcomeDlg = DLGIT_INSTALL..MaintenanceWelcomeDlg = DLGIT_MAINTENANCE..VerifyReadyDlg = DLGIT_INSTALL | DLGIT_MAINTENANCE | DLGIT_PATCH..VerifyRemoveDlg = DLGIT_MAINTENANCE..VerifyRepairDlg = DLGIT_MAINTENANCE..FolderDlg = DLGIT_INSTALL..SetupTypeDlg = DLGIT_INSTALL..LicenseAgreementDlg = DLGIT_ALL_TYPES..ReadmeDlg = DLGIT_ALL_TYPES..ExtRegDlg = DLGIT_INSTALL | DLGIT_MAINTENANCE..UpgradeDlg = DLGIT_INSTALL..ShortcutsDlg = DLGIT_INSTALL..StartMenuShortcutsDlg = DLGIT_INSTALL.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\default\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):3326
      Entropy (8bit):7.279411817388116
      Encrypted:false
      SSDEEP:
      MD5:E1C0CE04D3F3E463F6031FFD78C148FE
      SHA1:4C62129B93EBBF630212C542D7487F099B3D0F6E
      SHA-256:52638A6E528DC76A1037A8012B71AE6372704637AAC62D87EB3EFE737F378A0E
      SHA-512:779E1097262B3CCBB2F4A83D2BF9BCDAFC19AB6A4B7AD5316FFCA582B4F9949A156E81BDDB2D06A315261D30BBE44DE3425983C9FA8948073D4228BAA02A5842
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@.............................................................................................!1A.Q..aq"....2...B$D.%....R...#3S....4t.......................!1AQq...a..."2R.#...rB..b............?..........................................................U.Y....._.e.}k`..'$..^o...W<..F....w...#Xd|.......&j.t.Z*.y..{...(l.oS:i..nu..^-Y.....i5.}.L.....F.Gt1y...y.o..L.DK...h.q:W...6...1.S...U.....)^.......S..2.=Tt...2"..w.m.%.sR..\~*....y.........W|...*.K........-X..M=...k?.]..o.....}......QJ.~..Ot{./M...*...M|..]..2..]J.....Ot{.n.......\....|u.....9..i..]{.|Sk....|..:O.........g..=..gT..@................................................?po4K.}mN..].....w.....3G.sHg3m.2.^..^Y..I#..mu.T.1W.U.V....Yl.s.6.u~.....I.2.X.Z..R/+....*l0r..=.....k.....^......X.9Q.{U..%QQQZ...|..T

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\default\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):31394
      Entropy (8bit):7.944286787907924
      Encrypted:false
      SSDEEP:
      MD5:1D2B025BBC87E2C988DF1948F1BA1C51
      SHA1:D8E3A6B9EAEB68C9622BD564607579D4AA5D8DC7
      SHA-256:2510D0B9C69D0FDC75F198D02CC1D89BCAEE6F7C2B41350BD22BACBCBD8F8103
      SHA-512:CF78A52F99DBBC1F8E8F76E0B8FCB9FDE38EB9520BE739879D9AB3AA612F27668DC0D58499292612EC5434D008EBE1B7E36BDDBC7F6114F1A24A361248414043
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^.............................................................................................!..A.1Qa...q...."2.....r..BR.#..V...b.....3U'wCScs.$4%567g.x.DTd.&.W.(8.te....h......................!1.AQaq..."....2.....R..S.t.Bb.#34d.5.r...cs.T.u6.$%e&C...D..U.............?..2[.f.7oM.M.Ay[(.O.>..VC~.. .Di...6.../.....]I.K..s.z;.j..R.............r...-..kT..AeR..?.._.?3....f...}cYk..z..nJ\.2..=a~.....Q....e(..............}K(.f6o..e.....K.".a.".........eX..eIx..h5.#..A.?.4.?.-..W^.-.5..#.Q.GOc<U....<U..#..y...y..,Oj5.Y......k...%%.{M}V .>..Q.>T.........#.j..=.Q.-....3.,Oj.F..... u....:1.FX<.N..2tc.1...ki)..4.:...T{]...De.>...eJ....F6...~....9...>.......F^.w.....\=B.......t..V..{g.AV........Kb>.I..O.T.....;....j.m.S......nCU..#>#...>..Du..;..w~...Q.VHTp3s..T4..n.......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\default\externalui.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):15086
      Entropy (8bit):5.76662680767267
      Encrypted:false
      SSDEEP:
      MD5:575DDA3485FC0CE3B11DDAE603C9DCF1
      SHA1:7575473DE139920F8DF05B744A6DDCE39E62811A
      SHA-256:17207621E3768416B49CEA566B4791243E74101AA4014DCF26A137B300925D61
      SHA-512:0856CA9DBAA55B0F5F861C678D31EE12FEA9C623F01F93B2E477703D4E3ABDA3CA52CD1123BC01F0BCE6B3067352B6757319DA09F7E62ED31826A65A1A9BB400
      Malicious:false
      Reputation:low
      Preview:......00......h...6...00..............00.... ..%..F...(...0...`..........................................................................................................................................w........................w......................ww................ww....w..................w....w..................wx......................wx.......................x.......................w.......................w.......................w.......................w....g......wx..........w....g..................w....g..................w...wg..................x...gf.................vf...gf.................ff...gfp................fn....fp...wwwww.......ff.....fp....ffffg.....vfn.....fp...ffffffg...vff......fp...fffffffffgff......vp...fffffffffhn......wp...fffffffffx.......wp...fffffffffx........p...fffffffffx..........p...xvfffffffx........x.p...h..ffffff...............h...vffff........x......hx....fff...wwwwx..p....hww....ff.wwvfw~..p.....gwwx....f.fffwwww.......gwww.....wwwwfffg.......n

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\default\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 760x100, components 3
      Category:dropped
      Size (bytes):5325
      Entropy (8bit):7.60462008322632
      Encrypted:false
      SSDEEP:
      MD5:B3E95C88AA6EF7A67080E0B75E7B085C
      SHA1:3E5F4059EEF6E415CC366D12B0A0F01275976D70
      SHA-256:77D92806BE44B3019900EBE21D4317405F77B18FC70264D95DD191FD04B1FF07
      SHA-512:F744418DFD3BC93F15BCE99BFE5BA1ACBD125D74D60AC3334F0A789F1CFFDA9A53383F817D2738FCAFD648D67BDBAFC2601E5750269602043075E7E3817AD451
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d........................................................................................1A..a.!Q..q...."..2BR..b.3..r..#CD..4%......................!1..A.Q..Baq2............?..W'...1}s.*.......q}rE\][`....&.-....kb*..bj..bj..b*.R.M.P.J.=\......[......y,.X.....T...i.3.r%#.Q...I...T..mcH....".......9*&..K..,..*.'%.T6IQ5..TMCd.....o#MH.T$.#Jg(.0..dC..9................................................................?p.p~}w..5Q}m.j......".......b*.........V#.U*.bj.~..T..b.=_..Q...6.Xz.X.oz........<-).x.Hw*BL.T..#.Q6.......D.61q......,b.*.......".....,..j+$.....q5....j7..Q..5#.D..y.'a.v..:...FE...................................................................w-.....bW.V.UE...qulET[[.W*...........U..W*.r.*.qX.P.,V..N.......;.....Y.#.x5....EK..Hg+.....+....j+...j+......r&.61Q...T

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\default\rtlo-three-colors.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 757x15, components 3
      Category:dropped
      Size (bytes):2728
      Entropy (8bit):7.71703019527519
      Encrypted:false
      SSDEEP:
      MD5:975F3E28EAE9DDE36FF49BE3E05C85C1
      SHA1:CD34022D6713A2AD737B2A17D39C9C2DA5E67383
      SHA-256:EB21874B88C144048454C2CE4388CA87A573C01F03534533512CE066A3DACAE3
      SHA-512:71CB186E4E2FFF05E844EAAB0BD236305FABEA758A5707BD1AADE8F48D8E8A2DC1CA51B87AE18B02D3236361F11D2E9CABD8AF5A7489D198FD95FD30AF14057F
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......U......Adobe.d..........................................................................................................................................................................................................................................!Qa....1A."..q...#..B.2r3s.......................!1..AQ..."a.2q.B...R............?...E........y.@..Xge...N...0-)A:..Y;#..7.m..R..?5p...o..............!.*.....].OT.4..#...t./...*q..C.8.........O.hG../...O..R...T)^.f./.O.@..RA7u.<....sd.'Ms..o..EZ....Nu..5|..I.Qr..EK..-.UCE.td.......i.....-.W..t9W..VY..}..~..n......*(..*..EB..7. ;..!R....g..`...u.x.k:...R.Y..F.<O.......k.s.e-.|..B..!-%..."U.....|.j..N..qe..d....V....KBj..%UEB..CYiM%RE..[e.7.B.....|<..Jc]L....{. ......\..D=aU;jS#Y>.@.l....-.>...h.m^.8.1..j....S..mEi4[...,-.^..eEh..R.R6.zF...l..v2..............)..;.u'.eM:.R^.-....d.6.L.$Xb-..<..U.W.6X^......2...9>~.....Cu.......S..u....QA27.r9.+*...H.?.7Wf.z.......y.x

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\green-black\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):1789
      Entropy (8bit):6.686784071185524
      Encrypted:false
      SSDEEP:
      MD5:F3802AEC121C0844725729A5305F3092
      SHA1:DAA4264ED38E920644E68739EDD1C004BA95741F
      SHA-256:536F2F76B231643559E1F8D7C8FFD9B0F27F5D0E1523A837894E8FE2F2664C58
      SHA-512:14FC762F1738FFD9405170AB2BF3D955873C0D61A98738DC7DA9EED5180F2FD12009F27E04E65EEA84FDC4B00E0D50FDD50DB831AE5FB11CA06A968A66A6DBFE
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................@..........................................................................................!...1AQaq."2.......BR#3.......................!1AQ.............?..L........................................Quj.|..JT...~.m4..R..k......m..&<b\.V..m..9............j.c...Z..:m.Q.;.\.Sz.F....a_......._8...y.q....Y.d.^0r......Z.S.Z.......zd...............................................b..JV...:.KG.0i..<\.sKm>W..r.>.{uo..?.m.).N.x.e..s..w.8...C....i..k3.0).c...J...btW...[c.:Li....bx.S.S.#......V>.>....V.|....#.oh.........................................x!.l....O6.U.i.H.q.....3.56.w<X....X.m.Y.ba...-.\~....o...4x......s7..OQ.....bb..b|ba.....LM.~..ad....zB...V...#.Rbt...x..b..O.'3..L?...?.Y.....=.........................................$.2..ZR..................z.v.s.......[...5..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\green-black\blue.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 355x304, components 3
      Category:dropped
      Size (bytes):19316
      Entropy (8bit):7.969493933106715
      Encrypted:false
      SSDEEP:
      MD5:8EB659A80BDAD5B36C634BB0E921FFF1
      SHA1:B9557D2AE46D52636F262E958EF281DB5E984B89
      SHA-256:4CC4E268143F96FE254700CD4B8DF48E7BD49CC7424109D0D54FBE189B8541D6
      SHA-512:1BF6B40D8F1918DDD3EF05FE8B8028D97A18EA963555070899B89BEDD40155403CF9998107973AF02F8F0846223D0BD0F1EF8BA71EBBE6BCAD78A87FC955C118
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......U......Adobe.d.................................................................................................................................................0.c........................................................................................!.1.AQ.aq"...2....#....B....3CSs$Tt....Rrc....4DEuf..b...d..%e..&6F..UV.'......................!1Q..A.q...a"R...B..#C..............?.....ehqkY,...@F8.Xv....5...,,{..4..V.........b..w....r..E..s=I...{.$y.m......Rn.......6...=[..$.@..w..pP.P.\...c......~._.n..k.Z...}Q.FD..[.z..Z...O.U......./.n...S.=G.9...M.....Zz.s...D..Vc."G(.y...-Dq.TNW..|..9tM.*....p3%.....'c..a..pB.i.....S.e.^.........}.....n..wW....*..o......k..ZFn..X.........M..vW}..uN....[..Ym.....M..t]..KK.:......;..._t...T..|B..........]..t_&.j....m.d....5E.......G./.c......5/..[..{n.#.o.?..d.|..O.......Y....5....W....5...........P...R.;G.......m..O.m...?.G....D.X_..o.>..o.i.%..].S-{2f.j..w.}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\green-black\externalui.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):15086
      Entropy (8bit):5.487969021129092
      Encrypted:false
      SSDEEP:
      MD5:B08D47A71C0FAB351DAC583AA975C94A
      SHA1:C0FFF19562D40EB65433611CAD7FFE2B5FB72CB9
      SHA-256:736491B42171F8A3860B134F7645ABE633EE276546340DCB3E634BC7371CFFFE
      SHA-512:9A6B249AB77A211BC4D262B86E87A1CBB18A3527E34C2E5694E481A818D1031B765E1975BB2D0FC3DE24139CFDE0CA3D962EC81028307575D672BC172F31924B
      Malicious:false
      Reputation:low
      Preview:......00......h...6...00..............00.... ..%..F...(...0...`........................................................................................................................................www................p..........................h.....p.........................................................................................................................p.......................p............................wwwwp..................wwwwwp..................wwwwwp..................wwwwwp..............p....wwww.................................................................wwwwwwwp....p........p.............wp.....................wwwp......p....wwwwwwp..wwwww.w.w......dDDD.....wwwwww.........`........wwwwwwwp.....x.`........wwwwwxww.....x.`........wwwwwx.wp....x.`........wwwwww.ww....x.f@.......wwwwww.ww....x.ffd......wwwwwwxwww...x.ffff.....wwwwwwwwwp...x.fffff`...wwwwwwwwwp...x.ffffff`....wwwwwwpp...x.ffffff`.wp.......xp...x.ffffff`x..........p...x.ffffffff...ffwwv..p...x.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\green-black\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 760x100, components 3
      Category:dropped
      Size (bytes):11800
      Entropy (8bit):7.959150963925497
      Encrypted:false
      SSDEEP:
      MD5:C6EC335E1B1755492EDE870CCD9B96D2
      SHA1:4529CF9B383A6BA76B47AE3563E1C2446E224257
      SHA-256:C383402FAA45E9533AD8FC7EEE379E30FD314E2FCE183A12002DADD5DB1C22EC
      SHA-512:9F3C30B8180FFE6A88049EC7A31B5B660C9C43E8F05DD673834D0BE646CD614A902BFE3160ACD97E93837F39499D2C8FE725EB6D0BE0CEC38D72725E121294D6
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d........................................................................................!..1AQa..q."2......BR..#..b.3.rCS$...4T.......................!1A.Q.a.q"2..............?....j.^.|..jMp..S\..{..q.G'q[.M.x.\..fO.x$...k.^..&$.^.Y..%ZE.s..M..].*.)F.~...\W.#u5Qb..I.Z.->j..T.=N.j.l.p6QW....:...T...*.V4...TR..&...:,..W.t.L*O.GTx.Y.1.r.4.t.J.~c9.....M.HS..}B}.L...W?_).as....6.9..q8p].1.u.P.....}=...{........>.6d\9X..+e..>...|....C...c...j|..X.....T../#.lK..:....s.'.+#...._...>.we.9U.#..D..j.../S.*.z.?G9..g#.. ...O.=O.x.f.G.:......7...[......+Y1.")V.c.3q..,.8v.....e.......7..y.........uz.]...1.....3"?...._.'........T7.qc...`i.......~....{..3.".}.z..A...vUo-.y.......^......~.....v.H..E....}ww..;....W]....'p.......z ;.Z...5N.....OO....r.%..J.Z.......Q=?&....\.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\green-black\rtlo-three-colors.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 760x17, components 3
      Category:dropped
      Size (bytes):3998
      Entropy (8bit):7.851676980688616
      Encrypted:false
      SSDEEP:
      MD5:E9B6CF8F19843AFDB716B70C7CEFBEEB
      SHA1:4D661F8E19E1E38B4AAA8B0CD85D5EE45559BAD5
      SHA-256:0A3E73736ED9BB30A43F672B35B8593E3DF0D053AF2EE995B630F38559C978F6
      SHA-512:11B6414BD3EAE8CAEB9029FB6A44FF88606627D3E1D9E6EF7C300BA5D0E42C7D94240E8D6A6FC5608E3D2E53B2FB94387674AC5878060299E4333AB194159872
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......U......Adobe.d............................................................................................................................................................................................................................................!.1..Aq.2Qa..".3......B.4r.#C..s$5.......................!1A.a.Q2.q..."............?......_.Z.E.K.N/.q&C...K.......#...x..?.,.u.t.^.um..[.....J..`..0(0o.~X..u..j.i/..@..Z.... g.xu....'./X.^?gwn.\e..*.y.j.J..S.'C..........U..Wi,%.e!.u.p.o&UJfFs"....mC....h....w....~PPC`....2..Vd...^M.U....Qn.t.+...n...i .%i%.bV.ZNBt.....?%...y..h..u*./..n.E.E/,....d`X.h)..?..[..m.;..%w.\--.:l.\t$%D.(.1.g._&........i.].cP....%.....E.e$.4..2.J..Q*rg.O.F..S.4v...[R.n...-.....Q..`(.C.t..kB..oN...u....5.B..`.2Z.$..jB@..$.A..S..U..o..k:.Z.......W....i,6.$y.j..% ..R.n*...#.Bc......H.Q=B../4:.2.....g..(..{B..S.'i..p.).K..s.\7`{...b{.^.....;d.'8=..,...EU4...n...'../....B...J...z.v...r....S..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\green-black\three-colors.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 760x505, components 3
      Category:dropped
      Size (bytes):44836
      Entropy (8bit):7.922900401027417
      Encrypted:false
      SSDEEP:
      MD5:58E3072E1B1D1162EBF16D2BE2E1A2D2
      SHA1:67AA2504B94A0F162D53543ECCA924DEB22328F3
      SHA-256:168D2963AC9BED9591B3C9D6F732425FBBDE9FD40EB2A1F005302FC4E2D9E11D
      SHA-512:46F4E742D1FDCE73E5A07944F10DEF3867F5C2C82135AB21CDB36C0A9AB10671EADBD3910F78CEC858BAA15016195910832C2BDF0E8BCA668EDD9BDFDC193B94
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......U......Adobe.d..............................................................................................................................................................................................................................................!.1..AQaq"....2......B#..R...b3$r.cs....CS.4..%fv......6..tEUeu.&..8......................!1.A.Q..a."R...q.2S.B.....#.r3C..............?..O.<.n..}.~..jb<. ..M.k..tk.8P.E~J..r....R/.{.Q^.6..7...U.3y...y...N...uo`8....gV...H...w....$o..2...S.J...4*....'.).YW.umbK..%f.vjaMJ.P..h...GO..i.i.=+{,....,.^.=._.2..i.}.;-A.h..x...l.6.fuq.c.j&.o.zXq...N:.>.7..48.&..m.t..+i3:......[.......%.K.)...=.'R...........wQg.'s.t.T..U...a.u..w.0..oZ....b..IC..>...p...oq ......O..iu.......+.+.....5?Q.#E....iE.N......^.s.q:.q.O.....w..VW...m.....;...w.5.z....+..,....i/s...5.,...i.4.....%..+.....T.[.Zj....X.....f.3.......?..b.'.r.h....v.Ye.Z,......x.*F..p.3....d.B.f..]|>...c..........V6.s.\...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\marin-black\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):1821
      Entropy (8bit):6.730232219225401
      Encrypted:false
      SSDEEP:
      MD5:4CA98F73E3C8BEAFE85C7EEE00200AD1
      SHA1:49128F362944B88BFF6B7A7E104FA0CC4D64DCC5
      SHA-256:13462CF4975156669E6808649C43912DA32B2B065E83E89F57F16BF29C552CF2
      SHA-512:67B4C7301DAC5EA1E50CABE5B4B08F751AAD7934FEB8F7C5DD9C24BC9FE6862A3A2971F18535AF1E46B623C89487764A3840B42FC6B54AFEBB3EA5675DE21F68
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................@.........................................................................................!.1.AQ2aq......."..R.Bb#3......................!1..A.Qa..............?..S..........................................\.o.%.iW4-.6..WIh...qyq........'.c.%....W&.i..3.._..........M.}.........[o.W/d..]..d..r.......W{-Y:.]..DF."#.).w............^..w.........................................1#...8.U..,..syq..8y.W#.V;...5f.....kk:5f<....a.x.....}Vxf..i.I.=.c.i................."..w...wk..&.O_.)H.'..p.m.t.k.9u"y..i.[X.v..m......../@|..@.......................................`.Z..U|....#>..n=.fgH]+.........3..;y..O'..-.H..w.W.Z....N..k..K...c..\.....x.#.v...[..i<p......+.-..?_9.y..qGn..i.;W......?p..b2w.Li..c.o.J...z+._r.........................................e.j;.QV.r.U.qC<N...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\marin-black\blue.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 355x304, components 3
      Category:dropped
      Size (bytes):10288
      Entropy (8bit):7.939317769059466
      Encrypted:false
      SSDEEP:
      MD5:FE4E1ACFA9A7433C64C3E03CBDE7F9C0
      SHA1:F586F02F24A2AC272568D800DABA198DC8F87087
      SHA-256:566DBF6E3A2EDAAC2122D8B545AE8DAAAA8607FF725F60F02B800E2E8CBCE9B1
      SHA-512:E02DD596A4C53BDA32F2D541639729A0FDC234535E44480C6820EF9943A4B314F4697B1D1F629019EB7E048C63F6B916B2B654634566EA12A76684A2FA6326E1
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................0.c.....................................................................................!1.AQ.a....T.q....."2BR.s..4.%...#CS.$Ddt..U..3c..5......................Q..R!Aq....1.2Br.3..".#Ca..............?...p.O.o..[wgn...n.......1..}..^2.....N|z...d.......G.....]'.....^.S.{.#...;It...ds.^....|O.....K.|<{#..u<.....w..I^.=.....^.>..w....M.....k.Q.|oy..K.|.{"/_....E.oy..K.|.{'r/.:.~]._..w....G..w&..#....S.x..w..H.....?..y.w.zo.....7...;..z.~]...w....M..vN......}%.....i...|;!..[....8..w..Hx8.C?......3.....%...=.s.._?..K......]!..........\_...v..'..*.#......~...Hx8.GI..y.}i.+..~..Hx8.GI..y.}5........O..dt.n~k.ZF...Y..t......{..{?..I...Y...{.]......NN.....j...K.0........W%.....yz..i.r...|.M......{.\.<.S......s...L......5...7...k...a..{i)I.9|.lW...././......N_._).R..W.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\marin-black\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):21757
      Entropy (8bit):7.924471803960063
      Encrypted:false
      SSDEEP:
      MD5:F47580459308F746877D4B0A4F734B9E
      SHA1:1733F2EE86D20B48690E7DE2DDFB24B52153D944
      SHA-256:FAB49A5B187192C667830555E93B1568535B72B1B8C063C37001A4F19101D3EB
      SHA-512:3B0379F8422D26E14C9544047AF66157714A9D5BDB91586E343A23F431810B785D6AC5B146786FC62DDAE23A85AA08CE5AE5A66C36308D0AA6E498B12E2C4C71
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......U......Adobe.d.................................................................................................................................................^............................................................................................!1A.Q.aq.".....2...B#...Rr.3.T..b.$..%U..Cc...4d.E&7.SDt..v....eu.'......................!.1QAa....q"Rr..3s4...2..Bb.#Sc$............?...l.AN..K....w...p..v.../DL.q."...qy....N.|m.......Z.....=.]r.7&&....y.?m.{..[Q...:.BYZ..pbU.g.$.>..e..Hevg..T..|M.....8._T.Uk*B..(_U....]..v4L/.\..#%...K..We.]J.X....?"..*r.5.^|.w..]....].Vk.,.....Rz...v..o..s.g.[s~d,l.F.X.6.o..G.........y....~....[.o.qYq.=?._.7..;...?.X.O'|......3......g..}....y...O...{g..k......i?-.:.........+..).:.".k.7G9..G.S......S..?......<..o:.f.'.w.....y..uce.W..../7..!,.{J.E...!$..{J.#Mm.w...iT.ww.J.=.....i.Q).?..P$.....R..%@.O.IS.....O...(.<P*x.T.@..S.....O...(.<P*x.T.@..w..D..=.p"\.'.0.K..H.../...iL!.,..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\marin-black\externalui.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):15086
      Entropy (8bit):5.613086347427281
      Encrypted:false
      SSDEEP:
      MD5:C52E2C223D843AAFB04759BD54E17084
      SHA1:FA3DEBE7767AFF9E4F11EDDD2557B954C7068BA5
      SHA-256:CFA7123B84720AFECF3C970FFACF7E11525F03AA2E6234224C8616B6DAD8AE3C
      SHA-512:7BBE9B08F7736767C4CC884DC2421FC091B37B2FB25A5A8F6F9E45DDABACDCD5024D9275BEEBB7C243844A9F596B7DC7A847F3B0107521C7F023ED0BA591111A
      Malicious:false
      Reputation:low
      Preview:......00......h...6...00..............00.... ..%..F...(...0...`........................................................................................................................................www................p..........................h.....p.........................................................................................................................p.......................p............................wwwwp..................wwwwwp..................wwwwwp..................wwwwwp..............p....wwww.................................................................wwwwwwwp....p........p.............wp.....................wwwp......p....wwwwwwp..wwwww.w.w......ffffff`..wwwwww.........ffffff`..wwwwwwwp.....x.ffffff`..wwwwwxww.....x.ffffff`..wwwwwx.wp....x.ffffff`..wwwwww.ww....x.vfffff`..wwwwww.ww....x..wffff`..wwwwwwxwww...x....vff`..wwwwwwwwwp...x.x...wf`..wwwwwwwwwp...x.wx....`....wwwwwwpp...x.wwx.....wp.......xp...x.www....x..........p...x.wwww...wwfgwwwwwg.p...x.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\marin-black\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 760x100, components 3
      Category:dropped
      Size (bytes):13158
      Entropy (8bit):7.957577425731964
      Encrypted:false
      SSDEEP:
      MD5:275FEC9CF32A2FCE2FFD042C5B598C07
      SHA1:2A040EE3A03DE1FB1711AAADA110CB8C96B4F413
      SHA-256:438CBEFE97EDE84B14B22D40F024E18D850BD4266B8B2E1858B95D9D32A4E43D
      SHA-512:B630B997B4D35DAA7D2A38E3DE612650D1437FC43C282F6A6AA0F067D1C1EACAC50A9D0C2E61B3F87B8BAC740A58C4180B20E26B0DD1B5FD3595E0A6272613CA
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d.........................................................................................!.1A..Qaq..."...2.....B..Rb#r3...CS$d.....................!.1.AQa.2.....q..."BR................?...3..H.K.$......U.~..{F.D.J@..5.tV2.....w." ..Z..W......\...#i..J@.p".3..{:.9o....`@4y..Y..z....O+...v....._.QF.......uv$.%...].."*.R/J.2.v.Z..V....&ni......Re.....1....za..Je.F.>;....h.zc.e.......GS...8.!...2..E.... J.=..(v.c-=.9.-..P.....P\.~...F.d@...../..A.8`..a.OH.O...i".....Uc.f....Gr%0..Q...#..G....{.x..I.p.Uu.:#.w..f|..8...[.F.~K.oc)..TT..).......!&..G..N.z..do.O.g...._.B..0D..v.xc.J.<..^..M0...DcW=..s.$....c..<....g..t.."...._?._V........a"]...,./.?J3.k...Dd%t.."...v.[.D_ZF.N,mF .........P.N3?.@t..-...2...=.5.9.....-S.Y3..B...;&#c,..@.......3."..b9.k.R.s...r.%C.i.#Ry.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\marin-black\rtlo-three-colors.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 760x17, components 3
      Category:dropped
      Size (bytes):3736
      Entropy (8bit):7.8496024134218185
      Encrypted:false
      SSDEEP:
      MD5:84EAC4B68180F9747C04CFDE3582047C
      SHA1:92511DAAFEE81739B9F461D9619351D19C60895F
      SHA-256:1C8E464BDC7201432CBD3F3E59810444C596E80785AAD794375E116597583C08
      SHA-512:330E49CB8E4C859ABE453B1378B1FF768250859AA6D6C7DA1441C6E94A39E2AC7DF49EE257069A7160650033ADC35E2A6AB1ACE634494A920CCC9B36E89E3CA9
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......K......Adobe.d.............................................................................................................................................................................................................................................!1.AQq..a"2.......3.Br.4.R.#........................1!..A.Qq.2.a......"b..B3............?...w...."c\.#...?..]..~.ce.|..o.i:.?......]t..'.44...R3..m...5./.W.]'O.n..kqb./.Y....-.hs...].*nq_w...M...W.[.?]`._TXA<..4..6G..5.\(.H..i5..w.m>....}Oe..X.Z."......H.m...H.}2w.S.t....~........+......e*.K.Lh;P...z9A.&..h.........K,..M0.....n.H.^.W.............a.Zv.K..m/.u.^.J.0.i...|........m9.S..U..GG##>..).Z.n.......e..~]..k.Wz.>;)..Yw/.+...uw.u.?"...d....ZY.....Wm.7v.*...F.:7.....L...<K6..?17.t.W.y.=Qoh..x..2F.<lcK..8...H.V.....#.z....e.~...n....A..........5Y..^......K.t\..tZ."..h.4.h....'P...VA.S.h7...4..tB.7...h'7ri"...SI85lt8.l.S.m...Y.D.7...h.V..o.Q35....1...5NA.N...q...@.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\marin-black\three-colors.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 760x505, components 3
      Category:dropped
      Size (bytes):33784
      Entropy (8bit):7.74541531444249
      Encrypted:false
      SSDEEP:
      MD5:98D4119E9D50BD992996BB095C259E6D
      SHA1:BA170B847C032004D32022FE013E5011ED63C412
      SHA-256:93052F342345D162A3246A0E6B5ABB30A40F6DAE4E6DDB8717E418CFFF840AD5
      SHA-512:07BB9D662C6E864AA40A7BC9AF2306AF23995562FC21047814CA455E76B2C21BE8CC88AF68000DFA8A392242D6F14195CB851F52C272BCE97C949428B66B921C
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d............................................................................................................................................................................................................................................!.1.AQ.aq...."2.....B....R#.....br.3CScs.%..$4.f.....T...5U&6v...u..V..G......................!1.A.Qq.a2R..."#3...Br.S$...4b..C............?..5......l..W.../.....?'.$.U+..z.W.-..>A.IEV...{..b..w%....t..J.....W..E.o:...^..+.+....n.w..A......J5..;....q..w{.Y.E.m...\..t.m..g.>-Ut..-$.&.....n..E.>+y...4..Z...f!..:.JRUu.._..Zo^~m.<u.........rfusKy..%[*....e...P.kg..$.v..F3.rVI._..m........_.Mt....q.%.(..j..~..|.[+L{.....x......MI.%d...m....-.5...2.2Y...k.<U.........K.F{vu...}......]p...r...&..g..en..h.3>...?.UW.C...k.....<.8.%/...}gn.......*c.'$...O.N]...............sm......)..43..]...iq.|.0.K.T.^W>..5.,vum..8.j....G..jqN....m......=...Mn+......o.[..#..l.....s7...R...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\red\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):1481
      Entropy (8bit):6.309747422019437
      Encrypted:false
      SSDEEP:
      MD5:21A1DDFADB1C4EA3D1C59D0364C95A23
      SHA1:2DA390134C9E73C46A804BB770D584FA54179033
      SHA-256:CADA72B0A126220A49302F7AF88517E49040962352EAF1DE1DE776592CE1F6EC
      SHA-512:CEFA0A6486751F3842FDB18D6A928AE6FD583C3D4F678EA7B80C5C3E978FFF4FEC7A19137BEEDC2DB737958234DB8A753D996BBEFCEAA33034A54CB37958AFA2
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......K......Adobe.d.................................................................................................................................................@...............w.........................................................................!.1AQ..a".q.2BR..........................!..............?............................................/..;.4..0..]...k...n.[.......w..q}.>........H..!...q.....W...(]...t.&.m..A..{...q8...\N1:.."5."...7w.....s.?...........................................j.{Z....J..5...|..Ek..n....z.....c..wl..]...g....m...z.k........Y.>..N./..rku.LQdw]4..f..9f.....+.s.Q._g>K. .......................................<O.A.+..?s.g..%dn..fc.*;.........z...,.v...W.......9.._k....m&..O..G...........~7QR...w.l.Y3."..T.W+.6..&g$......y.Ms.8.}.o..................................................j.?q..k....,..*..+/q..3./]'J..l.t....~.@.g..E...f.Nk.'..c.,.....L.#...;k]..:.\...[|.K..)dt.-...p.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\red\blue.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 355x304, components 3
      Category:dropped
      Size (bytes):7379
      Entropy (8bit):7.675014430898698
      Encrypted:false
      SSDEEP:
      MD5:6F1B5342D1B781596A4FEC79112DCB0C
      SHA1:08BDEDC9F65FC3A5F6D13D3EF0502769ABE4BD05
      SHA-256:3986699B9B4BE2F8C1747A37E74943F78870623701F08C90CAA007B4DE17924C
      SHA-512:FAE8A651E1DAF872A24FAE87D477F286CAD599DC232A716DBBAD7F091236DA80C71C30B990B6E2F4FF7E06D4414876DB756B452272A9A3E4B3EC1BC32B9E30D5
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......U......Adobe.d.................................................................................................................................................0.c.......................................................................................!1AQ..aq..r....."2BR.S...b.....#3C.%...c$4TE..&..d.Ue...5F.......................!1Q.."A.R....B.a..............?...}.)I..k....[.W.........z.(..`*...[.`*..P.kC|.U...V*.R..X.)5J...).|.c)..[O.....S.k...wo$.9r......>e.l..8nH.o..}is...{.....8jH....Os..r7$r....F.s..rk]3....;.e...d..8..%...o.W.Y>rk]3......b...?..9..g...|.........5..x9/w.~....u.....|#.}..,.o4...&.........Q]....+).....tq..\...w....~0...r......T.......j..|#..._1...y.}.........>d..<;.y.}..&.?W.......2.....%..E..&.....;...!.....yoW/po..W.hmt......#...v..........o7..R'Uv....O..~a..{..y.......m_....|...t....}.........>..D......x.|..6..~..a..>m..~w..oW..Hm'..L.8......vV...nG..w..s.[....3.....<BN..}.If...&..&......|..s..c}..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\red\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):14533
      Entropy (8bit):7.718536143489753
      Encrypted:false
      SSDEEP:
      MD5:2E04EF38743631B9AAC0EED2BAD8D7B3
      SHA1:15048EE527AC99C46A194A18B4D837F2044C5D12
      SHA-256:819DCC21137E2935D8B858124D3C39088D52DF775AEFDF76911509721946560D
      SHA-512:6095C7FF5AC5DB7CF780F0588853B24ED50523955D809C90187B0878B007F8ADF360DCFB634782B37BA8FF070E631E199AB15A6099D939D4AD667D8F8DF86B5B
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......U......Adobe.d.................................................................................................................................................^.........................................................................................!1A.Q..aq..."2.....#...BR$T..b.3.Ueu.&..Ccsd..E.r..SDt6.4........................1!..AQaq.2.".............?...}6..Tp.>...].E.,.j,.}...e.%.J.....&..D.....K.......Bj2.P.,.Ss..rn.X...v..s.r..5=..y2c..ME.q.......z...oB.]..!lc.].6....}.F.f1..|RN.\.]j...`.-N=z......RWu......s-.=~..r2.~.q..mt....Y]MS.....]g.....=sc.:^.a..gi...9-.r.U....b....>g.[m....V......7?.....\.w..i..}.o..........}........?...,.}.-.n..._.V..f......}a....s+..>~.........R.9....t7.M......)?.'....oz..../.%.}.Cu.y....l.-..x.....K...e...Y...8L.........ef.7/.9x..D..~t.XK.FW.9.........Is........ *......... *......... *......... *........jz7..$.,..YD..i'^.0BS....a....e9}&Q\.nt./...........K...g....O....DSsy..W.}9|.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\red\externalui.ico

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:MS Windows icon resource - 3 icons, 48x48, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):15086
      Entropy (8bit):5.036354960673055
      Encrypted:false
      SSDEEP:
      MD5:235E54EB7ACEA02DC322F4065498165D
      SHA1:AD825997EC58A33A164B471FE3BD4B7C74614D9A
      SHA-256:B294EDF73CC936610CC81BCA6B95D1C7D6091595EC074C6B334ECA45D2DC354F
      SHA-512:5AC20371FD09E6A1F8C134FB24C045C36D835544D04E681FB6A51ADFF12A6BF8225C53D865B601EA5452024ABE7C02204A759B317D7410CF59F66ADFBE089D5C
      Malicious:false
      Reputation:low
      Preview:......00......h...6...00..............00.... ..%..F...(...0...`........................................................................................................................................www................p..........................h.....p.........................................................................................................................p.......................p............................wwwwp..................wwwwwp..................wwwwwp..................wwwwwp..............p....wwww.................................................................wwwwwwwp....p........p.............wp.....................wwwp......p....wwwwwwp..wwwww.w.w...............wwwwww..................wwwwwwwp.....x..........wwwwwxww.....x..........wwwwwx.wp....x..........wwwwww.ww....x..........wwwwww.ww....x..........wwwwwwxwww...x..........wwwwwwwwwp...x..........wwwwwwwwwp...x............wwwwwwpp...x.........wp.......xp...x........x..........p...x...............wq..p...x.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\red\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 760x100, components 3
      Category:dropped
      Size (bytes):15366
      Entropy (8bit):7.95557428882131
      Encrypted:false
      SSDEEP:
      MD5:845B155C2F68096094B443873E5A6142
      SHA1:A1167CADC4ED424BFC9AABF61B3E0EDBE6FFC818
      SHA-256:70FFF5DC4ECCA73EF601BD78A67EAF0141079EBA11FC9659EC4C4A4AA5C78C9E
      SHA-512:60B9165D37600A5EB1563CA8C69579C2DEE8ECFAD8BF60580DEB7307607BDDE33BEBAA07C3E35D94366FDC4D403747049AA758D4096519836E11BF7CE0326040
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......U......Adobe.d.................................................................................................................................................d............................................................................................!1..AQ.aq."2.......B..Rr#3..b...CS$..s.%..T.....................!.1.Q.Aaq......"2..#...B.............?......=.u..[..7M.+v.p.H...6....:Y.........f.O..*.RK...)tH9...2D.....ZGI......P.QU..M....;1.W....|J......\O......g.=W..n'......Y.7U.&..._.w..n..UW..k....Q...U^.6.Sa.w....U^..wSTy..L....W....y..)..z..qaq&.c.).gMR.X.&.c.)..C.......u.!....X....j..A..v...MF.D.*h..Q....T.4.n..GC.f7H..S..,{.Lt.-..P.i0e./a..^I.&......~.u%d0...J..9..#....(~I.%d........&s].YB....)..,ah.H..b.sY.-..41.|.4.o#Hm...L..U...x.h.[....vj.....Q.....]upp..Cn...Y2VA1@j8e..d.......n.N....[@.S..US&...$.{1FI0.x....s%i.!...W..,....cJ.......hI.``..P...n$.c..7....e..Q.]..4..I.%...cI..@..D\..iE...4..C..EV...v..&~OQ.a

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\red\rtlo-three-colors.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 760x17, components 3
      Category:dropped
      Size (bytes):3420
      Entropy (8bit):7.841479572759416
      Encrypted:false
      SSDEEP:
      MD5:A45540685353D14EB9B2344F556F672B
      SHA1:C540395FAFD4D23A5614B5A692080D3B07DEBCAB
      SHA-256:CE18FC834CEA0215B8BD6EB1C66586B4904FC7FCE758F6CBB1E9EB6FC004F338
      SHA-512:69DAFCD7BDCDF72E352EDFC67DF2C58FDEA22A6779702FB00670B90619DD0D673B8FB74E7047F7CB807AACEC08533A128DC437AFAB054C9FCB911D7C2779FCF3
      Malicious:false
      Reputation:low
      Preview:......Exif..II*.................Ducky.......U......Adobe.d...........................................................................................................................................................................................................................................!1.AQ.aq.."2.3.......B.#.R..r4........................!1AQ..a..."2...B............?.....}=...5....6..9....u]A@1....G.x.f.~...]i...VpKw....+[f.....q...i.4.M.;Kz..}=.-.....7B...............?...W..?C.........R........K...5...+JU,............^..Oik......dL..".x.q/ ..m.l.k.Z.e..j.L..=..&...K._Px.@h.w..X..[zV...}mk.ZL.....3-c. ....2...... .^...z............Q..E.A..d..h.......\...}6uV.3.....t...!.~.f......l.....J^z.G~.&...e....A.c.$...]PG.(hjF.S^+.].k~...<.[t..Qt2:.d...-..c\.e..y1M...m.....'.{.ei...`d....k...1....2.O.CA..&.'.>O..[...........i.M...>X..B..F..=.s.-...<.......N...6....[Z.943.f....NMr<E.W%I.ro..#..ro.....nj..6......b.F...k..U.B-bu.=.b..Bi........e<...U

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\modern\resources\variations\red\three-colors.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 760x505, components 3
      Category:dropped
      Size (bytes):26619
      Entropy (8bit):7.547741155491426
      Encrypted:false
      SSDEEP:
      MD5:718CAFA7E04A8D4D98116BCB4C377D7F
      SHA1:38A1EAC1E72997FFA9FB01BDE2540B18F046A3F5
      SHA-256:FBE48BA8AF8CC23A66906A1E94AC10D86CE91B86A18531CE1C96D6061387C2B5
      SHA-512:0FECEB6C7AC536B985198C63008668424DA51E628656706DE30E472DAEA49380F5D25187A268E8BF2E3740AAB6A8ED1171EC4E2C6A69699BAB7DB5B619CB36EB
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......U......Adobe.d.............................................................................................................................................................................................................................................!1..AQ.aq"....2....BR#....3..b...r..$...CS.....c....vX4.f'G8.......................!Q.1.A...aS..q.."2RC..B...3............?....um.|:....o..H....e..W'...e."......X.o^.9{.<.sY.........nk;7.....K.S.W....;...$..3Sk..6w[._...k..Y....n......t...Gk....^.k..t...Sg..U..,...v.Y..lw7p....M...v{....<O...^.d{[..0.?{5..I......>y...#..]m$.ztz.)6..z.z.'-K.=:.m.O....W...X&.Ez.8.+q...*.u..b.=...].m..>.5...8?...k.....(...p.r.=.[H6.*..6...M.aG....h....|.I^m.ee9.....e../ccf)-*.....}.LjQP.....m..Y.aW.5+...y.[...k.y..-......:.......p....v..{..m.6.:..bt..-..1JR^..7.\6.CmbR..8.es....&.O......"...sle}].{tU../...iVg)]. ..&Gm.,0.GM.....Kp.km.q..M.g....j.....C.[.DK...U..8BQk....Te...v......a.EJ..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\AdminRegistrationDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2926
      Entropy (8bit):5.235196651946202
      Encrypted:false
      SSDEEP:
      MD5:535C0D8EC35915C68B95E9291C412E0F
      SHA1:5D92312CD239C74694AE4EA74C1A85ABE66231A7
      SHA-256:80AD7F52675621FAD6A289401B22227D8AC77CF91E8AAD2325633C2F4D4C3BC1
      SHA-512:1A5B06DF9353885CACF5422A83B42B1B17361088ED1B31FC32AD2C0F70164EDA8D5916D8CDB71C520BDD7772BCF3B05E3CB8802D3A2C8B119602EA634E963015
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="AdminRegistrationDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[DialogBitmap]" Order="100"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="OrganizationLabel" Type="Text" X="45" Y="110" Width="360" Height="30" Attributes="65539" Order="200" TextLocId="Control.Text.AdminRegistrationDlg#OrganizationLabel"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="OrganizationEdit" Type="Edit" X="45" Y="144" Width="360" Height="18" Attributes="3" Property="COMPANYNAME" Text="{80}" Order="300" TextLocId="Control.Text.AdminRegistrationDlg#OrganizationEdit"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="CDKeyLabel" Type="Text" X="45" Y="169" Width="54" Height="11" Attributes="65539" Order="400" TextLocId="Control.Text.AdminRegistrationDlg#CDKeyLabel"/>.. <

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\BrowseIISWebsitesDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3807
      Entropy (8bit):5.4661584030583015
      Encrypted:false
      SSDEEP:
      MD5:8CCF5C90A00F65686460E7EB7B49B9CA
      SHA1:95737C4177C3B6F031F7107D3C39166D8F0F5D42
      SHA-256:FCBBCC9FA748980D6310F38472F15577B1F4D6809BC8DAA681C0BC74C96B1D8D
      SHA-512:D6F77957CB7F57FAEBDD736F3EAECEA1FCDAEF11F2261D8764A8BCC6A9A98C1C66F8F93E8A8BFF89607DA9C3C9F6FB8DC4D54E1269DADA649EA67B4B56931307
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="websitelogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\IISlogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="WebsiteLogoIcon" Value="websitelogoicon" Type="1"/>.. <ROW Property="BrowseIIsDlgTitle" ValueLocId="Control.Text.BrowseIISWebsitesDlg#Title"/>.. <ROW Property="BrowseIIsDlgSubTitle" ValueLocId="Control.Text.BrowseIISWebsitesDlg#Description"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048576" Text="[DialogBitmap]" Order="100"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Next" Type="PushButton" X="350" Y="328" Width="56" Height="17" Attributes="2" Text="[ButtonText_Ne

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\ClientServerDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):8145
      Entropy (8bit):5.365135353651752
      Encrypted:false
      SSDEEP:
      MD5:A27C6FE36A648971249C99CBE0294263
      SHA1:52E295F8E4E5491A59C3489647F1F4A15AAEF6FC
      SHA-256:549B0D7E17D55A13D69773E7CED9B7ED9C69E9B83F0ED15633456B0095C2882C
      SHA-512:BAE714E94288DFF0279063B598992543EB7B88D664E12A0A01BE61A83E855E669AE37A40424CC1C4B2B22178731874DB23C4A71131A7BBEB880F5F64DBB5D692
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="clientic" SourcePath="&lt;AI_THEMES&gt;common-res\images\client.ico"/>.. <ROW Name="serveric" SourcePath="&lt;AI_THEMES&gt;common-res\images\server.ico"/>.. <ROW Name="clientserveric" SourcePath="&lt;AI_THEMES&gt;common-res\images\client_server.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ClientIcon" Value="clientic" Type="1"/>.. <ROW Property="ServerIcon" Value="serveric" Type="1"/>.. <ROW Property="ClientServerIcon" Value="clientserveric" Type="1"/>.. <ROW Property="ClientServerDlgTitle" Value="" ValueLocId="Azure.Control.Text.SetupTypeDlg#Title"/>.. <ROW Property="ClientServerDlgSubTitle" Value="" ValueLocId="Azure.Control.Text.SetupTypeDlg#Description"/>.. <ROW Property="ClientServerDlgCustomLabel" Value="" ValueL

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\ConfigureDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1833
      Entropy (8bit):5.330439014852302
      Encrypted:false
      SSDEEP:
      MD5:ECA9647E400AA667143480AA66C8FFB1
      SHA1:017409E3C6E9ECE92748EF3330E8E9BD55F01F99
      SHA-256:B0A4682A91E10EFA8153B9FA7238A10F8ABDD48B5DDB60B7D53066E4FBE3684F
      SHA-512:CD826FE0D2490DB83C85CAF69347100C66F5922EEF9FBDE9CAC8A38DB5A4E2A9B2C3D996EB37EB840D22640407894022D659A8AC50C27B5AC58F0C0A29931EF0
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ConfigureDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[DialogBitmap]" Order="100"/>.. <ROW Dialog_="ConfigureDlg" Control="Next" Type="ImageButton" X="351" Y="324" Width="54" Height="27" Attributes="3" Text="[ButtonImage]" TextStyle="[ButtonTextStyle]" Order="200" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="ConfigureDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="3" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="ConfigureDlg" Control="Back" Type="ImageButton" X="45" Y="324" Width="54" Height="27" Attributes="3" Text="[ButtonImage]" TextStyle="[ButtonTextStyle]" Order="400" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataL

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\CustomizePage.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2853
      Entropy (8bit):5.309449238323088
      Encrypted:false
      SSDEEP:
      MD5:9BE9FB41D5EFA00C505C3448BA7030B7
      SHA1:6A3AA69451F0CCB527763D78CE6B8AB1B27F37D9
      SHA-256:76290C78DE16DE63409920D2E35269A79D7837D12ED40E3DBE34EB56644E3F4D
      SHA-512:8571615AFE1FEBC95E846BE166693A0C38693989EBC8F89CADC5E739A27C959F23206C92CF10913098485B742578FED138AF46343A1EF67290C2DCA1B493D012
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="CustomizePage" Control="Background" Type="Bitmap" X="0" Y="1" Width="359" Height="263" Attributes="1" Text="[TabBackground]" Order="100"/>.. <ROW Dialog_="CustomizePage" Control="Description" Type="Text" X="9" Y="15" Width="314" Height="12" Attributes="196611" Order="200" TextLocId="Control.Text.CustomizeDlg#FeatsShortDescription"/>.. <ROW Dialog_="CustomizePage" Control="Tree" Type="SelectionTree" X="9" Y="39" Width="342" Height="190" Attributes="7" Property="_BrowseProperty" Order="300" TextLocId="Control.Text.CustomizeDlg#Tree"/>.. <ROW Dialog_="CustomizePage" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="" Order="400" TextLocId="-"/>.. <ROW Dialog_="CustomizePage" Control="ItemDescription" Type="Text" X="9" Y="238" Width="191" Height="26" Attributes

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\ExtRegDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4179
      Entropy (8bit):5.451185433804466
      Encrypted:false
      SSDEEP:
      MD5:B62D9CB7AEC64047C1331DE8DB475C21
      SHA1:801F6C4E0269D5199A96476B125F3A9860DB1A34
      SHA-256:AC1338BABEC69304B861062162D2F5D888691115A677D48207285519C62BAF7C
      SHA-512:2170CD4C7CBCF98E3991425D8D8B4EC8870292903EC3DC61D57612FA6396324268A64C7447E0DEC5948A9CF84A2DE1E84D20A46B2A3A86A09F67A7FEAF1FD67B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="extreglogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\ExtRegLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ExtRegLogoIcon" Value="extreglogoicon" Type="1"/>.. <ROW Property="ExtRegDlgTitle" Value="" ValueLocId="Azure.Control.Text.ExtRegDlg#Title"/>.. <ROW Property="ExtRegDlgSubTitle" Value="" ValueLocId="Control.Text.ExtRegDlg#ExtList"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ExtRegDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;extreg.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="ExtRegDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\FolderPage.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3888
      Entropy (8bit):5.301052792939519
      Encrypted:false
      SSDEEP:
      MD5:5E5C6B881170DCFA6747EAE49221AE7F
      SHA1:1DFA9C22D5315B11994283B2B415C8A7AC1DC9E1
      SHA-256:4CF037BAADD8485DD1C204FD0A1EC7FF3988156A05A25045EB53892574FC93CA
      SHA-512:6D6513EF12CDE4E614F10F1E63F654B6E504E4C893FB62EFA5F8BD47B17C41D0E6BDD80A61B1AD01CAC0FCC343264B36A1C2C74DAB6C56AB3DAB754FDFE35F95
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FolderPage" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="" Order="100" TextLocId="-"/>.. <ROW Dialog_="FolderPage" Control="Background" Type="Bitmap" X="0" Y="1" Width="359" Height="263" Attributes="1" Text="[TabBackground]" Order="200"/>.. <ROW Dialog_="FolderPage" Control="Browse" Type="PushButton" X="260" Y="79" Width="88" Height="21" Attributes="3" Text="[ButtonText_Browse]" Help="|" Order="300" TextLocId="-" HelpLocId="Control.Help.FolderDlg#Browse"/>.. <ROW Dialog_="FolderPage" Control="FolderEdit" Type="PathEdit" X="52" Y="81" Width="204" Height="18" Attributes="7" Property="APPDIR" Help="|" Order="400" HelpLocId="Control.Help.FolderDlg#FolderEdit"/>.. <ROW Dialog_="FolderPage" Control="Text" Type="Text" X="52" Y="44" Width="300" Height="30" Att

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\InstallDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):6800
      Entropy (8bit):5.400311440387327
      Encrypted:false
      SSDEEP:
      MD5:F87787D785F7F0BF866112A2C4FE403D
      SHA1:F8514976EC4730B2E770D7FD53E0451C1AD7CA01
      SHA-256:445E778BE70D55124E596C8C0590B725CAB2CC0FDD0490A80AF6FF283241E861
      SHA-512:784E779A676D3352BBCCC1523EE3C9768FB6174A9CE21A2AA72ABD53786C2A1A5B7E596A285C140276A4D43F5E6CCE742B725DD887D426850A2DE042EA4AA5E8
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="InstallDlgTitle" Value="" ValueLocId="Control.Text.InstallDlg#Title"/>.. <ROW Property="InstallDlgSubTitle" Value="" ValueLocId="Control.Text.FolderDlg#TextNoNext"/>.. <ROW Property="InstallDlgSpaceReq" Value="Total space required on drive: [PrimaryVolumeSpaceRequired]" ValueLocId="Spring.Control.Text.CustomizeDlg#SpaceReq"/>.. <ROW Property="InstallDlgSpaceAvail" Value="Space available on drive: [PrimaryVolumeSpaceAvailable]" ValueLocId="Spring.Control.Text.CustomizeDlg#SpaceAvail"/>.. <ROW Property="InstallDlgSpaceRem" Value="Total space required on drive: [PrimaryVolumeSpaceRequired]" ValueLocId="Spring.Control.Text.FolderDlg#SpaceRem"/>.. <ROW Property="InstallDlgBrowse" Value="Browse..." ValueLocId="Modern.Control.Text.CustomizeDlg#Browse"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advi

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\InstallTypeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4960
      Entropy (8bit):5.4202349953101985
      Encrypted:false
      SSDEEP:
      MD5:809ADD41515F2F952FBEFD144EC4F36F
      SHA1:2CA117FAE88DA59A973ED043C88E5A260902924D
      SHA-256:C4A192BEAF52107A7696BFF3C4D923180442FE3B43ACAE74A116FD2BAB65D97F
      SHA-512:767517A06DF4C508481C7EEBA5D99F8BB9127DBB479DA262F635221C55957DB736D171F50DC5DD0A873D9A8177EF54EE4BE317ED459D08CDC5218387818AA202
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="installtypelogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\InstallTypeLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="InstallTypeLogoIcon" Value="installtypelogoicon" Type="1"/>.. <ROW Property="AI_InstallPerUser" Value="1" Type="4"/>.. <ROW Property="InstallTypeDlgTitle" Value="" ValueLocId="Azure.Control.Text.InstallTypeDlg#Title"/>.. <ROW Property="InstallTypeDlgSubTitle" Value="" ValueLocId="Control.Text.InstallTypeDlg#Description"/>.. <ROW Property="InstallTypeDlgLabel" Value="" ValueLocId="Azure.Control.Text.InstallTypeDlg#NameLabel"/>-->.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="InstallTypeDlg" Control="TemplateDlgDialogInitializer" Type="DialogInitializer" X="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\LanguageDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3865
      Entropy (8bit):5.466237964836412
      Encrypted:false
      SSDEEP:
      MD5:E8F64B4613E413B5913B3F15001AC881
      SHA1:52CC3E07F686374C6662BC8B5BEBA11946CC0EB9
      SHA-256:76045C3F3B2FB21D173ABD9A5BC1986C03A2D69EF4D7EF02A8641A6BDC964300
      SHA-512:F4F1CDE7E32876AE10B9FC59E4AA89A9984773BAC6FF05E4DD25646B5844DE14EE7DA097DE67B8ECAAC7B3487AC634DD228588F20A877458CE8BCCF45974B786
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent">.. <ROW Action="LanguageDlg" Sequence="75" Condition="AI_BOOTSTRAPPER AND (NOT AI_SKIPBOOTSTRAPPERLANG) AND (NOT Installed)" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_BOOTSTRAPPERLANG" Type="4" ValueLocId="Property.AI_BOOTSTRAPPERLANG"/>.. <ROW Property="LanguageDlgTitle" Value="" ValueLocId="Control.Text.LanguageDlg#Title"/> .. <ROW Property="LanguageDlgLangText" Value="" ValueLocId="Control.Text.LanguageDlg#LangText"/> .. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LanguageDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;language.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\MaintenanceTypeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (358), with CRLF line terminators
      Category:dropped
      Size (bytes):8723
      Entropy (8bit):5.349585770321179
      Encrypted:false
      SSDEEP:
      MD5:DB00E45B6A44671766D2765693FD9D62
      SHA1:2C5A2039FBD7FF399C530501EFAF21C02CE962BD
      SHA-256:C99590A19D0745CA2B37369A3A7ECE96EFB5C84D2DBCCEA213A909932DE3012D
      SHA-512:95BC09B4EEB87851050A557C7A7BC25DACED750E15117365D32CE7973C578AE43914A6C32BAB06FB988ABDFD64C0A9C74F891F68A468BF30391A14F721EF5A2E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MaintenanceTypeDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;maintype.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048576" Text="[DialogBitmap]" Order="200"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="ChangeLabel" Type="Text" X="110" Y="100" Width="100" Height="11" Attributes="65538" TextStyle="[DlgTitleFont]" Order="300" TextLocId="Control.Text.MaintenanceTypeDlg#ChangeLabel"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="ChangeButton" Type="PushButton" X="45" Y="100" Width="38" Height="38" Attributes="5767170" Text="[CustomSetupIcon]" Order="400" HelpLocId="Control.Help.Maintena

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\MaintenanceWelcomeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3435
      Entropy (8bit):5.383123156191267
      Encrypted:false
      SSDEEP:
      MD5:B45AD4EA2BFD7BCC458883D76161F1AE
      SHA1:4933E46CB60C2297E7D06DDC989CF1BD3B1A09A7
      SHA-256:ED84A087E6D020CDC6BB31B4B3714DA3B533D22CEDF29AC3BBE38CA21BE53053
      SHA-512:01F70A15966C6661C30F04BBB83A66EFF7E3ECA1EE75DCD1AC68848051DF96834AD5CDB34A9810E93182ACA35DA83D9B7785A51A8B5C879EC21D59F4F2EAF2DE
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;maintwelcome.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048576" Text="[DialogBitmap]" Order="200"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Next" Type="PushButton" X="350" Y="328" Width="56" Height="17" Attributes="2" Text="[ButtonText_Next]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="MaintenanceWelcomeDl

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\MultipleInstancesDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):8257
      Entropy (8bit):5.422602593154531
      Encrypted:false
      SSDEEP:
      MD5:0F5FC05C8BFD2D7A85C5922934F0D132
      SHA1:C6E254AA91C01E4428A5335E026C7762C344F364
      SHA-256:5F29223AF909AD8836C814E475A639E4B2280437F84A11440D230BD0DE12828C
      SHA-512:71AC9C223C62C089CB915301D6644AC418526D7B82BA5B8369674AF2B456FC66E9D5EF176F0F2C057ECD7861EA5BDE5300439453F1D30CF7E7E34C50256C3CB9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="MultipleInstancesDlg" Sequence="450" Condition="AI_BOOTSTRAPPER AND AI_EXIST_INSTANCES" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent"> .. <ROW Property="INST_RADIOBUTTONGROUP_PROP" Type="4" ValueLocId="Property.INST_RADIOBUTTONGROUP_PROP"/>.. <ROW Property="MultipleInstancesDlgTitle" Value="" ValueLocId="Control.Text.MultipleInstancesDlg#Title"/>.. <ROW Property="MultipleInstancesDlgSubTitle" Value="" ValueLocId="Control.Text.MultipleInstancesDlg#Description"/> .. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCheckBoxComponent">.. <ROW Property="INSTNAME_CHECKBOX_PROP" Value="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MultipleInstancesDlg" Control="HtmlHo

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\OptionalFeatsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4389
      Entropy (8bit):5.438227163753327
      Encrypted:false
      SSDEEP:
      MD5:40BB32456D981EC1642CB8C3EDC06A35
      SHA1:9C893DEEBE1F532ADB14F7D6738D7D2295DDA6FB
      SHA-256:0BBC4B6BAD40379F6D3C0C2CB7B7E13D4509A2DC2DB28C26B6DBEAEF7551DB84
      SHA-512:E2C50E86CB7C4507EAD246D66EBA311860E5E774A54912F1142CB225E2BB54E07B5E66BE936D2A47D08A031BF638CD01A4BFDC1ACDF37A278BFD375BC3441EF9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="OptionalFeatsDlgTitle" ValueLocId="Control.Text.OptionalFeatsDlg#Title"/>.. <ROW Property="OptionalFeatsDlgSubTitle" ValueLocId="Spring.Control.Text.CustomizeDlg#Desc"/>.. <ROW Property="OptionalFeatsDlgSpaceReq" ValueLocId="Spring.Control.Text.CustomizeDlg#SpaceReq"/>.. <ROW Property="OptionalFeatsDlgSpaceAvail" ValueLocId="Spring.Control.Text.CustomizeDlg#SpaceAvail"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="OptionalFeatsDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;optfeat.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="10485

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\PreparePrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3133
      Entropy (8bit):5.391373297447996
      Encrypted:false
      SSDEEP:
      MD5:056E0A604A5B2A5BFFA6BA8C2D42ABB8
      SHA1:320D12F224685BB1F589D13F28CC2C2A133B614A
      SHA-256:66FDAEB52CC6C20A8C903EE19C0E5C8D928016DA21F64FCE388550371D117DB5
      SHA-512:640EC836F5CBF3156B0143B94B072FAF107CC490870F91BB74BCC86F5987A7291FFCB74F6B27EB91376C6A2C700EA48069D501E3DBDC3138E78B27163AE8CE67
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="PreparePrereqDlg" Sequence="150" Condition="AI_BOOTSTRAPPER" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent"> .. <ROW Property="PreparePrereqDlgTitle" Value="" ValueLocId="Control.Text.PreparePrereqDlg#Title"/> .. <ROW Property="PreparePrereqDlgSubTitle" Value="" ValueLocId="Control.Text.PreparePrereqDlg#Description"/> .. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent"> .. <ROW Dialog_="PreparePrereqDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="200" TextLocId="-" Options="1"/> .. <ROW Dialog_="PreparePrereqDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\ProgressPrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4338
      Entropy (8bit):5.406342592626272
      Encrypted:false
      SSDEEP:
      MD5:19122F6D66717F838E71DA906DB865AF
      SHA1:EE5166456E3ACC16B5064EF257D41A468D73A17C
      SHA-256:1D33B7757FCA1D84160C91B32E16356F6C39582EA7EEB595C016C55B889D4A58
      SHA-512:09B2CB80C5F254CAE97FD594E561B67E68E38D463220F8742D131ACF91654AF0B7D75F3DC9CD2D6380B1A7938046BAD54969244C55B090955FC2EF1C28F64A44
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent">.. <ROW Action="ProgressPrereqDlg" Sequence="300" Condition="AI_BOOTSTRAPPER AND AI_MISSING_PREREQS" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent"> .. <ROW Property="ProgressPrereqDlgTitle" Value="" ValueLocId="Control.Text.ProgressPrereqDlg#Title"/> .. <ROW Property="ProgressPrereqDlgSubTitle" Value="" ValueLocId="Control.Text.ProgressPrereqDlg#Text"/> .. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ProgressPrereqDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;progressprereq.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\SQLServerConnectionDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):10716
      Entropy (8bit):5.431178290408535
      Encrypted:false
      SSDEEP:
      MD5:1DFED27EE0CBA8BA9F25E217E51E8289
      SHA1:E2F672FF6C9B22411D65B8625CBB2CCD0B48AC08
      SHA-256:F1BD4D0DA93B9882528DF19F71382D849291810A0B4B26534C430E1E64EE7CF2
      SHA-512:21A90BFAC96F6A5E4418580CE9AC6A65F00A4790CBF5DC6E10EF411678A0B73512778D3BCD1714FE51A08185D64F88F577A5218ADBCEC40D7F0DCED065733D72
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="12.6" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiDialogComponent">.. <ROW Dialog="SQLServerConnectionDlg" HCentering="50" VCentering="50" Width="450" Height="360" Attributes="3" Control_Default="Next" Control_Cancel="Cancel" TitleLocId="Dialog.SQLServerConnectionDlg"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent"> .. <ROW Dialog_="SQLServerConnectionDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;sqlserverc.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048576" Text="[DialogBitmap]" Order="200"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Back" Type="PushButton" X="45" Y="328" Width="56" Hei

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\SetupTypeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):7236
      Entropy (8bit):5.426450595976923
      Encrypted:false
      SSDEEP:
      MD5:DCE7920D67BAD97FE6CEF89CCE7786D6
      SHA1:3CF27CF08380963D9E8A58F9D9A5F74C59615BEB
      SHA-256:5A14E99764E5F385B1CD2ED79B2B79F4CEC45D9017533FFB9D8160A7052AC114
      SHA-512:63CB9057B04AB3FB576ADC13FC653EF402B1ABE1E8D048E44ED7C37B9EE77AE4B1592C4859591027AAFDBBA5AF7752432499FF939F7FDCD23F8949AB8C57C163
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="SetupTypeDlgTitle" Value="Choose the installation you want" ValueLocId="Azure.Control.Text.SetupTypeDlg#Title"/>.. <ROW Property="SetupTypeDlgSubTitle" Value="Please choose your preferred type of [ProductName] installation below:" ValueLocId="Azure.Control.Text.SetupTypeDlg#Description"/>.. <ROW Property="SetupTypeDlgCustomLabel" Value="Custom" ValueLocId="Spring.Control.Text.SetupTypeDlg#CustomLabel"/>.. <ROW Property="SetupTypeDlgTypicalLabel" Value="Install Now" ValueLocId="Spring.Control.Text.SetupTypeDlg#TypicalLabel"/>.. <ROW Property="SetupTypeDlgCustomDesc" Value="Choose features to install" ValueLocId="Spring.Control.Text.SetupTypeDlg#CustomText"/>.. <ROW Property="SetupTypeDlgTypicalDesc" Value="Installs most common features" ValueLocId="Spring.Control.Text.SetupTypeDlg#TypicalText"/

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\SharePointLogDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3411
      Entropy (8bit):5.446984232792893
      Encrypted:false
      SSDEEP:
      MD5:3991413D20047BED4AD3D1722244FE1A
      SHA1:8D9A7BBB2FD5DA26FAD4ED1C7ED6BF4E698CA599
      SHA-256:34DA2F432C9CBC104BE0C345191F9492F0870F7955BA6DE41C47A5C77DDCCFE3
      SHA-512:C2A1B7751AC0452A09633F68E5EEE93690C21343216EC29CE7EA805FC712A9A14CA91C47F87EB1A3141129FB833316FEF89CE84BE7A85FBB4F41D78E67EE3F0A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="SharePointLogDlgTitle" ValueLocId="Control.Text.SharePointLogDlg#Title"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SharePointLogDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048576" Text="[DialogBitmap]" Order="100"/>.. <ROW Dialog_="SharePointLogDlg" Control="Next" Type="PushButton" X="350" Y="328" Width="56" Height="17" Attributes="2" Text="[ButtonText_Next]" Order="200" TextLocId="-" Options="1"/>.. <ROW Dialog_="SharePointLogDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="SharePointLogDlg" Control="Back" Type="PushButton" X="45" Y="328" Width="56" Height="17" Attributes="2" T

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\StartMenuShortcutsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):6568
      Entropy (8bit):5.424521069778106
      Encrypted:false
      SSDEEP:
      MD5:057140A57D6066289814C49F43068FBA
      SHA1:FD0B60FF9D4635E1FB3F478AEA350787FC4A6C1A
      SHA-256:9B655103779E52B8A36FD72D0F5F6378FC15945FE8995340D40C2DCA77A10F8A
      SHA-512:A36DCF66C3773A4A242DB1B36723811BD676EA34D70066B588B6A55E09E628CBD22B0456FC1E2A56CD626FBE3278FD9691D1ADE1CBBCD943D87ECBB3253B3602
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="startmenushortcutlogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\StartMenuLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiComboBoxComponent">.. <ROW Property="AI_SH_DIR" Order="1" Value="[ProductName]" Text="[ProductName]"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="StartMenuShortcutDlgLogoIcon" Value="startmenushortcutlogoicon" Type="1"/>.. <ROW Property="StartMenuShortcutDlgTitle" Value="" ValueLocId="Azure.Control.Text.StartMenuShortcutsDlg#Title"/>.. <ROW Property="StartMenuShortcutDlgSubTitle" Value="" ValueLocId="Control.Text.StartMenuShortcutsDlg#Description"/>.. <ROW Property="StartMenuShortcutDlgShDirText" Value="" ValueLocId="Control.Text.StartMenuShortcutsDlg#ShDirText"/>.. <ROW Pro

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\TemplateDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1704
      Entropy (8bit):5.258318068126784
      Encrypted:false
      SSDEEP:
      MD5:543687FAB51001F510EF118954639977
      SHA1:D6F332D00B33975E5AFA31A6AE9B3BBA5D67CF3E
      SHA-256:7CC08C91FF5D6E5C4F6F588EFF56D191FCD1DDF38542FC3C4FD00E9EEDEE9428
      SHA-512:28CE675FA401C74F4BE5122DD385D70B2A23EC9E98C40907EF38BE3762D596AC7A80B5AB04DF38BCD68B9229F6CE88FF85C94F5D7F878A26B83D7C24494CE2A9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048577" Text="[DialogBitmap]" Order="100"/>.. <ROW Dialog_="TemplateDlg" Control="Next" Type="ImageButton" X="350" Y="323" Width="54" Height="27" Attributes="3" Text="[ButtonImage]" TextStyle="[ButtonTextStyle]" Order="200" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="TemplateDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="TemplateDlg" Control="Back" Type="ImageButton" X="45" Y="323" Width="54" Height="27" Attributes="3" Text="[ButtonImage]" TextStyle="[ButtonTextStyle]" Order="400" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataLocId

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\TomcatServerDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):6776
      Entropy (8bit):5.440631874784286
      Encrypted:false
      SSDEEP:
      MD5:EE29AF5DA2A574E69A38361680988A3E
      SHA1:0B929E2447AFEDAD4BB8FDFCD2ECFCC0585BCF88
      SHA-256:FE6E35EC72A10B988B55452D2DF216D393B05F5586B1653660C7E620512421F7
      SHA-512:5378220B6BA551CFB2A8508C25C3E52DD13B0704AA093C540110958BCCBCAC7514184DDABC629B5FC3D943891F5BD78812AFD1E8A4785260731EC705A1A63474
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="tomcatlogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\TomcatLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="TomcatLogoIcon" Value="tomcatlogoicon" Type="1"/>.. <ROW Property="TomcatDlgTitle" Value="" ValueLocId="Azure.Control.Text.TomcatServerDlg#Title"/>.. <ROW Property="TomcatDlgHostNameLabel" Value="" ValueLocId="Control.Text.TomcatServerDlg#HostNameLabel"/>.. <ROW Property="TomcatDlgHttpPortLabel" Value="" ValueLocId="Control.Text.TomcatServerDlg#HttpPortLabel"/>.. <ROW Property="TomcatDlgHttpSslPortLabel" Value="" ValueLocId="Control.Text.TomcatServerDlg#HttpSslPortLabel"/>.. <ROW Property="TomcatDlgShutdownPortLabel" Value="" ValueLocId="Control.Text.TomcatServerDlg#ShutdownPortLabel"/>.. </COMPONENT>.. <

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\UpgradeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5382
      Entropy (8bit):5.467591329327261
      Encrypted:false
      SSDEEP:
      MD5:097FC3068482B21EB064F239BBA8D7AF
      SHA1:40279412BE57DDD1A1092C5C38422D7AD61E31D6
      SHA-256:6E6B80B1054C4A5F450AD10DB3A89844F2ACB8A002ADCE09FED3526C0B310840
      SHA-512:997592F71B8FC8C3CDDFB993707646D7476E57123B651FAD31435539596DFF5E47785AE35980DE6BADAB93ADE1C4E72F6DDC5CE3163AD1250E995F3B70166510
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="upgradelogoicon" SourcePath="&lt;AI_RES_COLOR&gt;UpgradeLogo.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_Upgrade_Question_Yes" ValueLocId="Property.AI_Upgrade_Question_Yes" Type="4"/>.. <ROW Property="AI_Upgrade_Question_No" ValueLocId="Property.AI_Upgrade_Question_No" Type="4"/>.. <ROW Property="AI_Upgrade_Replace_Question_Yes" ValueLocId="Property.AI_Upgrade_Replace_Question_Yes" Type="4"/>.. <ROW Property="AI_Upgrade_Replace_Question_No" ValueLocId="Property.AI_Upgrade_Replace_Question_No" Type="4"/>.. <ROW Property="UpgradeLogoIcon" Value="upgradelogoicon" Type="1"/>.. <ROW Property="UpgradeDlgTitle" Value="" ValueLocId="Azure.Control.Text.UpgradeDlg#Title"/>.. <ROW Property="UpgradeDlgSubTitle" Value="" ValueLocId="Control.T

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\VerifyRemoveDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4123
      Entropy (8bit):5.482910494980054
      Encrypted:false
      SSDEEP:
      MD5:887220DCABC908BFC31BEF0C4F24DCFE
      SHA1:4CB2BF236B340AAC0AD1B8D01D93C740EB97788B
      SHA-256:2E58EFE5633ED2F76C28F41A05F0EE09D1BF463862F85919A2E5928D0769DA96
      SHA-512:18CDBA779B26DAD6D989CD848ADABD2FC7759DF8C6AFEC1ED540A00A2A15154103D588899755C8DCB0C9B71A13650396D47994BA0BDDA3F4356845B49329DF47
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="VerifyRemoveDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;verifyremove.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048576" Text="[DialogBitmap]" Order="200"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Back" Type="PushButton" X="45" Y="328" Width="56" Height="17" Attributes="2" Text="[ButtonText_Back]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Remove" Type="PushButton" X="350" Y="328" Width="56" Height="17" Attributes="2" Text="[ButtonText_Remove]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Cancel" Type="P

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\VerifyRepairDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4276
      Entropy (8bit):5.4635349331885905
      Encrypted:false
      SSDEEP:
      MD5:5BEF75E806C10680C74624C6D5E26CD7
      SHA1:EC4F23CD7D2CD9C81833004CA9FA4B3126FC26E2
      SHA-256:DAAFCC6BAB3D59AAB65DA58BA5C503734415822A3DCDB070B3C18597057D04B0
      SHA-512:D431EF25924B4F3052C783BCADFE02E8D17A672EA142E646446049714BEC44CCECA1AAE000A4F0732BE77AB83D8FEA8F520C3F6001EC64E062E496C95BA6BA37
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="VerifyRepairDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;verifyrepair.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048576" Text="[DialogBitmap]" Order="200"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Repair" Type="PushButton" X="350" Y="328" Width="56" Height="17" Attributes="2" Text="[ButtonText_Repair]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Back" Type="Pu

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\WelcomeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3067
      Entropy (8bit):5.430725793108296
      Encrypted:false
      SSDEEP:
      MD5:C5F1C4B093B6F2402C52DF0E1D1336DA
      SHA1:1383786F5E17E1E8DA178636D38AE86E0A2EA1F6
      SHA-256:034B1C505356B77FC1D6358871EE587F3CA5A332756F60CCFF3A4E688BD8B2C0
      SHA-512:C47A59F7CAB1B11B9CFD95DB850D943277354C845F13207A0A02028B6C133BFE9B25E2778F7C35A9877C2AF63D74AECFE3C9FE1291F9596A35F8118F45839A6C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomeDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;welcome.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="WelcomeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="450" Height="360" Attributes="1048576" Text="[DialogBitmap]" Order="200"/>.. <ROW Dialog_="WelcomeDlg" Control="Next" Type="PushButton" X="350" Y="328" Width="56" Height="17" Attributes="2" Text="[ButtonText_Next]" Order="300" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="Cancel" Type="PushButton" X="450" Y="0" Width="0" Height="0" Attributes="2" Text="[ButtonText_Cancel]" Order="400" TextLocId="-" Options="1"/>.. <ROW Dialog_="WelcomeDlg" Control="Back" Type="PushButton" X="45" Y="328" Width="56

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\fragments\WelcomePrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3586
      Entropy (8bit):5.44025449091178
      Encrypted:false
      SSDEEP:
      MD5:3F0AD196B609C2072963D6F18E07BD67
      SHA1:689F3683C83350B0B9B33E45E2DBE7C3401F631D
      SHA-256:DD9A2D9C7BCCAEC817B6FBAB6AAD503E22F5CC195CCA87900A647E760E8430B8
      SHA-512:FFC0665FBB5F6FE9979B45F75B9C653474043DC6D89D5A64F54983D8ECE3DAE4C02C69C7BCA38CA098956A5EB72B79E67FC4362606F67B19FF2F23E2D6742655
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="WelcomePrereqDlg" Sequence="250" Condition="AI_BOOTSTRAPPER AND (NOT AI_BOOTSTRAPPER_RESUME) AND AI_MISSING_PREREQS" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent"> .. <ROW Property="WelcomePrereqDlgTitle" Value="" ValueLocId="Control.Text.WelcomePrereqDlg#Title"/>.. <ROW Property="WelcomePrereqDlgSubTitle" Value="" ValueLocId="Control.Text.WelcomePrereqDlg#Description"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomePrereqDlg" Control="HtmlHost" Type="HtmlHost" X="0" Y="0" Width="450" Height="360" Attributes="3" Text="file:///[&amp;welcomeprereq.html.742DA8B7]" Order="100" TextLocId="-" ExtType="HtmlHost" ExtAttributes="2"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Bitm

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\back.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):328
      Entropy (8bit):7.081995090148156
      Encrypted:false
      SSDEEP:
      MD5:83761B322AD9338898FE8B88F67C311D
      SHA1:944A11F27A00084B7D3991B9644DE1104A325C60
      SHA-256:CF85A95BBC170E3408BB5E6EB0594F0D21F6E94BFCE0A3BBDEC8FEFA3927624C
      SHA-512:E8BCDFC3BAE41AE504C0F75E68FF300D35FAFA742C223A7DD2F097EF2B91E7CC27E9E674C417EBD05A8A877BB3DE344D5DBACF880B53FBC928CBD1A8B5CF2D08
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..A..0.E3Il...gp...x.W.....A....z...;..Z.46.8....T4.H&..!3. ".fp..... .^..A....'..M...X{.E...P....#...$.&.......BV.f...26....6.....E\..l.<.....g.:5.r.(........^,....>...jK...H...z.,..R...;..~\...J..F.(Q.....8.J.....%..b\K..y.....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\browseiis.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3432
      Entropy (8bit):5.020576124111816
      Encrypted:false
      SSDEEP:
      MD5:67FB12653A6D2A3876CCAE2DACC9B940
      SHA1:1268C329F9E5A26B8C08C7A749B99CF662F376F8
      SHA-256:9AD95640DFE67F9675F8BEE75A6B0A6DA69DFF188FA2E82A84B362E4AB3BDD36
      SHA-512:CAE253BE37A55827B2F83FE4F72D50F5C83516E116E5FA1059EBF619DC880DF311C649F43BB388612F58C8DCB2C47A78441A2E6B364A4FA89B088166078EE50F
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">..//hook the window load event ("event" argument will be automatically populated by standard browsers)..//background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("WebsiteLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA',

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\clientserv.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):5064
      Entropy (8bit):5.0093501667647535
      Encrypted:false
      SSDEEP:
      MD5:E6E3C95934E0BC39128FAD5998CDFF84
      SHA1:53EB38139040CAB0AEC7BE52EEBB84D9C7A21CEE
      SHA-256:5CA12D8FA77F0056C1662AF334CEECAC5943066AF8A2EC32795D73D91826D132
      SHA-512:2404500AB60B57086B8B94B95A8B7D9CB3289A12E8CAC4DEE976EF8D92FB52B219AB5C9DB8564317DB885E63FF80A935FA6CB3F2B202C9AEE1F20976A07B793D
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Choose Installation Type</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. $(document).ready(function() {.. /* START XXX */.. ResolveTag("p");. ResolveTag("h1");. ResolveTag("span");. ResolveTag("b");.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVec("BannerBitmap", a);. ShowFooter();.. /* END XXX */.. $(".install-now a").hover(function() {.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\diskcost.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3436
      Entropy (8bit):4.918418919468564
      Encrypted:false
      SSDEEP:
      MD5:F8B7FDB7EC5BF6DA5DEC97E40D63530A
      SHA1:7DE5D337935116301D80CDD58EBB56275A6DF6C0
      SHA-256:DC0D42310E375B59FA9437CD3AAE51019AB71F2BB6F1D79D74ECFF22039E5B45
      SHA-512:6C6D6A5FE081A85B6F7F625955E014D445D4C537221097FABD81CE396CEF1AC206A03656EB56230E0893B8A8B208E959E76E17D26DF6504B3B3F8C509557DC8E
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.... var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVe

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\extreg.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3738
      Entropy (8bit):5.047781519796651
      Encrypted:false
      SSDEEP:
      MD5:E6A7319634B944D15C7611BD4AB11903
      SHA1:6AE9A10B4280D51EAB1BC5A165339BEA69FB1177
      SHA-256:CE66756A2387E3EA4122BF322BB2397C45B2A5AF07381BB97E8B3BC7139DF62D
      SHA-512:0D39BCB09AE57668D03FD630E76619429A3ED4A81CBECE61C435C0F8656B275855D7A2FD5399B05D8D6E60DF2AB90C292F5C1E66E000FE3A7CA4A0EE9B857011
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("ExtRegLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.... var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cance

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\fileinuse.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3218
      Entropy (8bit):5.088875353851041
      Encrypted:false
      SSDEEP:
      MD5:51A8565015A1D11788E3D845F25368F8
      SHA1:306E10E145212CE4F795167909EC5A889DF66D06
      SHA-256:789624BDC44B2280F19D4B77E066BC44BC84FD55DE10D629B1FA3CFD93EB3CAE
      SHA-512:1D94B5F465825283F2A45620DBF142DF4BEF27C5FC75E184D9D3AC77E1C333A2E68EB7795E5A5BE2E8E06F98B3CBF2009F79D9DDF79CA4C06444C35879E48CAC
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVec(

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\info.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2031
      Entropy (8bit):7.887633678038511
      Encrypted:false
      SSDEEP:
      MD5:55385187C49B934547C6A58AB1371E69
      SHA1:61C213F2A64E0FCC61CB17A309358FCDD0DD6F29
      SHA-256:84E083E6E1E022FDDEE69184F50F2205DB0DA6FDED8AD4C40C46EE7B7E171BAE
      SHA-512:61BE6402745ADFAB97D01BD4471A11B7D9B96AD9BD6CCAB06E1F5D62198B17803A70AB02ACCE8599FB82BDFBBE3216CC37CE1A267B21E1015164B1D23E5EFCCE
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR... ... .....szz.....IDATx...T.G...9z..`.PD... ,..u..!.0.U.rE...k@D..#.!. k.......b.F!...Y.Bd..+..r...s.\..`^.a....b...~U.}.u!`.6.......knl6...0s:..D...r)............D,..r..q...l.c>..G_.7.w.....o...)...Hp.C...5..aP.8...Y0E.c.......U..+}.G...... .`)Z./...wQ..{b..e.....@.":i...S.!...bR...N...gKj.[K...4T...2.`.*..N.}\LX..{T|S'j.;....@......5.,`....$.;e.....zc..c..y.b..P:._u...xa.d....J.h.....O>..j..&.W..xc.....I.......Wr".z.<V...9.'c......K.......0..4&.../..>..sj.d.......c._...ge....}Y.......GU5H..:..>ST.....1c.X...>.+fo.vepb.>.L...X.....M..g......u.......'e.6....Q........1.zN.P.4...HQYv4..Y...KI.4.....].!.~.Z..H..:M........Fd.....X1...R5.9.^.+.....m.....".O*.U..01.....e...5F... ..I#...L..n.B....2..G.#.c.|........<q.....g.K".0:...q..F..........r.Q..l0.x.....B..y.$....eaQq}...#B..|.W....U.B&$......WT.['d.DaO.1.....=.x}..U>.:..s...W...S........R..N......`.8..J....u.._J. .V...,.L....#....A0g..P..Eb%H.*r..>d...|...!.Pf0..@+h.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\install.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, Unicode text, UTF-8 (with BOM) text
      Category:dropped
      Size (bytes):4860
      Entropy (8bit):5.0238318273713585
      Encrypted:false
      SSDEEP:
      MD5:FDE41F0B530CE96A8A47CB925E73FBFC
      SHA1:0A9E8E78A3A999048DFB2FB932BA4BD04ECFE240
      SHA-256:4998267292ABD06E8D876358B0F375CC02C10271431033A41615EADE428AD48F
      SHA-512:E3A7AB64C89208B059975FC86092848BE21FEBEE512A1C616D7C3307716C05D8E385FD12A4DC10BFC7F6376ACBFBB0C4CB1AFF0E86AAD105C149D56441D8C323
      Malicious:false
      Reputation:low
      Preview:.<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">.. function UpdateNextBtn(). {. if (external.MsiGetProperty('IAgreeInstall') == 'Yes'). {. document.getElementById('rightBtnDiv').className = 'buttonwrapper buttonwrapper-right';. document.getElementById('rightBtnA').attributes["mydisabled"].value = 'false';. }. else. {. document.getElementById('rightBtnDiv').className = 'buttonwrapper buttonwrapper-right buttonwrapper-disabled';. document.getElementById('rightBtnA').a

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\instances.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3968
      Entropy (8bit):5.0200701473458045
      Encrypted:false
      SSDEEP:
      MD5:AC6F4BE6F1EA19EFE8445DA3AB816A02
      SHA1:F4357F065176C5BAA5B7D185251B64B7A541855B
      SHA-256:3E5E5BF8C9C5EB38CD5152D1A6731AEE7EA95A2ECA12D7AD43AE350E2E5F3AB9
      SHA-512:F16C23920E19F99530DDB3B696B3A1611707EB19E2F8EE4B0F6AC01DF193F3A64B21D490DB93ED835A0F7E9F33BCE97449D731F1A0D84971051213D4B5F57444
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */. . InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. . ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackG

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\language.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):2943
      Entropy (8bit):4.9962848971886915
      Encrypted:false
      SSDEEP:
      MD5:F20F4606C3B4DB61874FF9B5FDB393D7
      SHA1:1C074A1788589DA2D88BABDED7D3B4C1F5050565
      SHA-256:760D317B48AA7DE3449C799097A8C32E4C91D9AB96E740392F2D869DCDDE1666
      SHA-512:2494337FBB9F083733B6DB96F2FC997460A905D6B5857134DF99792E821821A826A84F34859409C58F0395A1A712FDE018DF018A97CB4C65FD60229E62A229F4
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("ReadmeLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelB

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\maintype.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):5064
      Entropy (8bit):5.019015494932366
      Encrypted:false
      SSDEEP:
      MD5:A987057CE2BD54CA5B83C5D4F5197CB3
      SHA1:CAE1AF204B3B9489BA0584225879CAD0158AC440
      SHA-256:6164B84CD77EAEF05410195F18205C8B9CCD0EF1605056E81FD85A799FDA41EB
      SHA-512:B835EFCBEFAB5EB100627670A0D7AFD2C780C182FB2605ADD98B878748F946CBA0AE3183BEF96C644622B2A0646FFBA3CC229BC2D0E5745A900BC28E4451F3D5
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Choose Installation Type</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. $(document).ready(function() {.. /* START XXX */.. ResolveTag("p");. ResolveTag("h1");. ResolveTag("span");. ResolveTag("b");.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVec("BannerBitmap", a);. ShowFooter();.. /* END XXX */.. $(".install-now a").hover(function() {.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\next.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):333
      Entropy (8bit):7.008096667530893
      Encrypted:false
      SSDEEP:
      MD5:218D569DDCD386ED30F473AE41ABEFB2
      SHA1:EDD0AC3A4B1D507849F38DB6FCBC96FDF6CE57EE
      SHA-256:BF10631897F6F98AADDAD54E461BC51C82F4F68CE3E6CF0A33DA473091FBBEE9
      SHA-512:593E341C2C52BDFD74F02498E508AF9CA92301CE23EC04634D9FCEF5889CD54F568216CADFACF62B8E5BEDB4D2EEAF11AD16D4AAFDFB4E4875D22F77E63CFE65
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..S;..1..o.b...z..k.....Xx.;+.. X..A.T...||.V..A]..d2..e..ZkI..H..s....#\...`.... .6..X.....ZuA.........D..9.....1w../....*.%-........)Y.`.....->.9..W.......c....+/...^.......'..H.-..b.....s..AfV.J..~..SZ.P{.._.A.."4DOs..t.`...<1..S5....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\optfeat.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):4139
      Entropy (8bit):5.045214317358572
      Encrypted:false
      SSDEEP:
      MD5:B2B2569A9C1894F25C9881959C30EB7D
      SHA1:01995C3B247832CF927C2A76A20998FC9094086C
      SHA-256:A0F4BAC25C40CC60F209C251F66BB2D646657C9B990D14541A8D96A214384986
      SHA-512:0C83B44E076873E888F37E869AF85B732099D3B7F174C509FF77AE2771FD53DE0078CB5D2AD9044DA36371979FF7C925F92F9335C9037F9FEC210EDE43FDAC24
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("OptionsLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. UpdateSizeText("PrimaryVolumeSpaceRequired");. UpdateSizeText("Prim

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\prepare.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):2488
      Entropy (8bit):5.147344973631347
      Encrypted:false
      SSDEEP:
      MD5:0236EAAF36DE0E3DB9CBF1DEA086E22B
      SHA1:02E02E00691DBEB2982E1EB57915016F757EDFD4
      SHA-256:44A49BD8AE106DF3937773E7516D72C5B6FE48A34188D5FFC30AF43E4C72C821
      SHA-512:7167E5194A846C112A5EFF023BAA43C5AD12337AADD62DBE37E36BD591328C0230D3AB72C7A71B667E8C5E07AC885E9A8D1A7EB65A4075622AD7C2216B74C280
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("WaitLogoItem", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVe

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\prepareprereq.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):2500
      Entropy (8bit):5.15144489273471
      Encrypted:false
      SSDEEP:
      MD5:9D2B719120AF098837923E2D0D8E0EC3
      SHA1:7BA31C8D17EB28491955C4FB8E73BD2E7F23892D
      SHA-256:7CE5C9B9B14171837CD6D3BD2265931220DEE86D2A343C8F626B5CEF710036F3
      SHA-512:332A50AF2AC10158DE20656E98C071B109266227FC292B0414282D6822598FA9C33DA84754DFD12D4B239EFEBB9607C905664936B7BCA6E741ECE94C8DE046C0
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("WaitLogoItem", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVe

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\prereq.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3435
      Entropy (8bit):5.018778649338925
      Encrypted:false
      SSDEEP:
      MD5:C09071184C473A0A5F4553C9A754F8BF
      SHA1:534F2D3F54AE8D533E1E6C5EB2707002BD7C4E1D
      SHA-256:4F4EFAEAEE5410A5A5806D127A66BBDD1FFD847E489B67FD61B815E9A30C12C6
      SHA-512:B71CA40115F556BA22328577D74071FACFD71A0436ADCF415C062B88AEBFDE950CA33D50B20B030B7DBB5B04E84432B174CBD5DE4233F9C5AEAFF748398CE4C8
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">..//hook the window load event ("event" argument will be automatically populated by standard browsers)..//background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("PrereqLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA',

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\print.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 24 x 48, 8-bit colormap, non-interlaced
      Category:dropped
      Size (bytes):1165
      Entropy (8bit):7.187286410691409
      Encrypted:false
      SSDEEP:
      MD5:6EBA8BE90B2A7FA5A9768821ACA1BF41
      SHA1:80A8A435CB6BCC09329C95FC797A1652584A6B2C
      SHA-256:6C6CE3E41F4EE252B631FBB75DC87F63A385F4FC0D88E98C4EFBE038CC2D12A6
      SHA-512:1AD3FB9011752C4CC960ACD2CD1703BFCD502881A357FB03150C9330EF933F8D124E7CEB10390BCBC53165551B60880CE0A6D6771B5FB451E4EA9CCFDABAFB06
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......0.....<VJ.....tEXtSoftware.Adobe ImageReadyq.e<....PLTE......opy.............................................................cv....y...............h{.s.........cw........VVWSTTm..rrr...~.....bde...oor..............mmn.......~........q.....rrs......jkkkllxy......................i|............................................u..jjk{..z...........[jyccd...............S^j...}.....py.......aab...TTU...wwx...zz{P\h............~.....Xhw............w...........qz...._s............hhq...............tRNS.............................................................................................................................................................IDATx..WW.A..g....n.#![ ...jL"F..E...`..Xh.......nf...:.{&w.sx.{....C...'.=u.....7A....pY.E..,..)...A.[P=q..[...[P.R'....ZkA..Eq.4Mlg...QE.(....]Q.MT1...<d>z-.f..k .Q.....&|.R.........JH6.......p5.k..<.D. .C.oN..&.#....M...W%...$IL.S..o..{...........WUUe.,g....(RG.xF.e.u..$[.hM..e...p.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\progress.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, Unicode text, UTF-8 (with BOM) text
      Category:dropped
      Size (bytes):4318
      Entropy (8bit):4.917324499786319
      Encrypted:false
      SSDEEP:
      MD5:E6DEE14579D1EEAB87BA01CD562591B4
      SHA1:DD5825471C2E146A76641C2C7A2822598A20DC2F
      SHA-256:4336790D888F56519E34E4CA99C93EA53F69895C886EE59A9D19F606BC6CAE0C
      SHA-512:DCCA705DF245346CC60AA67954DEFFD5F61D7ED3DEAAC111DF605A649F024BBE535663D2368CBF1E548ABD1EC0A3CD97FE7D5BA12633B74B001E323C70190511
      Malicious:false
      Reputation:low
      Preview:.<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />. common links-->. <script type="text/javascript" src="jquery-1.3.2.js"></script>. <script type="text/javascript" src="common.js"></script>. progress bar links-->. <link type="text/css" href="progress/progressbar.css" rel="stylesheet" />. <script type="text/javascript" src="progress/progressbar.js"></script>. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function () {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("InstallLogoIcon", 'logo

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\progress\progressbar.css

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):388
      Entropy (8bit):4.602481116077253
      Encrypted:false
      SSDEEP:
      MD5:0A524F0B0D68025A96F12BBE88DC510C
      SHA1:887E797D68554757929006F268908586CC030905
      SHA-256:B479BDB9A553199D3F9FCCB056F8561C0D1FB5FEAAE99B7C737D092B9BEEA480
      SHA-512:5BF8CFB31E6BE5BC7627415E62018CEB560A90ADCDB5501DA1335530178A5B2FE1AF33600F5B9F5CC9C3882C961CD1666F7AE25C9804CA67FC137FAED8252849
      Malicious:false
      Reputation:low
      Preview:/* Progressbar.----------------------------------*/..ui-progressbar.{. height: 20px;. text-align: left;. margin-top: 70px;. border: 1px solid #aaaaaa/*{borderColorContent}*/;. background: url(progressbar-bg.png) repeat-x;.}..ui-progressbar .ui-progressbar-value.{. margin: -1px;. height: 20px;. background-image: url(bar-bg.gif);. border: 1px solid #aaaaaa.}...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\progressprereq.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, Unicode text, UTF-8 (with BOM) text
      Category:dropped
      Size (bytes):4330
      Entropy (8bit):4.920302687251263
      Encrypted:false
      SSDEEP:
      MD5:C233846FD41A5A9C1D88167686C54315
      SHA1:63DD47C7442EFF703460F35C6A4E283F5BE401C9
      SHA-256:FE088DEE0B25172CCBF2C08FC3CF08705A0B1B9ECB94C8138668393273A27EA7
      SHA-512:8D6E64681AB9FF21CE4B936BD615762314DB79D781B3C0019159D64BCD6073FE2EF0914EDB970F7C738CF8098B4D6FA32299789D6C6D968FBEAE3D2502E7EA15
      Malicious:false
      Reputation:low
      Preview:.<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />. common links-->. <script type="text/javascript" src="jquery-1.3.2.js"></script>. <script type="text/javascript" src="common.js"></script>. progress bar links-->. <link type="text/css" href="progress/progressbar.css" rel="stylesheet" />. <script type="text/javascript" src="progress/progressbar.js"></script>. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function () {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("InstallLogoIcon", 'logo

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\resume.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3334
      Entropy (8bit):4.953432997298023
      Encrypted:false
      SSDEEP:
      MD5:8E692684E6436510CDEE7608C88E83B8
      SHA1:BA83F90DF9957B4FE0CADC633D1DB1F385CDB8E5
      SHA-256:27A78D8EE010612E7CA7CDE04F1CB2F9C15EE0BA8FF8F439EEEE4F819241D1E5
      SHA-512:79F27FE0DE17F8E9DCC884FFBF368B2D98390FED3D008714D9D741403C388F456B77FB402CDF32C5D84490C6A02215C6BDBAC17577A6CF29E0E5BC7EAF675070
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">..//hook the window load event ("event" argument will be automatically populated by standard browsers)..//background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("AppLogoIcon", 'logoBig');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA',

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\sharepointlog.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3180
      Entropy (8bit):5.013370137402382
      Encrypted:false
      SSDEEP:
      MD5:7DC6A7FA9DD1DF67E64B43BCCA1EBA37
      SHA1:E271BAA7F04E1DABDF62AA3CAF217F938C3C2188
      SHA-256:1824EBF62E5E0894C05EA6345F0B3504A773D6E384DBDB83C30AE58807D830EE
      SHA-512:53ABD72CAC38F2F043C4D7A8BEC9ABFA55B8EF90B658210D674F572F2D20DC9055927B5DA6C2FB3EBD24EA868D4FE351822A57B15BBB81E7E5625046095046D2
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">..//hook the window load event ("event" argument will be automatically populated by standard browsers)..//background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVec("Banne

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\shortcuts.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3156
      Entropy (8bit):5.014267500159579
      Encrypted:false
      SSDEEP:
      MD5:F1CF423F77F55A66B7A25F50CB40F79F
      SHA1:8551983CE035C25648D445C60B6A2983540BD443
      SHA-256:0C12A83840DF7B13F8DAF5BAAF6F576308638D03A7194F5C6DCA61F67D1545B1
      SHA-512:452ADDC63780EFB9649C5C781C37A209E4EB46AA072952D66C3C1468DD96255C360FB916482EF234C3A95E7A70DF93DDDF77BB48899E86BC078CAD1A6A311FEB
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("ShortcutLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundI

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\sqlc.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):7595
      Entropy (8bit):4.868673007215903
      Encrypted:false
      SSDEEP:
      MD5:CB5C91774FA0125670FFFA855F115E22
      SHA1:07DFA1190952E2622042F3B296BF744DEC126124
      SHA-256:A267286AB555E0D88F09FB73346AF0F8DE30D8B0A27B86D27EDEFA81037CD0DF
      SHA-512:D3738CFE92EDFDDA361105FDBAB4C2DDE42116A468484159DE99BEC2C2D58632C94D2C1DB46375C123D6BF8420327C00E0BA1FAD96984C98E3A494FF80DE1778
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">..//hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. //ResolveInput(document.getElementById('edit1'));.. ResolveTagValue('input');.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("SqlLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. ResolveTag("label");. ResolveTagV

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\sqlserverc.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):11092
      Entropy (8bit):4.944048445805266
      Encrypted:false
      SSDEEP:
      MD5:A5C174C03C9690874990E497993E23DD
      SHA1:5AC145B74683183545E7B58EE500504DDA6D6DDD
      SHA-256:272B61B1706E79A9776BFD4DAA614B927B6E0F5A0D08CDCAB1FF8596AFFD1A27
      SHA-512:E8BDB5A091806E18EF7B9EE3896F182C81561230CD854525395ED724647D1173C8DCF38C2FF615EA364FD1596ECAB38C071E9D177FF476944BCC9DFC516D5283
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. // ResolveInput(document.getElementById('edit1'));. ResolveTagValue('input');.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("SqlServerLogoIcon", 'logo');.. ResolveTag("a");. ResolveTag("p");. ResolveTag("h1"); . ResolveTag("span");..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\startmenushortcut.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):4795
      Entropy (8bit):4.96674860133367
      Encrypted:false
      SSDEEP:
      MD5:911A63DA2306D9D6642869B4DD669E44
      SHA1:ADF91D85879BF298D80C28978BAC1846A7DB8C12
      SHA-256:6072CFEE88C22A1EE711E2D085BB73F0466C80A570E130263E72553FB5F4EFA9
      SHA-512:23F3FB286087A81528A848463F01B6F9F1523C89DDBB5D939A29A012319577F25D561B55B53863E58C12679B8B93BF918B9D6A31FEC78270DF2004118D96DC53
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />. </style>.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. //ResolveInput(document.getElementById('edit1'));.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("StartMenuShortcutDlgLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. ResolveTag("label");. ResolveTagVal

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\tomcat.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):5234
      Entropy (8bit):5.1858477746133556
      Encrypted:false
      SSDEEP:
      MD5:A946B8FEE46F59037BA32887E358CAC3
      SHA1:8435CF3E8E0FC137277DAB8EFA9B81D5EDBEBFF9
      SHA-256:4D1864E6D29C14873E57E167CB40AE3621F14E9A66A6A989AA392E11F36D41A9
      SHA-512:40EE4B869D38B8CEA4D69ED50B7D03196E3CF7B546423056A154BB52D10B77C7A20E541A435183EA3BE2F934BDF65C8F1772AFE4BA8B4A7729F7B6D5006BB795
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">..//hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. //ResolveInput(document.getElementById('edit1'));.. ResolveTagValue('input');.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("TomcatLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. ResolveTag("label");. ResolveT

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\verifyready.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):2949
      Entropy (8bit):5.135354310145026
      Encrypted:false
      SSDEEP:
      MD5:258F9DC4BBE4F8E1716177CBF54300CB
      SHA1:F8B71064FBF7A8EA029AF66FC851F6B52CBA673A
      SHA-256:DCFFE2241B36C8F5E2ADCA6FBC37FC180668FCBCA245A566D5D84AA5593174B3
      SHA-512:7D94AF7E8FEC9EDA8C7799BA9F2BC729764AE2B2DCCE468EA77F8C889037E6F3129FEB2F5FB67301D7E7DFC6C163C42964B182265C41120F47884192911CB775
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">..//hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("InstallLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIndVe

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\verifyremove.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3331
      Entropy (8bit):5.10791782466281
      Encrypted:false
      SSDEEP:
      MD5:E3D07BA7AB4DBA1F9D28FFCE1EFC448C
      SHA1:07329665BDB0E2A362D12C6574C254C339FE3887
      SHA-256:F51EAB9B2AA544ECFEC7070AD6DACAADC28624542F3270CB9CD397CFB2F25144
      SHA-512:7CE6F8909CF33561B74FA6E5131DBAB854E1B8172EC3C43CF4ACC8B3FB8271000FB305390A31F73FB7354C8BDA5B35AF584321343A4ED3BF165902918F9C90B5
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("InstallLogoIcon", 'logo');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundIn

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\welcome.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3534
      Entropy (8bit):4.968555823880628
      Encrypted:false
      SSDEEP:
      MD5:3B081EA1A0AA70EEE7A2B6EB1C3A2D88
      SHA1:779056E642D45E5F485709C7126724CCB3A0075A
      SHA-256:99E281A07A8E8EC253A90C9FBC5D502D7B804B0C114345E02089F007033AEF32
      SHA-512:2C46E4F1E1575D3FA02BE6D8C37A2A5A0320E9092C2776F0E07083EBD5259439817DC1D984A5F30FFCB93B7AB86286A85584B36CD19E20A36C835FA4810C8FC2
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). //background: url(background.jpg) no-repeat;. $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("AppLogoIcon", 'logoBig');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelB

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\html\welcomeprereq.html

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:HTML document, ASCII text
      Category:dropped
      Size (bytes):3497
      Entropy (8bit):4.96812291938423
      Encrypted:false
      SSDEEP:
      MD5:279FEBEC3FB10DF9E21C1B191C768980
      SHA1:EC9DFE3D5B925302BDE8194A16993412F0BD43B3
      SHA-256:BE9D6B2EFADB122ECE0BAF791C93B47FB0681E6C9F56F55E897BDBDA92A4F851
      SHA-512:33B305AFAC075C6374951C0CDE468F0B835AE7AF68AF75777B1315BE2AB5DE175C3B7827849D5EEF11140F65060B001E2296A7FC3687D0D8D1A760EDD829CBD7
      Malicious:false
      Reputation:low
      Preview:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">.<html>.<head>. <title>Dialog</title>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />. <link rel="stylesheet" type="text/css" href="style.css" media="screen" />. <link rel="stylesheet" type="text/css" href="varstyle.css" media="screen" />.. <script type="text/javascript" src="jquery-1.3.2.js"></script>.. <script type="text/javascript" src="common.js"></script>.. <script type="text/javascript">. //hook the window load event ("event" argument will be automatically populated by standard browsers). $(document).ready(function() {.. /* START XXX */.. InitPage();. UpdateBackGroundInd("DialogBitmap", 'main');. UpdateBackGroundInd("AppLogoIcon", 'logoBig');.. ResolveTag("p");. ResolveTag("h1"); ResolveTag("span");.. var a = ['leftBtnA', 'leftBtnSpan', 'rightBtnA', 'rightBtnSpan', 'cancelBtnA', 'cancelBtnSpan'];. UpdateBackGroundInd

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\aquamarine\banner.gif

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:GIF image data, version 89a, 500 x 304
      Category:dropped
      Size (bytes):9534
      Entropy (8bit):7.936204745516216
      Encrypted:false
      SSDEEP:
      MD5:0899980086BDBC1BC0D3B3A3CBB3BDE8
      SHA1:B9E045A5AE36448BE0BA71D7408EC8C0D58EA09B
      SHA-256:E726F35857477D7881EB9E32C5C77066492638C016416E606C7E598FF02B0F70
      SHA-512:542F3A12E9F4D7963837A6A29339E66377298D5516B1AAC57BB06D83269D7199D0695D5752ADB7CC60D93CCC24F6806BC84B3F437CD07C0FF0D5A22D1F51E54D
      Malicious:false
      Reputation:low
      Preview:GIF89a..0......y....#..3..#.{.........s.......T...vk..............'.e.......^.....aP..{..........|r........x.....|.lZ...T...u;..*..E..-............D..[...vc'...ztn..B...........X..ic.....s.......sk........Y.....2..J...d].eT"..9..................fa`.....lfq....n...>...zf.~j.....................<.......?........K........bR......O.%.....k..?........Y....!..g..T.J....^..n........5..D.:..*../..b.....r..u...hX..................D..j..Z.....w..............(.3..n..{..~....8......................................>...........I.....".-....O..............`..e.....U..s...........................b..............gV.........f........n....\........#{l4........`U...........0.....t..q..a.........a........m...n^.q_r..&..`.f..........~...\.....oh..xP.....!.......,......0........B............#J.H....3j.... C..I......c7A..0c.....8s.....@KzI..B7dH.*].)..P.J.J...A.\...`......h.]....o...K..].l....._... .L......]....U..8D....3[.....-J.C....S......y

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\aquamarine\bar-bg.gif

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:GIF image data, version 89a, 48 x 22
      Category:dropped
      Size (bytes):3808
      Entropy (8bit):7.464896640891978
      Encrypted:false
      SSDEEP:
      MD5:4151EC865BDA71C841A677773B60AC2B
      SHA1:03B161726F65BB3F19B8149FA2641EAFBD576735
      SHA-256:B2FDD6E6E320535618C2E6E7A3B09C4901F7B04C57CFD5A98817AA0C4474F40F
      SHA-512:E2063D4733121E0C0F7F3E294AA63AE2EDFD8BD376515D47903FBC0379B9FAD7039DE55F20D74E2A83B91245624D68886908B32F7855FB243165B443A4DA9508
      Malicious:false
      Reputation:low
      Preview:GIF89a0......M..N..U..V..X..[..\..^..c..f..k..m..q..y.......!..NETSCAPE2.0.....!..Built with GIF Movie Gear 4.0.!.......,....0......P.5+.6/..`.).a.&z.)...".B..^.....P.......QaR....6....,v...d.x<....AQ.c..IY....-p....w._d.c.+Xgomk..wOusOM.0..{.....a.~g....81..8..8,hj.~~..............o....1.Gk.......j.*...............>.?.................&.....'...6..-..K..*L. .....y#H...U0^.@...G...GrdI..S.\...@y.A>...=....I..O.-y..wf.F.8m".....*..l*...Fmf.HUg..!.......,....0.......G...1..w.'Z..(2.......16.g.%J.W.C.g.......[..G..IQR).+..8(.?...p.W/X...............#.zWmwp.|n\..~?mxI.D.Z...l.......\...5.\.....g.T..!.......,....0.......9...8.._..`...b.....A. 2...a.g...X..:...Q...K..KF-.+.h].\.s....Q@@p}...=@...@<....wt.Ky~O.<yt.....m....8....?.Z..4y.W....sZ..%..!.......,....0.......I.8...`.(HhJ.Q.`w......6.k.)/.Fp..%..q.......A.P...f..`..E$.5o6<..../........Q?..G.|Yoyr.~p_...n.....Bo...9._.......5....w_..9..!.......,....0.......I.8...`.(GhJ...!..,(.p,*......5.d..urB...$%'.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\aquamarine\buttonimage.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 432 x 38, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2858
      Entropy (8bit):7.859212783263444
      Encrypted:false
      SSDEEP:
      MD5:AF1E3C9310809DE6143BFBEF994C319B
      SHA1:DFA831D0175B879F3C7E33983F66E6C3A7B4672B
      SHA-256:6693C11013304FFBFC34BC541A9AC6012665437B56EB08A9D6AE6C26A6C38738
      SHA-512:1FB9D73605919C33775C4FA2A366625B96947228E3323200FCFCDAC1EA899227C70A730012B48F278F19BB2A9B29BFA373D16A295C203B91E2D6425962E61798
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......&.............tEXtSoftware.Adobe ImageReadyq.e<....IDATx..]]l.W.=3..uc.X....(i..j...E.*...Z.4...xD...HH}.R..T.*!.."5PA..B. !...$..&......n..g.\.wgv=3.]6k.<.fg./...|..;w.].~...G>.cs.6........-....?2...g_.c....q.....~q..y.\.....C|"......G........[W..7p.UO%*.#9<.k..O...|....D|z.#......#b..i6.X^^F.R.|Ncd2....c...(..0"......u......QQM.O...O7>F....2.....g.X....0f.1.J.j........u...1.........w|ir...5..L>......Z]..^1.|......?'..........;..F.:.!......_..<..s...a....x.a.?F..h4._.p.SSS..s.\*...<+....8|.0...)#^h...G....?e7C....2y/..5....V.#...[<.[..|.8Asj....0Q(..G..s..E..86....8S...v...}.>&.^?}...U.h.....s.,\.E....}4[-.....j.....?v..........I&....%.B....}..C....l....U<Y..u.c.n......z.."N.9.%3...=.2~z}.#`.?c+k(.GQ4.V(...........#..6[........x-.?.:..<h......ann....`u......^3...S..?[....J..l...0.W.jcs...j..1<....#Kk^k...?{Gr(..(.....q8;.}uL........5..}....:.^..R..Y.[......X.1G...L.MP..$F..gCJ...I4.x.....r.<.<...2..0g.{0-.F..k..G...`....N32.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\aquamarine\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):15006
      Entropy (8bit):7.550861173041277
      Encrypted:false
      SSDEEP:
      MD5:F96E41B38D7856F26D7CEE6BD9A60B36
      SHA1:0C92189F043C20FA29C45E4916159078003711D8
      SHA-256:6E0837B6F5132DD20337679224F7FE8F462D85D9C3B9E71975E7FBFEAEC96F21
      SHA-512:C2A2999E4E4CA3C863D1CE46AD8E0050249FB05BBB8726DCDCD05BC311C62651CFA88422D114BD9AD1D5EAC1EBDF5969FD2FBB6616FA91990717D0ACE51572C3
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X.......................................................................................!1Qa..A.q"RS......2...Bb..#3c..r...4.C.$t.%.......................!Q1..A....aq...."2R.b....B#.r$3............?...N.s...p.x%........eB.&QQ...*..+.......,n..j|..,.....}.r.8...._..]..b.g<..........s.]........'Fw...7...I.7....Y6.o.n.....e..\.....o..tcl..mY}....N..]..)......4.E....[VOy..:..w.z.....4...v...\.....'Cl...e..-.}....vof|]..r.b..\...o...G...>..../..t6.../...Jt]..>.......t]..>.V_yw..y...=..N..w.{...K.fbw..<.^.O....|.....|e.q.f.9....9V.{.9=..r......Oyw.7.yEr..4..]......./...bf<!0................?{.G.l........4..D....F......).....V_{..o.y../...I.....Oi9:...u.e.3.t.ng/...e..3=>.M.ffz.m.)^.NYw.y./...I.....N.....).v.../...I.v...\....".yZ.=..N.\...'...N.s.U..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\aquamarine\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):10666
      Entropy (8bit):6.792130960434744
      Encrypted:false
      SSDEEP:
      MD5:91067D06612141F8F1245C9F2E4FF4DC
      SHA1:3CE2424C654CAE04FB59679E69D92C7CAF95B707
      SHA-256:30544B6162910646E86156638F8C23368B6ECE6A3077CCF84C4731099AA77405
      SHA-512:5FFF84DA61E271098088E40D311F57CF7ED1FF8A51C36226A4A9091DEA20D74483C5580EB59B9A59AF790E766AFD653FE0070CB4FB6DDE051375D74CBC2D3AC7
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X........................................................................................!Qa.1A..q."2...R..Bb.#.r.3c4.S.$.%.......................1..!AQq.a.."2...BR#$...3.............?..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\aquamarine\nohead\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x100, components 3
      Category:dropped
      Size (bytes):7485
      Entropy (8bit):7.896566120294235
      Encrypted:false
      SSDEEP:
      MD5:5935862462060502220B20D468F798C9
      SHA1:0F6D634229A85E092CF66AC129954FDB1ECDFE22
      SHA-256:31C70AA6501FB992464687DCC88620E9554BA1EBD3D99622BA0075D4EF0F73CA
      SHA-512:F6D50188B05912F263623FBE90F4EE1C89A11D1A063253D06E8D49D80050C35358FFB25776C7C910278857109934D8FF4B4AF9378C5D684AAE4EC365F70BADAC
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d.X.......................................................................................Qa!1..A..q.."2R..Bb.#..r..3C.Scs.$4%5.......................!1.A.Qaq2......".3$.BR#4............?...U..nV...%&.S; .ZI.\.l.J6.%......F..arQ..(.\.l.J6.%......F..arQ..(.\.l.J6.%...i........F..F..M....(.\.l.J6.%......F..arQ..(.\.l*...)v.B.T[T...3...h......R....).s.E.F.\...uG.I.Lr.Z.5h..h....gd..&.e..d.......F..d.......F..arQ..(.\.l.J6.%......F..arQ..J'".V...%....rV.i'!rRl.J6.%......F..arQ..(.\.l.J6.%......F..arQ..(.\.l.J6M.K.j...R...(.[..b...Q)6Z.6.+I..(.\.l.J6.%......F..arQ..(.7)MFI.R....$..Q...h.~m....X.e.G8...W..nJM.r.........l.....xe...h.%..I...L.@9ZH.7"..J6M.K..)6.%.&..7%....\.......F..arQ..(.\.l.J6.%......F..&.W.Js.,.Z.V....3....K..)7T.ZI.\.......F..arQ..(.\.l.J6.%......

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\aquamarine\stp-banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):3925
      Entropy (8bit):7.420385332273898
      Encrypted:false
      SSDEEP:
      MD5:4EA17C2E39EAFF17737CE03BAE32462E
      SHA1:DBECC7039D4CB2C102ADBC84AB81C34D6AA9BBE0
      SHA-256:B20379CAE02671E3376D41C40A266B95B929AD4F06CEC2153ED9AE573390C8C8
      SHA-512:EF030D137068CEB570ADB336BCB8821DBE7BA52D8FF5C9916FC904C15C8021F4708BA826C990CC619080AE6E32574D0136CB826CEF0D73A2399E3EAF05307EF0
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@...........................................................................................!1...AQq"...a.2B.#...br3c...CS$.T......................!1.A.Q".aq.....2R#.....Br..b..3Cs$..............?............................................6a............LC.l..0U..m..7U?}.OSK.[o$.ud.s....n....;.vm.....\..c..t.S...n..}.t.cH.g=....v.....?.@.774.0..S+x?.e.3....>......-..+.....d........l]s...!F.Y...~...s...wz.AB.k[.~].q.u..tY.Y.%.R...._.7".N)du....eH...me*F<...7)V.+N....\.....-......~U.L.M).4........_..W........EB.$.[.... .....U..C.>.pp...b.o...*|^}.3z...m..8,.$..."#..7Eu.;....6`.v.[.Y.:%.D..u..3t.!..\{.]...o....x.\f...V.M).I.7..W...........n.o......u...CA]..V.7....??^.K..M)}..7ou|.c.{.~.......)o.@....................................^o..#f...........!.!..j.-(6..6.."b"T.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\aquamarine\style.css

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):217
      Entropy (8bit):4.819234070643887
      Encrypted:false
      SSDEEP:
      MD5:74D1DF96297586BFF135EA90CFC6B167
      SHA1:C1B6644D3B4012E82484AA1B36A1F8F70EBD16ED
      SHA-256:1C5864CC24291F821D6F24D2B7B3E5911E30D45AE2ADB0B8B629F9EC7D8923BB
      SHA-512:2855B80476F8A502FD74850EDF22BF47CDB6B609B60665EC5C728DC29955AB5B190AF6C3968D4D03228009536E542E8ECAB85E2FF7554ABBFCF6CA371DF1AFFC
      Malicious:false
      Reputation:low
      Preview:.#advinst-text, #advinst-text-shadow.{. position: absolute;. right: 10px;. top: 10px;. font: bold 11px 'Segoe UI', 'Trebuchet MS', Arial;. color: #83cac4;.}..#advinst-text-shadow.{. top: 11px;. color: white;.}.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\deepskyblue\buttonimage.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 432 x 38, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2287
      Entropy (8bit):7.857966595098062
      Encrypted:false
      SSDEEP:
      MD5:D116B20C30F4D886A8AEAB1BE60FCD91
      SHA1:CA7DD085A301072DAC4D5C1889F60182AFA5E69E
      SHA-256:2D52826D2932AC67B27F9B2DD7AC9D02111BA98DC10C5682ED67EA588DBDF2E3
      SHA-512:BFC6E05000EF5D6D568A193FF2D4C62F5C7520D3933F177440D5BB36A83FD1744985DF95326B92899DC9F5BDE5A1DA954AF4C654577DBBED4839374550292951
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......&.............tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Mh.g....F.eK..iZ;)N.BM.BZ....vYX.....X...rZ.....z).R.t? iCB!%......f....%...7.mY.h>.._Y.h$.c.iJ........y..W#......7GF_....RuV..#.....>[c...s8Sa...1.C...@_...=)/.....O.O.35.C...O.....J....u?.T....)..L..15.....e`..|..Z..8.VVVP,...X.eall.....d2..3...y...F.|Y.......O7.11.x.;)p..._....O.)3....D[.....Qaa.R.5./.0=...H...L@.......+.<.H'.w..p.....@..E.....^.T..o.\.........4.11.j.cW.\..={......q]m.7o..C..N.O.y..?....D...?=.g.D..#6.!....?.....(cy...4...b.....9.^...119.!....*&l......W..+.#.NaHT(9..<;@.VG...#..O.:..(.[\\..k..6....u....R.......c.....xh.....\...u..@.......R...q....>.S.C{.1>....`..%.....".Mci...?*u.....l.......m`.....!.O..Q.......l}.1...W.6....c....@...JS....fa..e$...<....j...t.~e...u.R...W...<..t...V.;.<6..J1..{4.X>.m!....+@{wY.J}wK.(.a>...W.....C....60...#....=..X>.I\....{%....."...5.......3.......v.z.9...U.#.|....>.h`q....3......P..;.....'k..Q.9..L.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\deepskyblue\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):18172
      Entropy (8bit):7.789165589612072
      Encrypted:false
      SSDEEP:
      MD5:9841C9CEE0FB758A57311F465EA81113
      SHA1:305E625882A470CD69AEEA39FC9B02636B72317D
      SHA-256:246E3374EAEEDA5B0D7F3D02CF558AD58AC927CD4E66F8984E418D962DA31953
      SHA-512:E0219F17EF4A66D399E5C203004CA6084D31B36805BF94B11A9E5A22CF8B419253D6EF6939900D77346292397DAE4673F5364A316A8704009E1424ADE582CDE8
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......F......Adobe.d...................................................................................................................................................X.................................................................................!1A.Qa.q.".......2BR.....brS.#.3C..s.......................!1QaA.q......"2................?....o...".<.3./.M.0.:...c0.P....2h.... ..!.(.J.................e.2.8%.h..................#@........../..iS..`.H.J.B..ij._ ..,"..@........P.............................(......................24.Q....k...l.fV(.(...a.N...@...I..@2T............(.!E ....y.....(.........h...................Wz#G...@H.S...j=.b.B...d..# .9..2i.2P.........@H... ...........y..@...............@.... ......{=.l...z...4@...U.l...by.R.A......`.4.........$.(...@... ......@... ......@...Y.. ......h..........24.@P....^X.......@yp......R,....X....... ...(..0........@........B.................. @... .........@....@..h.......s#F\P....;.a..d...%..P,O.......@

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\deepskyblue\head\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x100, components 3
      Category:dropped
      Size (bytes):12588
      Entropy (8bit):7.951708691023842
      Encrypted:false
      SSDEEP:
      MD5:716DF007D2243783CE2FFFD3ED978E6C
      SHA1:E4355A08F1EDE5FC1A81382AE1DC8F4FFE8BC2A0
      SHA-256:20AFFA92CB199A89CFD7D4A2DFE91501196A34F1623519DF781625FFC3FD9DE5
      SHA-512:8CCFC2D20655B49C3E35F75FCD24BFB41DB24F3A09C5C15BA311F4E68051925BCD7C888D07EAAE2BF9F73DE16553E5441B0522046CD16376C1C339CD60A06643
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d.X..................................................................................!.1A.Qa.q......"2...B#Rb3..r.C...S...cs$D.....................!..1a.AQ..q.......".2..B.............?......<.;#.xq......{...wj(m..B.f.`...0m../..`..,...l7.tc..-w#0..p.>V....;m..{.][T...Q.|b...$......Kx...9....&....nu8.FFo.aCyN......S.0i.=.8e..|.O.*a.cO.u..%9.U.......E>..d....,)qyFp.@..Sp@....C..(I...)........[z4&.|.j%&`.aq%.>)..0....f.\..x......=.__.j.P.Y.VO...........*D..\P....)...<4.B;KIg..k..r6p.......*.. (K.]...;<:#5M=.\....Y.V*...}Hv...x...4....IP...U.K<G...;...>Fz....U...8....j....}.qP..`E......2..@.fc...`.D.L.R&N.H...'.....A .=9G4.un.M.....!49B.*.0=.*u...O4M.J..!w.{.Z*p.qV..3...r.3..nX...:.1.w.DY{...u..[.M.7.M..5m...&..,......r.....87.L.m..9.p....9.3..f9!.8L.2:...4..0...a8.V....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\deepskyblue\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):17107
      Entropy (8bit):7.759511124209154
      Encrypted:false
      SSDEEP:
      MD5:162B9838330E88628D1A177FDC57E60D
      SHA1:B4E401C881FEBF42E6E37E8027DAE14F6C42E239
      SHA-256:27C0AD46C9A7946D306F57202E16318D64A7218DD60417FD2F81128D4577D565
      SHA-512:74DFF5BB66E51B109900E58C9A69C8A4E3EF29CC72F5B28937CF6616855C8672791FBC8C34EFF857C9D35D71EE68B4ABC3F925DA4497B747F26BB4D0CAF02EB2
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......F......Adobe.d...................................................................................................................................................X.................................................................................!1A.Qa..q.."....2B..R..br..#.3C..S.s......................!1.AQa.q......"2................?....o..y.3!4..&..Q.x.f.a...............I.P.....@................S.(.E.........................P..7..4........Y@ d.4.*2..bC*........ .............................@.R...P....... .@.........L......V.y..........(..TH.......$.@.............J...P .. Y. $...........H..........@..........h...4.. jS...Z..Y.."2...... .....B.......... $...............@.........@,...@.........P...".k..E;p`=.L(.B..."..e.:.%.....!P....".F.2T........J ..................d...............@...P..... .k..N..h..b....R@...R5*5......p.....B..#.P.......................P.@......A@....P.@....(.....B..."...q@O/pE...N...@*ae..P,g.qY;w...B...D.2..................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\deepskyblue\stp-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):36625
      Entropy (8bit):7.960419391335404
      Encrypted:false
      SSDEEP:
      MD5:698E629F85CBDB1F7A97800FD95B19DD
      SHA1:C597BBCB310436176DC3337B15572E7C397426B8
      SHA-256:2A9E08033E1F6EA6FF0CEABF0807133A6E73E25063E2D3F3EEB3964B7768D49C
      SHA-512:A36E9C7336B8D431C25A8CAD0CCFDA2F80CC64163D1535E0FACF373394ADC0371B7A47FB4A4C891715BE1067BFBE0BF197902F0AF6EE4B35C1D82C52F27EA6E1
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^.........................................................................................!.1A..Q"aq.....2BR..#...br..3S.C$T.....c..4%Uu.D.5Ee.s.dt...V.....................!1AQ..a.q....."..2BR..br...#Ss....3c..C....$............?...x%~....ZK.`@T.Z...%f....,O.^c.. .......x+I....}..2....^..T.!ZP..Ui...%..B..%.*.dK.J.-.!.&X-........m...a.....\.b.id...RW..=.JNQNZ.....Wv1......bo.D.s.'.....k..,{[K.R5o.^...j7......K?.}-..=H...9u..q........)g...c.[...[-..........,.{.,z._Ww.[,/........)g...WR/..S.[./.o.\.?..|....7>iu..x.v....R...Q.ru....x..{s.......QJ{..}e.[.......h.K..s......v....X....+\......../.F.../....<..Z_Zi.H.R....?.?Z.1....l.s.....Y.9".K6[T.y~.......e.O9.v.e#.7S,..i~...zrFVN../....F.:.....6.j...R.U....R.Z.y|....0..=.,....=.,4.<OyJ ..=.D..'.(..x.....=.,2......<.y

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\deepskyblue\stp-banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):2165
      Entropy (8bit):6.995441321351081
      Encrypted:false
      SSDEEP:
      MD5:28C0882CBC86CA571415A3372B6C36A6
      SHA1:1224CF4F29993F6FDC443120371C9D5004514C77
      SHA-256:F6408720435FD73999958C949F16C4F4EEAC6A514994C1944ACBF48BE14EBFDB
      SHA-512:AD58620B8666DE70BA4AA6933A5F8B0A7F84A24D68494DDFE8A33737F6D8D212863D381A2BEE9185ACF3144FF3781CFD3B1A1DE10FD3C450B7919E7739C49414
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......F......Adobe.d.................................................................................................................................................@.....................................................................................!.1.AQa"...q...2B....R.#........................!1.AQ"2.a.............?...........................................p1.h.5..2...'FTs.M6...tL.....tz.t...9l..q._....I.k..~h..Yy;vU.....M..r..}..HXJ....K.^m.U:n.\..G..D..Z....;r....s3g}7....e&.^.|h..s....s~Q.|9/./.-gK......R.....X.%v.>......S..........................................8.a..$...e.Rj.I...<..^.H.P..u.r..d...Q...#...x".G..X.4.]}......m....p.NE...)..3..!._Mn.{..dT.....*...$...b...L..ZJ..~.:~..,..G..$.^.|.b.u...........5_;/..]Y..V5/.<..............................................5.)+....".Q.......Qp..n.I...?.IE....;..:.:..Va...Ju.z..r.....u.},..E...h......;.".E....7..(..OZ.. .a.u)Q.V3l.L......j.N^.gP[2I..t.9]s.u...(7%

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\deepskyblue\style.css

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):217
      Entropy (8bit):4.796016068789895
      Encrypted:false
      SSDEEP:
      MD5:B36DC4F96F9A2E9BA3DDEF0E4957538F
      SHA1:6E9A44A685841E94C1D640BF5DD78C26B4176C0D
      SHA-256:2D7D42CFAB3B9BD7798B84ECA9AFEB301D8302197E665156FDA18D10BDE77675
      SHA-512:E21F55783FF9E4454C0B6D854DC4EEDAED889027809E175C14B7E4288CC093F8C78A0CD10DE1AB8B1E162CB9526828329085899C83F206D7D024A42E00C5A2FD
      Malicious:false
      Reputation:low
      Preview:.#advinst-text, #advinst-text-shadow.{. position: absolute;. right: 10px;. top: 10px;. font: bold 11px 'Segoe UI', 'Trebuchet MS', Arial;. color: #9fcbdc;.}..#advinst-text-shadow.{. top: 11px;. color: white;.}.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lavender\banner.gif

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:GIF image data, version 89a, 500 x 304
      Category:dropped
      Size (bytes):9502
      Entropy (8bit):7.937027745790548
      Encrypted:false
      SSDEEP:
      MD5:8A847531AEC8C39EA541EB6C4E12018A
      SHA1:F58D69930D71788157221E712B7507E914601F33
      SHA-256:56A4AD4BE719930E56D47E60D08F542E20183045B8317B231E51D8F28011DB7A
      SHA-512:6D6569F959DC4C35889FF4B57534EAA34F0FD1941A276875BB74E5C154F9ED4DA32E9226276E7888159C98E7EDB2C0E72F13FBE7B12E044CC696CC70518CFCBE
      Malicious:false
      Reputation:low
      Preview:GIF89a..0.......zr....^Q............>'.......ZI...fU.qg.of..Q:.......8..........;#.A*.C......~..E+.j`.R-.mZ.K1.jW.:..gJ.9.....bD.t.J+._T........u.`K...^G.te.S8.fR.wi.kZ.n^.[D.ym..hV.U;...Q6.qb.YA.|q.y.cO.W>.}....O4...N2.A%...............................qZ....lR...................zf..p..................s]...m.w.pW.....{.....}i.xc......................t....nU......v`....kP...iN........................L0.hM.F,...j[.~....j.y^.nO.P'....tW.E..\7.=..b?.hG.V/.A..J .n.......r....R(.F..........H........................~.N#.r..N6.k\.J7.N<.L:......^K.}.n`.M0..x.xn.P?......aU....{.uk.tm.H/.gX.z.C-.`N.T>.YD.hY.iZ...D/.~u.pc..~..cR......RB.WA.lb..[M.F2.dX.f[.h].i^...o.TE.WG.H4.........M3...9..9...........ja.P*....!.......,......0........@............#J.H....3j.... C..I....7.b.+..0c.....8s.....@Kn...>GH.*]....P.J.J...A7..p...`......h.].qC.m...K..].l....._..0).L......]....U7pBB....3[.....-n.d....S.>.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lavender\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):18187
      Entropy (8bit):7.588649522821254
      Encrypted:false
      SSDEEP:
      MD5:F9968180A88277849B3AB3C5B6C4C567
      SHA1:B7338E7E0BDC09836FAF9DD59CAA206581FEBA1E
      SHA-256:C3DE1B1B81B14F1FA7C454067DC0153DD7BEFB032B9C485E9FC9156D0759F144
      SHA-512:6A75BD471B22E837EEE1E9121B3B08713C1130F91F54DD7D12C830EE1680D7460C09D230916A807B897EB8DD6CA3A43253C59C9480121FDA7CCBC10ED8423136
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X.....................................................................................a..!1AQ..q...2R.."Bbr.....#S..3C...c...s$T......D.........................!1.Q.A2....a.q"......BR.............?.............u**..t....@.n..P...............................>E..........B.'P$...'R....@.E....I......E....V......@....*Q........................2.Q.$..V...`(.....".X.0.`A@..G.Qd.A$..Y:.H.%:.r*h.'(...H......6..^.......A...@#6....F.#6..6..9PP.b.f.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.Pf.PW.$.'..X..\..+........\...........hF|.... N.D...A..A..B*..9..A..A..BS....v.YP..C*.....@....:.f..#6..Z.Q......Z.r-..(Q....9. W9i......g....qA.Pg....qA.Pg....qA.Pg....qA.Pg....qA.Pg....qBsTP......e$(3..`.Wup.5E.....Ux.]S.j...)U........N..]Du1-.aB.I..h.....-....6..9Eo..Gr<.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lavender\head\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x100, components 3
      Category:dropped
      Size (bytes):10226
      Entropy (8bit):7.938754157030309
      Encrypted:false
      SSDEEP:
      MD5:95E69866E1DD78864269A5676E23B016
      SHA1:2C82940740E76DEB98630EB70A3B618A93C68619
      SHA-256:E20188DF68157492F48CB030BBD2315B3D10EA99182B31784DF246F2A4682C3A
      SHA-512:FD08C10BF1C477C9EA504D971236B766553E1BC16B65B9A81D94CECCA3CF42A595837F9E3C0D8BCC1F461091DD6FCB26D885BBE73942E2BD443D2605B345A098
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d.X......................................................................................!1.AQa...q.2."BR...b3S...r.#C.4.$T%....cD........................!1.AQ.a"2q...B...#..............?.......I@..I@..I@..I@..IA.T)*.Z=JP5%.X.B&M..#....P:..P.*...PZ.......R..J...?S.wmH.ei..nv..F..q..D.Z.D..<x!G..)..R.N.n%J.5@.M}8.".JST5%%....@_T.......jJA.(@....WQQ.....A.A.J...=IJz.-JR.I@..I@....=IA.R..%.RP5%.RP5%.RP5%.RP5%.RP5%.RP5%.RP.n..(...(...(...(...(L...B.......j.B&F.).+2..kR.q)BJ..)ORPZ.."e....'j..IA...)A..+..(}n..A.V0.Zs..3.m...Q.?2.....*..=N...4$&n@.).bV.5uE..2h..H<.....)..~.I.2..f.D:.Qs....f@_R.V .].+.^.jR...=T.JEn..mO.c.K.s..-j"....)A..%.J...=j.z..... ..i@...*R...=iHz.kJ...kJ...kJ...kJ...kJ...kJ....kJ.h....{.~....Zl......B..1(..s...J....y.".7....8....ZPF@34MEF.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lavender\stp-banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):4124
      Entropy (8bit):7.6820675844345745
      Encrypted:false
      SSDEEP:
      MD5:9C0F8D49037D5695753CC1F28FE4A49A
      SHA1:A1CB16CBCA0FBD85B74D38247A9451092F31FAD7
      SHA-256:9FE1F8A97B80EB16D68904B1012104895B5CAE235684AE1FAAF7284FC8315EA3
      SHA-512:1D1B2A792E570D6404A58E2D1438BE87E652937A6D096EB767FBA016D2A0015446961A597761D31A2B6EF9AEF85EBC440087E6AED2D357C60C03D7965961D109
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@..............................................................................................!.1..AQaq2.."..R#3...BrC$.s.4......................!1.AQ.aq.".....R...2B#....3.............?...............................................|.4a.............r....*T.!YBH}V..HJ..C$..m'.\th.5q.-..i.J.^.`.!...4.K..E.@'V..B.6.SNT.j.b......2.M^...:....[.].......j..h.....h.x........J.......yn.....\..E.m...q.4.+q..UU.q5\....3........v..{...^......Y...s[....SSM5].....\...zh.).g.y....^..[.6'\.....R..f5.U..d"...y...v8l=....4......|..K;.?n...........sO.c.(..O0.k...._.cE.%...m6.5.c..G...Qm.8(.r...D"....S.s.{.zl.U\g.O....e..z.....E".C...y.a#....9.8...^........'<q..\>luS.^.W...@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@A..>eY.0.............9}....*u.+...P]...[.5!(6J6...4h.Q..*.Q.{.q..._...m.Er

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lavender\style.css

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):217
      Entropy (8bit):4.795169439715166
      Encrypted:false
      SSDEEP:
      MD5:FA9EA43B60545551DD6A3556A87C2B0E
      SHA1:5BE1914A1A1D4412D9120FEE4C773842F3066082
      SHA-256:D644D14C34D19D87D871244EAE50303AA5052A64B8C683974F390FB1772C3D43
      SHA-512:1AD9A1AD98D02992C18F919B50217F62F694851D0D9BDC1D0DEBC7BADDF71D6E6153303F43F94CA5A5CC170985CC31C7E60EC122985134F447C00FA41C85C7B0
      Malicious:false
      Reputation:low
      Preview:.#advinst-text, #advinst-text-shadow.{. position: absolute;. right: 10px;. top: 10px;. font: bold 11px 'Segoe UI', 'Trebuchet MS', Arial;. color: #b5a9e1;.}..#advinst-text-shadow.{. top: 11px;. color: white;.}.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lightcoral\banner.gif

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:GIF image data, version 89a, 500 x 304
      Category:dropped
      Size (bytes):9605
      Entropy (8bit):7.939576829493448
      Encrypted:false
      SSDEEP:
      MD5:93BFCD12AA52087EA84026C15B62EF93
      SHA1:75B735FB14CA407CD5E534E663155CBFE79A0376
      SHA-256:9A996676B44146860B40FC5534D13A4FDF7A01C685E77D63BA9CE9D410DA9DB3
      SHA-512:5EFAE3C6A1640BDFE0C59995386989AC957FE111D905EA3024762D9C3616330CAAF5D741E49BC4047B33139F78BA60AFAFED1ED518BDE01E280D1D6B59247116
      Malicious:false
      Reputation:low
      Preview:GIF89a..0.....cc.......................................................cc..........33.......................................;;............v............ii..................s............... ...................''....""..........%%.............##................((....**.... .((...y...UU............................QQ....::.LL..........--.//....)).......55.''.JJ.CC.##.......NN.""..........AA....<<.>>....11.33.%%.WW.++.88.EE.HH.... ....SS..........EE.qq.,,.YY.....................rr....)).......''.''............++........##...z........................................~...$$.......++....,,.22.......... ."".!!.!!.ll....((.%%.&&.**.++.&&....dd.kk.......((.!!....''..........qq.pp.tt.!!...................................33....yy.LL.!!.JJ....PP.44.uu....bb.uu....NN.oo.ll...!.......,......0.......3A............#J.H....3j.... C..I....M..w...0c.i...8s.....@K...l..NH.*].)..P.J.J...AMxs....`......h.]...)h...K..].l....._.&.P.L......]....UM..B....3[.....-.P.....S.>.....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lightcoral\bar-bg.gif

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:GIF image data, version 89a, 48 x 22
      Category:dropped
      Size (bytes):3457
      Entropy (8bit):7.475472485965667
      Encrypted:false
      SSDEEP:
      MD5:5D1E62EE24602E00290E6CDEDE424D64
      SHA1:B1CEB6BC04316F99F81B7769FD9E7832EC28236A
      SHA-256:EBADA81B8742C6C9E8EFBE751DE92DC69E6189F8862F1D45C378C72285DCDFEA
      SHA-512:9ADD6A2A41B51BC78A16D5950D305A36182B8E9069F418E1BB2D9F730F2C054E503C686C215EB87F3716D1B8185F932B1B8B60C7821FA7B866A2BA782838A47B
      Malicious:false
      Reputation:low
      Preview:GIF89a0......................................................!..NETSCAPE2.0.....!..Built with GIF Movie Gear 4.0.!.......,....0.......H.........b..C..l;.R,.tL.).......E....7....9k.T.0.R..)P3;....r.|.'....[......=.....yWe..0...0.v...l+.xk.....}...9B.......U.....Z7./I..7.......j>..=.8.T........../...................................................x.[....q.x*..!.......,....0.....yp.F.....W.'Z....1.b@.l..1i..A..3..S.c>.%.d..1c...2....j0@Q.).;...V..i^7..v..........Vh.~8.S...5...yl...z.J..z.5..(..!.......,....0.....{..u..8k....q.`...a......1..z.Q.@....x:".GR2bG.'JK:...J#..V....].^.....Sn';._.o.......~rm..{@lgn.w.N........|.Z.J}..@..!.......,....0.....y.I...8kfR.`f.FhJ.@.a..`@..x.5..t....g..v@.(y.2%.'.92.O.9e..O,Ske...'C.f..\...V..u;..V3.s=g~..9.j..5.a.{n.a.|.I..|.5.9..!.......,....0.....|.I..8.iR.`v.FhJ.@..q.,..p.......u=.#..r^../)A2gA.!.[2].a.Ip..I..I.v.1. .U...w....r...e..pk}.y>j}C.:.Y..6.O.u.O...FD.....,..!.......,....0.....{....:4kmR.`f.FhJ.@.a..`@..x.5..9..../7.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lightcoral\buttonimage.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 432 x 38, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2284
      Entropy (8bit):7.817508357422145
      Encrypted:false
      SSDEEP:
      MD5:AB27459C777F991D1FCED1606B8E0190
      SHA1:045E3AF802DFC6FAB12CA1B428218E3546E55FE6
      SHA-256:A110F2873270F2750F7234963CF08BFB6A0A3374B1A76164E92D26F46A2E406E
      SHA-512:85582570741A6748150479EC62DCCD99FB72CDC17B8F299575FE5B7705C72A04E59736C59A3E5A81444A64F9F2AEE9480FC3713AA201F95738DB449556B70CFC
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......&.............tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Kl.W.....'IHx$.D ..:B......"....QV.m.J.. .).X..dC.xI ..*..().E%...=c..........q.#].q..O...{..`....v..~.._.J..^.=...........>..^......\..^h......@S...G.{.X.$..|r...?o....(51a$.....{7.....W|.....q..}.....=9i$...i.....p,..H.A?....+.'.N.$.&...<7.B.....R{{;......%...K..(...G......?.7o...?|HYC.x..C..O.^a..?9~.V.ZEM........8..8&....Y.....u.O......Ku.....7.O..7.4..9u.>M..N.G...c...{.gC...1'....Yj..^....9...1J.R.CCC.v.Ze..H.H....|tt..n.J.ht.....z55.I..A....l.F.]].0T?~..........P..$%y.\.9.`..d..jd..y..npe..e.ZAf#,.I.#...z.H..&.R~...4,..|.)...TJ....3..i'3...(....a]..%./Lb.XA?.s.....).?.(..=.).?.`4r...bq...ET.,..uK........n...H[.M.#...~...p...."....?....2.....s.'Q]?2u...@?n....0O^..ch.j.......V.$........w.h..*k....ss..).cm....OW.....!..fw....0$.9..($a..#Gg.#j.lQ...J...5.9.O.....0..Y\....>Eek<.U.E..%G $..d.p.JX...#3.=.......S....K...lq.u..n....H.A.+96$...F..G?^.F....

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lightcoral\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):18820
      Entropy (8bit):7.574656781384152
      Encrypted:false
      SSDEEP:
      MD5:DF0F1BA8C80EF3078114D2466BEAAB14
      SHA1:C70D12A28C805EB0C0631B73115B5223102DD711
      SHA-256:3C470C44BAA99AF4E0145C3A7A79B6C7262CF589402D037E6661B48BDA96BAFD
      SHA-512:01A60A7C0C7ECB81EEF7C8DF1CEC41B9EA07A4692229A26E9913BF9DB02B3A94232B4C0ABF3BAFA7540779D41567CDB77566BEAC7C706580B7B61467940E586C
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X........................................................................................!1AQa...q.."2R...Bbr......#3CS..c....D.s$....4T.E.......................!1..AQaq.2........."R..B..3.............?..........U..........U.*......................................S..@..%0.....L"J.........P....l.................................B.@..EQ...Q...........*$..%0.......P....)P"....6..E@b.#.).AQ..h.F$.U..!..Z1 Q...H.b@.....(.F$.1 Q...H.b@.....(.F$.1 Q...H.b@.....(.F$.1.5....P...h..`.b.T..MP....H..H.c@.c..H..MB&...H....*..R[.Kb@.....))..a.T...Z.@.....Q.EP.....C..r...H.E.q..c.!.-+..c.*.F0.c...F0Q..c...F0Q..c...F0Q..c...F0Q..c...F0Q..c...F0.. R.EJ[.J1.^.R...-uW...Z.&...h..H%...R........Ts8.51..X.N...IR...x..).Ik.(.Gb.H.....A....,.Q.-j..T...&."T..N4.1.....@.....Cai...q..\..aiW2*.`.q......R..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lightcoral\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):14206
      Entropy (8bit):6.934591021995039
      Encrypted:false
      SSDEEP:
      MD5:BB7E6267F8B927D4CAB12574BCDAE8F4
      SHA1:770ED8562B5E20FFD198BBB0D2D2E9C78671AA93
      SHA-256:47011C1DA80BCA19DD668DCCC447EEFA3E463D9DAFA83B7E10FA361ECE7DCB14
      SHA-512:E0570F1CB2A80F5A86355570E1688AA85F2BBCDD596BBE1C723A529B61492CF0136EE760967EF2B221A4F271F83AECD17016EC574B379094849B0B19B7EF715C
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X......................................................................................!..1AQa..q..."2BR...b..r#3CS.c....D...$...4TE......................1.!Q..Aa2q.......R."B3...............?..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lightcoral\stp-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):41814
      Entropy (8bit):7.958318251672585
      Encrypted:false
      SSDEEP:
      MD5:4ABDC1BCBD8458BD36CC7D7ABB6D678B
      SHA1:893BFCA74F5E84BC1C5477084152D70774DEDF45
      SHA-256:EF5B686CB5CF948EAA1F560A88948E2CF8E2B5A40D48B2ECCDCCB2CF6521E276
      SHA-512:DF704B4EAA36667E48D1A9258E018B08C124F5774B33057289087E8886A45FDE7D7BAF1A6468A73AB260457E0CD9C68D9CB27E6EFBCC333487224A93BE849B9D
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^.............................................................................................!1AQ..aq"...2.....BR..b#3.rC..Scs.$4.....DU.&.Td%V...t..Ee6F..'gw.7......................!.1AQq..a.".....2....BRr.3.#...b.S.t%c$4.5..sTd....D.u............?...Y..s...Sr2....z.FF_...Ae....m..z...>.PM(D_....%..O..$-'.~.@B......HL.w.\^.B6~'M.=.p.. ...O..&..y....>.v.....e!......>....(U...Y@...+vu$...$S........p..p.....ky}rY...).6.=......!c..k..}....?e*Y...t....r/.;..6U:.;...Y.Qu.....N.Z.6....rl....\..:wL+.O"-.b.r....I.i.........~...o.9./)A.G"k.<zT...[...:.[..Xg..w.r{.."yc..(rz..L....O..z.DU..E....r.I.?Q/..;..n#...o....-.....E.:.....M.....>..AE.:.e...9.....J-.....FN.....I..:.L4.D.>F....J....6.DJ.Nv.7.W...J%...f?.......-XtD.....o..Qb.,)}....7.J......7.G. ..R..8.h...j."Q..?.?.M.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lightcoral\stp-banner.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):4049
      Entropy (8bit):7.65216186209717
      Encrypted:false
      SSDEEP:
      MD5:05CE147DF4A368951CE78347D888E17D
      SHA1:B63ACD651ED6036C6F1A676C96906C4EBECA85A6
      SHA-256:A03C45EE5DF542D0A938E21D284915BE85EB89FE47AF1A09F90047F0880370B9
      SHA-512:E7313B8D194BB920362C976F07BB29A810F32F9110DE7E3E5C3488C80E8D21BCF00F9B1BB243F723DEDD4A4A5137D84FA9D558B32E30B5245BC1A217EEF641CA
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@............................................................................................!..1Aq..Qa."2...#.B$..3C..RrSD.......................!1.Q.Aa..."2...q.R....B#b.............?...............................................|J.6x.............;t.FV.r}%..E.....nR..2...^gA...}.C+..E...&o.T.y...Q....F.?.E...+\\..vn..B.X..1b...]....a=........<...3.}......G.U........3..1.......W"q.%...hI=.2.f......F<6.....?......~'.j.P....Td.V"...#...u...f.....4...?..z...........<..f.<`I$...".H.x.uZ.......O..I.|ml~?U.......r.O#.|.m...d...Z`k.%e..<.W..s.^.==.....q!+y..A..q.1..C4............'..+.go.O../.0..+.C...s....@...g... i.kw..O._...9_......_....>$.........................................a=O.RF.. .hx.en.u`.gooOz.z..M..B n'R.{.}..%.)...$.....*9[a..@.1..;.ex..H.&.....v.t>.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\lightcoral\style.css

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):217
      Entropy (8bit):4.810864109856865
      Encrypted:false
      SSDEEP:
      MD5:F1E35FDEBCE98A97E7126CB0A1FB61B1
      SHA1:34F6D1517D65018F472EC21C47BFA03B488A3D1D
      SHA-256:527A84C1A56FD172E73BB21AAF29ACF0E06E0A7202B348F827479139A66F292E
      SHA-512:B9D032B5BF717C2645EB65E58FE158FA34FE92149329B729C3CDFD411F5D3E4B9E50D55D86415CFA48C86052E030B0A62A3DE2872F08CF0F7FB9BB270047817F
      Malicious:false
      Reputation:low
      Preview:.#advinst-text, #advinst-text-shadow.{. position: absolute;. right: 10px;. top: 10px;. font: bold 11px 'Segoe UI', 'Trebuchet MS', Arial;. color: #d3a7a8;.}..#advinst-text-shadow.{. top: 11px;. color: white;.}.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\mirage\banner-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x64, components 3
      Category:dropped
      Size (bytes):1987
      Entropy (8bit):6.8494968402374505
      Encrypted:false
      SSDEEP:
      MD5:87C0835B67F435A3585A0C75F0786760
      SHA1:2276A28E5CFBBA4F01C856B722A6D6FAC0BE9568
      SHA-256:335260B33FFBEC6892AEF5EAFD5B4636D510614A55F3564E6F92550D91969922
      SHA-512:85D0A3481704BE50D37DC6FEED00A6011586F57B48574403E907C74837375651A8F0FD4280D1DA407BB38BFD0C0372450F5BEEA034A0D1C7F017AC6DE08E69AE
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......F......Adobe.d.................................................................................................................................................@.......................................................................................!1A.Qa.q....."...2B.br..R..3S.......................!1Q.a".............?................................................D..Y.\.+.K(.UY.QUI...M..e......5.D..7...^&.........4.Wo..%D..zf..V.........}Pk..35.7..m.u.W.mRXKq=..^m.W..m.. .....n..i....K1r..E.*>..v.....M}..K...E..........]0.V_.<..........................................8..E..+.(.NK....K4\...=...)...1..j.-.E.\r.A.U..cq:.....a.e.a5\.S....zK*.,=.ZRm....UM..\QtY...W...R}U.jj....7]b.k......i..oM.......g.t.w...c..oM.{.r4.*......A*..x.*.:H.YX..7r.i..x..........................................q...D...ESU(.v<..F.i.j.>..U<.m6..y..q..K..iB..:9.].\..^_.yi.{D.Ne.....k...T..%... ..F<..........1U.Q`.U.....=..yS.Z.1..q..}...w..].

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\mirage\bar-bg.gif

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:GIF image data, version 89a, 48 x 22
      Category:dropped
      Size (bytes):3620
      Entropy (8bit):7.459136765640128
      Encrypted:false
      SSDEEP:
      MD5:3DBB75ED492A5A7104FFBD7612B4CE21
      SHA1:A378341897BD46FEAD84B642C3B535B935C8F508
      SHA-256:D696C7AFDADD86D24E319A33CB174AF526F7F7F3EF20B663E27168C1E76E1C87
      SHA-512:2B2EDFA00B21AEC49897C9FC98F653FC84D24116861CCD8CA59C59C349B11DB55D0CA7B6427F51616A72476D5C2A9F181DBBB5D1CA554E49003B867DCD44B724
      Malicious:false
      Reputation:low
      Preview:GIF89a0...................................................!..NETSCAPE2.0.....!..Built with GIF Movie Gear 4.0.!.......,....0......P%...R..j.(..h..@.l.G2.RM.....!.>.74...M..D*....Eu.$..v.M.X..!@...d3....b}...\l..m......rq.rt.cSw;62z.Y.}T.c.d.^.1.....~.w........^..Fv..........f.....bk,...}.........:c.?k.<............FF:......e.i............u..T...(..}.......|>.!L.la........b;.+....A2..o.....Q`.)....a..D.... #F.._v..,..!.......,....0.....}.%G......g.'Z...c2..p.lw(F..m.......2..).c......b3.d*...!.=R.........@.J ..........2.u..{wP.rh.Jo.v....}...P.z..h..>i.>%.>..!.......,....0..........8.._..`...i.......a. ...k...9(fD..y.....bD..S.48d.ZS....E../.........l.1.....mzp..?|..l.xJ...W..{.P..8mp...u.[...8..+..!.......,....0.....}.I..8k...`.$GhJ.Q...l(.k,.......=L.@.bh...).1.."..4..#^/.<$.VU...N.L. .$....s......<....|rs~AjO(.=.O...9.i..F.I){....q.a.,..!.......,....0.......I.Z.8..`.$GhJ.Q...l(.D........5.&`..%..D...Z.q0*...h=..O!Vy(7.a.7....S...t..@.....S..wB|S....zu.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\mirage\buttonimage.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 432 x 38, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2327
      Entropy (8bit):7.856516269164281
      Encrypted:false
      SSDEEP:
      MD5:6EDA2BC48E95E0EE87226CA8EC15CCED
      SHA1:3F93B676D2BD6ABFDE586C4B6A8A5AFFF5590FE6
      SHA-256:6AE844F51FFDE1DD586E4A95D84DD6E27F8825D20FEB75508166CE6DA09D721C
      SHA-512:08081674621873EE4BF87AA1EA2FE9DA7B28B87F68D2CA34265EE935FD8F9A1C2DA0D4609429E89FA44BE51B4EEA40E6336D37803A0F3F34C900D14D54291A5A
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......&.............tEXtSoftware.Adobe ImageReadyq.e<....IDATx..Ol[I.....=.i.I.n...PmQ.*q..?...*B.$.....pZ..N.BB......P.,H)..XT..X!..*E4b.....$[;......3..y.v.e.....*.c..~...w.3c...7.a../................_.l....Y\>d...q...QJ.7*[.u..F4g.....Dn...c`Z|............*.T.....V.{..q,..".3...c...M..?a.boo..j.f...<.333...C>..61...6/..f.'..-.f...?...G...l...5.vg...e...9L.N&........[.z-..s.o..j.....=..l.i5.v........./....{x.8.\i.I?....#.J8....Ly.....M..fs.....p..p..3.?Q.Y..T*.|.2. ....'......O..MP.......]}.?..._....#P.s.Nu..I,j#...Bc..7..-y..k.a.b^%.........@..<.r.dR(mT.........=m.......5??.....kSh.\6.......c....Bi%.)..Zt.y..i .g.cy+R,...b.F.O.k..OO.t>..:..uN7@..#X;.......U..1...Kz~I6..R....Mk`.....?g..?.I.O?...vP.(:.. ..*......z..?.r.9u.<7.#}..b...ff...aZ[.@Bh.~r.&.....3.ZkDb..B./.O_.1c3.?..c...W.R.H&V.I|..O:._........3-.........w...1sSL_=........3<.k`aC.PW.&.1.7.......B.IY,*..[.Y..D.....c`....@..../..Y...00a+..7.i`g.:...3.....-.$ ..s..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\mirage\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):38318
      Entropy (8bit):7.954300983918178
      Encrypted:false
      SSDEEP:
      MD5:82985626852F53F256718B9058C8FB25
      SHA1:3FEE0524ADD7C5A31130F6D4F19378DD1AF1E992
      SHA-256:FAA7DC16CCC1C35BD33EAF4626EE9F0DC2B0448080EA37F4F99948B2B695181D
      SHA-512:23AC0CE15837553F74CDADB2BB30D7F946EDA39F753C7D3FD72C08FC63EE7C57341873BBAEAC875E2264E10ABAC2FB5991E7008BA680B128948FA923306325AB
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^.........................................................................................!1..AQa.q."2....B#....R.br.3...Cs$4T.%..Sc.&..EU.Vfv.Dt.5.F...d...6......................!.1A..Qaq......."2R..Bbr.....#3Ssc.C....4$............?...\K[..;.O....$j..8..h....o...630.D.1W....Lojb.....+J..Q.H.4j").7...1.3..c.t6.)..C..M,.($g.%.7(:i...e=u+.*O..V.....si.d..FW:.x..5G..7+......{...xV....g..E.....c.PX.L.\...U7....!.p*F\.E;E...K/....f4.W.......7~...1.... ..q...@...-s...s.y..$.........n7ba.T.[.<=$n.%.Nb...#v.j..dU...H.P,.t[..zMn$..CF..R.8.H..-.K..l1.z.@.....n..ZW..`["z..D?C.w..^I..s.i.....Lpi... ..._.K!dQL..G...q'._?...w7jo....K..M.....{.n.4...|M?KK..c,...P.~{.Sj.=o.j.KK..7....s..........~...or,..g;..u....{f....[{..6.s...j......O...m.BX.|......_..~....m.E..r>i..

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\mirage\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):34278
      Entropy (8bit):7.9563564164012455
      Encrypted:false
      SSDEEP:
      MD5:3B300449767931E2463CCA4D7233C275
      SHA1:A09530DDDA2CB42D68360F7D050FF24BDFE8B70D
      SHA-256:F4F4DEF511E801F18A711819D69D5C7E35FB6A18D4D77EAE11D6C10ED099D877
      SHA-512:777C8E84D4F7F7D7940ADDE889AADDE7ABA4FE10B06475568C10694F672A2DD1E45535C0E4E341181F71AED8BB7B8C15CB919C630E9D3CBAE9557832F4C96CAE
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......U......Adobe.d...................................................................................................................................................X....................................................................................!1.A..Qaq"...2.....B.Rbr..#...3S...C.D.....s$4T.cU.%E......................!Q1Aa...q.......2............?....P.8...T}aw....FfT..*A<....+...'.E<....I.+.W.M.qi= .9!K^.8.k`Q..W..1..x...P+....<...).h.iO.f.1>.2...=e2..?......wi.*.P....S .-.z..o.....S .=.......;..X......{...*dQ~..F\.....S...?..Ea....e2.Wj^..........si..'...2,..k<........+.,.#Y."".....Z...n..j..g{..R.n.....w.^...k5.^....N..?......w.N....kO..>.....~sY.W..{..=...o._...N..a..;.>...7.....).........h..z..Z...9N.........i...=#~kY.W..'Y.o........S..7.u_...)....W....u.......E^.o.....S......?.......#..L......?.....5?...).+.:..?.....N....dT..........U.?.>.X.X.>...w>. ...3.......v....zdV.W....f).+...&....)...v.b..a'.q.t

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\mirage\head\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x100, components 3
      Category:dropped
      Size (bytes):4889
      Entropy (8bit):7.820609586511656
      Encrypted:false
      SSDEEP:
      MD5:AF91CE1D6A963CF71D319B27637A4B2B
      SHA1:E5433A391739785A05929AA134D58A2E04A346B4
      SHA-256:9D3A7C4B74E4321314A205A37C34F8A8CC3C62A2F7DF3DB76D715C24ACDE46AA
      SHA-512:68687EC33B84EB5D69BC48DE4E7DB80D93805368108FBBB0DCEF8F107C198A5FC340DE69B32B144386413682FB1D719B046A23BAF056575B66DF18B64FADC642
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d.X...................................................................................!1A..Qaq.."....2B...Rb.r#.3Ccs.$......................!.1A.............?......n....>...........J..hW.J........].j..@.x..)tSR..p.#...CG@.p|...>A.p.....#.$U..4*&..$.$..X.NH..|..]<..NH.K..4..CO@...D...F.!.Qr&..<(..Q.......!..D..=........w.".(..0I.$..X..E.6..PA...F..G....... e..AU.DQi,.V..t5.4v.'D....i....EWN.M...........G?.rm...........S.....KR..Q....9.,....v.v.f-hf..D...W....W.H.&#.vZS..^<.....9.E......../.v..<...B.........j..e....W.v`-l..j...U#vk...O./.@...p.....(F......K".JU..7..e.P.@F..VT...u...]@-Y@r...............T........`QH.t....]+&...v..U.d..R.u@..m\.e ..a...R.r.Q..e +.J).@^.,.\.;.`t..7yYp .I%Ed@....@...(I.i.]...s.m.6....|.v..,....-,`..Qx...^.z.Z..UtF-he4..v..pn....X.$......H

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\mirage\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):27667
      Entropy (8bit):7.935082281765242
      Encrypted:false
      SSDEEP:
      MD5:BA785360248BE5FC93D77C50C3315620
      SHA1:54EC8A8D171C2F09CCE83A6D83C0C5A3B2217F25
      SHA-256:CC535F19E7A5C0D99B971935DF8E105555C3BD95FEF07A3B6F28693CA23BEDCB
      SHA-512:7555231BE6342B080E88278FE81D0EA53FC31443206ECA6A2087471E7B38E9A2D7EAE50F664D498CA65513E4273624E36ED22D262587428D37F160B8BF657B50
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......U......Adobe.d...................................................................................................................................................X...................................................................................!.1A..Qaq.."2.....B...Rb#..r3...C...Sc$.sDU.4....TE......................!Q1Aaq......."2B............?...@ .......@ .......@ .......@ .......@ .......@ .......tM)'.R1..P.s..j<P,.#B..<T.)K'@..q(0.q@.y.R..J.#...T)..S.'+....Z.'.,I+X.z\K+..x..U,S..9.g..48..)nUR..v(a.(..SQ........j...H.t.[...U..@ .......@ .......@ .......@ .......@ .......@ ....T@..a.....(......3.IL.B.*....T...q...P,.V.*.%n..=.pNR|1[F..+..p.."...Y.b..b.^.&...Ec(...S.wQ).C.........}.V.........@ .......@ .......@ .......@ .......@ .........3.+5.p.. .h.d...Ej.E...e.a.8.SU..fpV...@..-DJE.n*s Qt.....E...$.U.f.5]..\..U|...G..!......Y....S.95*......r.c........@ .......@ .......@ .......@ .......@ ...A..J.0....E....d..D`.B.VK..D.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\mirage\style.css

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):217
      Entropy (8bit):4.807565550018821
      Encrypted:false
      SSDEEP:
      MD5:206AAFAF27D621D8A290CCF12F7813C5
      SHA1:9D39F444A0CD724DB7C494730488A0D481D8BE2B
      SHA-256:05825308A0C5D2B9F98E9826D069EAA3EFAA4403BCB6EFDE95C7D3F2037FBE9A
      SHA-512:AD550EF0C9F3ECC47C105BEF9EC434912F22C9EDF72AB9768D79948F896359941450A1A11A7E5E15CE40E32D73369A0677DC3DACA8EDB284E617886888026C06
      Malicious:false
      Reputation:low
      Preview:.#advinst-text, #advinst-text-shadow.{. position: absolute;. right: 10px;. top: 10px;. font: bold 11px 'Segoe UI', 'Trebuchet MS', Arial;. color: #a69dc6;.}..#advinst-text-shadow.{. top: 11px;. color: white;.}.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\orange\bar-bg.gif

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:GIF image data, version 89a, 48 x 22
      Category:dropped
      Size (bytes):304064
      Entropy (8bit):1.02877999562845
      Encrypted:false
      SSDEEP:
      MD5:80A3586F77BCC84B16050F3804730431
      SHA1:D5FCEC4A12DA4FAF25F42AF15FA3AAEE2517E569
      SHA-256:375F93C2A2AC1AF583F46A5494B5B1A632479B8A9DD2B66605311018603B5FBF
      SHA-512:06EC9B9A8998FFC957A2C9626F08C5F129FCEA3C6D89AD6FEAB3D184043F75EED2EB657CC68496389676103BFBD39FD382E0CD311356A8DEA17DE98A868E7826
      Malicious:false
      Reputation:low
      Preview:GIF89a0................s..s..k..k..R..J.k.c..J..B..J.J.B.............................................!..NETSCAPE2.0.....!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?>.<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 4.2.2-c063 53.351735, 2008/07/22-18:11:12 ">. <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">. <rdf:Description rdf:about="". xmlns:xmp="http://ns.adobe.com/xap/1.0/">. <xmp:CreatorTool>Adobe Fireworks CS4</xmp:CreatorTool>. <xmp:CreateDate>2008-12-04T03:10:08Z</xmp:CreateDate>. <xmp:ModifyDate>2008-12-04T03:24:29Z</xmp:ModifyDate>. </rdf:Description>. <rdf:Description rdf:about="". xmlns:dc="http://purl.org/dc/elements/1.1/">. <dc:format>image/gif</dc:format>. </rdf:Description>. </rdf:RDF>.</x:xmpmeta>. .

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\orange\buttonimage.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 432 x 38, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):2440
      Entropy (8bit):7.847571995766963
      Encrypted:false
      SSDEEP:
      MD5:52A1B7E2BB7B20ADA7F70100245C273A
      SHA1:B2EA3E3CF3751B49FC5C02530EC70D5AE209C1F8
      SHA-256:4DDA18F028713B70BB247835C6EA55C9C1CF8393FDCB965B2358154B01951988
      SHA-512:B30722779BF113EA97E1D7440C0B6CC6C7DD046C60AF5302B93D5CF61254217255255E7BE3BFA81D0E2B86DBDE897626E9554416F9BCFE875E3903796E30C8BC
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.......&.............tEXtSoftware.Adobe ImageReadyq.e<...*IDATx..]]l.W.=3._;...B.....P...K.4.."........x@ .......R...K%.h. ...E*.@B.Z...T.1.U..n...]{.w.......v7...O.Z..)G.....Z.$.+..P._.K.3j......|..<F...S..'.z.cY..GJi......8Kh"......|,m`J|$.7 .........OXrc..9........O._.O.>...p|..........B>...;..L&111....#..B....L...M..+...E.ME.'.?.'...".......O.....`.=...x.T.B\}...F.s.5..E.....}.....'>....^....8.].>........Vy..;.;au...{..!...S.r...{.H}....eb..jg.\.......O...O..4......G."..,*.?'.o.27.O..|x..=.PB>J.i.60.\z.h.!.Y.SU...RsH|...4>i..}........6.6>.?/..2.....3..$.I[u.1./m`M..N.....j[..S...h.[__7.5==M.y.I.333:}..C..T...3Zy....@.u..*1!P}.y.@..'uf.(_'8....XZp.L.L`v...;%.wX&......je..l.o]I....t.8r....$....q........~h....?.>..'.....10.T.U..%..|....rQ9.vk.Z.T..Q.gt....&s..)..\<le.9..Di.P....y?Y.3...k.K..%J.4>.Z.%.?..LcX#:>..D.,.O.BP...^..l....,....{.._.... ...GE4..`j.>.P..?..k`.!(~.......20...&..G|.i.Y......k......&..1H ...

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\orange\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):27556
      Entropy (8bit):7.714447537351541
      Encrypted:false
      SSDEEP:
      MD5:45B0F2F85FC6590A3D2501D8AF7FBA27
      SHA1:AE05CFD87B23581BC383EDD73021F91B60DD36E1
      SHA-256:224E87C9E1651F0150C1D7B3165EEB9C67F1F120277BACFA3F5A6B0C6CA0EEA8
      SHA-512:636A3F856FC6A323EAFE95D649D4B8E88C4EAC15937A361493FA0E6B63139DF3CC5C6C911FCC9CD45B0543F190E1B3A54AE7491B3F15077F5EBDEF53DB8688F0
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X.......................................................................................!..1AQa..q...."2BR....br3CS..#.....4.$D..cTdt........................1..!.AQ.a.2.q....R..."B.....3b.#C..r...............?.................n.Q......... J..-E.....\.Qp.E.....\....(....@Qp.E.....\.`H.kr......$..H.......h.................................*....@..M*..o`[......9$.\.. $ ....I ......@.............@............. ...........P".%H0....R.....0..2a.\.Df.F..rp..&..n0g..#1.....r..9..'&.T2`..0U..EQ.0U..3%.d...F..Wr.w.Q.nN..q.5I.-Rr.'190f.0f.0f.0f.0gDn0.P....o6.....7.3....n0.Q;...;...n0U..........Q.Fe.n0..o0g......bw.Na...nF..NR..2a5D..Q.$.*2..$!$..........V..#)*2a.#).Dd.*F.....a...*.F.a\.nN.........g#y.\.y....LfF.%...^.........q.f...0.`.7.RWc..x..H..r.Z....y...f..k+.-.....N..m]6......\.D..rw#..7.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\orange\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):21458
      Entropy (8bit):7.420244561423489
      Encrypted:false
      SSDEEP:
      MD5:F5B2B33A9D3EAA4E046D16FE9CEA32B4
      SHA1:AA8BCCD09CCB8B2097A296DF0404204A32F5136F
      SHA-256:127CDBAB50C503B9554589DCF38919D7A20FBAD1C509F8B29A74DC3FB6E79BB8
      SHA-512:C3504113C7BEBD5189C83F489C4FE04970358641255B55FEDCBC2A0212914686A002FB525211A475398F8CD412EEC9267E756D4B73137E87040DAC6EEB9900A5
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X........................................................................................!1AQ.aq....."2BR.....br3C.#S.4..$...cd.......................1!..AQa2..q....."...BR..#3bC.r................?.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\orange\style.css

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):217
      Entropy (8bit):4.805992091999023
      Encrypted:false
      SSDEEP:
      MD5:CA7CDA46C4310122DDA9D5236925F4A6
      SHA1:12DEA81F5ED145557D72D1DD3A5AE9B8834FA3B3
      SHA-256:9435EAAE80B4899066295E6CC04414D8ABDF1CEECE7082479ED2F9B9B3C7C23B
      SHA-512:99ED1C450D2122390F40C67965B272DF7FB241FAC704A6480418CD83168A26B804BF1BD5DB5C8D99B9B21481CA1EF4EB0663CDCD0F42EAA03CA24169EAE824B2
      Malicious:false
      Reputation:low
      Preview:.#advinst-text, #advinst-text-shadow.{. position: absolute;. right: 10px;. top: 10px;. font: bold 11px 'Segoe UI', 'Trebuchet MS', Arial;. color: #e8b66d;.}..#advinst-text-shadow.{. top: 11px;. color: white;.}.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\powderblue\banner.gif

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:GIF image data, version 89a, 500 x 304
      Category:dropped
      Size (bytes):9798
      Entropy (8bit):7.928345125277567
      Encrypted:false
      SSDEEP:
      MD5:6662AE4D5016C2BB91FA2DDDEEB33B67
      SHA1:2ED3ECD6DE01083D5489088FC212CDE73CF0964B
      SHA-256:E32E23B53135E2FDEB61291BBD1EFE380DFB878DD1C3EDD1FBCD442E7F43A747
      SHA-512:5F9757B6C2363010CCD5E4CEF6AA7A0325F765E7FF1CC519A1AF87E7F85B86D4501EF46DA1CF726AC15AA8301501E2FF9D4721B5C9413B5EBE11EAD1329FD261
      Malicious:false
      Reputation:low
      Preview:GIF89a..0....*~.}..a..j..>..,z......#s.r..s..V..e..[....T..Q..z..G..B..R..A..K..........J....-{.......@..Z.......J..%r.D..%u.3..e.....5....9..s..:..9..z..1..t..]..B..5..O..0~.2~.......Z..F..]....O..Q.....=..o..<....i..d..W.....)..........m../..2..+..!o.......7..{..5..~....3..1................J.................3..h.....D..K..^..;..b...........^...........}..u..R..n..5..V..?..<..9....l..>..H.......x..q....Z..O..D....A..8........W...........o...........y.....M..u..f........j.............0.............0..c..:..K..w..g..\..j..t..Y..n..R..E....?..<....O..`....H..U..B..q........-.....+..J..Z.._..$s......T....x..k..m..l....../.......i..p.....{......(|.G..J..i..z..f..7..}..v..D..m..a.._..V..i..l..+..u..,.....@..?..<..(..........j..e..(w.`..#t.p..8.....!.......,......0........B............#J.H....3j.... C..I......p ..0c.....8s.....@K..&....H.*].TX.P.J.J...A.i....`.v.J...h.....6.p..K.n.x...... ...L.....*^..c.A...L....+?.......0.D....S......x

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\powderblue\bar-bg.gif

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:GIF image data, version 89a, 48 x 22
      Category:dropped
      Size (bytes):3576
      Entropy (8bit):7.491692605854135
      Encrypted:false
      SSDEEP:
      MD5:D42597F81E0A22C6D62F0793D3623D28
      SHA1:C391671DFB885DE3405574F2398836121E8CCA20
      SHA-256:0F934FFEA4B4CDE161D7D8C0ED80F7D1E1337A654625BE7754F0680942C7468E
      SHA-512:781E8062A622FD40B66B1395818F2EE1E09FB7D10F355545DAB39A5EDC947951D153968AA2B5ED48B3F2B07F3DD193E3446F174A8FE64FA46115C9E3C40EB337
      Malicious:false
      Reputation:low
      Preview:GIF89a0......j..r..u..|..~...................................!..NETSCAPE2.0.....!..Built with GIF Movie Gear 4.0.!.......,....0......0.5+.6+.....b."C..j.......8R#..@..@..+.CrYP.|.T*.Y........o.<........=.?xL{Uf.......x6vj3.me]p.UtX.V=pb`.^M....2...<...~o.Q..........z.n..........b....._M....M.......=...........{.)......ae...........................H..<........>... .W.^.0..>. qb3...!..)..Ga./fl...3. I..rX..!.......,....0.....w..F......_.'Z....1.bP.l..qW...y..=..........Z6f.S..9..^.p\b.5...]....F...5<.V..ggC.....9yKi|xN.....}n.........[.A..!.......,....0.....}.-...8...g.$6.cY".Z.E.G:k.`..Q........[.G..iQR-.+..0...y..T. .=...v.T.....{\~z.\.}.<qZ...p|..u.T..7j.D...@.@..!.......,....0.....z....8.v..`..a)..i.]..A.."2..z..g1..r....!.....VS........DBi....*..@uPP...v..V..?4.....xC..8h|}.C.U..4.]~s.X...?.....4..!.......,....0.....y.I...8.y..`..a)..i.]..A...t6.x...L.....]/xD6.3.!ZT:..+.j8,sVg.K..N. pE..j@.....Uzz}}.}w}..9j}~{...Z.rp.N...4q..A.../..!.......,....0

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\powderblue\head\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):19311
      Entropy (8bit):7.637310094762135
      Encrypted:false
      SSDEEP:
      MD5:2F3842ABE542E17CF0FF08ADD360B5AF
      SHA1:6286196F7E7C63565B4876BCDE92276FB8E30D50
      SHA-256:4527C0919AEE7477504A61CA97802A72BFB83D0A59B2B92EEFE897115544AFEE
      SHA-512:710A8E9602A70195B6AE3F4CCB6D607B77BEE9E495CB74C6036890A75F0F9D64A2B2FF3F98AD12C3A013ACCF3DB9A80CE3CF8B80AEB18EA6D1337F5862DF3767
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X.....................................................................................a..!1AQ.q....."2RS..Bb.....#3C..r..T.c...$D.........................!1Q...Aaq.2.."..B...R............?.........e.**.QV."..-G".J.E..3...B..r5E.0..f-%..(Fb.Z3....(3..Ux...;H..bR...aA.Pf....d..-Gs.....m.-%.0.3.U.{...".1(3...0..(3...".Z3..j...aA.P..H...,.,.,.,.[MAkf%-.0...%-...J-d."*.>d..D.I.V".*B.R. ........*.EjT...H.eKQ...T...L..ZKW1i-G2.Z..i-\.-%...Ij.b.31Iff(.3`h.'.a-.]Q.T.-............%.i6f.7.i..\..fb.Jm.....EY:.S..`..f..Qj.....*.>..Z....3.Y..,......h.9...f...`..Z3.)-.AE...E....tV.-.ffZ.h.X....'...H.....2*.|.Y:.I.j...Ab........e.l...i.......L.7".[7".6....L..ZKQ...6..&.-\..KQ...Z3.Z-........".Q\]ImSD..eL..........4...-...m5.;3w...Z..-%...Z.EYS.H.f.R..E...Y..E...X..(...E.6U..i-....f.Qi.)m5

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\powderblue\head\min-background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x100, components 3
      Category:dropped
      Size (bytes):10100
      Entropy (8bit):7.929839738384038
      Encrypted:false
      SSDEEP:
      MD5:22B22105439248DB1CBDFEA01FFBB5B3
      SHA1:D3ED967E71D38F19628FC2C45999DEA5C7CA1C18
      SHA-256:D6FE5541035A676C04A77531210F4182DDF5873A491F03DD602CA67805858160
      SHA-512:C75042064ED314E825ED5C70AEAA2A554D631B8B044319AEB4BD23C79BCED9E5D0C024685A0C55E173F158464BAAAC09545DBC955A831AE8F271509960915F84
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d.................................................................................................................................................d.X.....................................................................................!1a...AQ.q.."2..BR..b#S..3C..r.$...c4d%.......................1.!AQa.2."q.B...#...r.............?.....U...$.A$..%PI*.IT.J..U...$(he.D.@..`..d.h.BHP.B.*.IT.L. h....U.$....H...W1..U.;.ft.}m.9...wlPP..P1P.....*c.A$@D..rR...P... (..j.$`T...$.A$..+2.`..`.....$Z.$.B....d.!...U.!..IT.J..U...$5H.6e Hj..U...$.A$..%PI*.IT.J..U...$.A$..%PI]V.rJ..U...$.A$..%PI*.CiB.....IT.J..gV......4E..RU.$...`.M.2A4..I.PI.(P.@Q&.6X.wr.x.*.e.$b.s$......`....<s.X3..^m.kHm@...8H.,...(kA.T..`Q....,..Y%P..u.4m0.(.rJ..AT$...#..i4R...p=6.M...ZJ.I.PHs$..e ...$5P...$.A#fH...$5B.*.IT.J..U...Y&e H..$..%PI*.IT.J..U...$.A$..%PHj.AT.sY......r....:.5.F.U....mA... h..... h.H..T.#..T6.j.d.A .. ...d..}..N).t.P.j.jIT,...R....V.....M

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\powderblue\nohead\background.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x480, components 3
      Category:dropped
      Size (bytes):13373
      Entropy (8bit):7.016430395044649
      Encrypted:false
      SSDEEP:
      MD5:720D00924A480C3F9A7378AB67D0C690
      SHA1:E17BFA3093CFE5FE6D25742792B3F58E6D396544
      SHA-256:D3030D9A5F07BC769F2B013EB10660F6FA0BCEA8BCA76592D873FC545ABFF47D
      SHA-512:99654D0111B2C06DA8E2D3BEB632FBBD4FD859F323F6F5D0CF3453F9D4E0505E93380434B659A117C54D34AA88D1B820F493C7089929A8F687492A1BF50B9528
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......P......Adobe.d...................................................................................................................................................X......................................................................................!1.AQa...q.2..."R.Bb#3S...Cr....c..$T.......................1.!AQ2..aq."B....R............?.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\powderblue\progressbar-bg.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 1 x 22, 8-bit/color RGB, non-interlaced
      Category:dropped
      Size (bytes):135
      Entropy (8bit):5.659605874588235
      Encrypted:false
      SSDEEP:
      MD5:5C12145FBBBDC4558093CE5B438B0E65
      SHA1:1B36EBD1473C2ACC7C50AFC8FEC98D1AF515B0BD
      SHA-256:D7C1EB78317352D657387245A079F520E87B8CAD57AAE4696A744A216915A917
      SHA-512:063755CD1EAB3240E38BD22CD298B4155E0FD4938A75F904F77844A7418A72588757D4B21014DB028E2330C3255C4C34142843F6A567803CED2DF56EFCA408BB
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...............a.....tEXtSoftware.Adobe ImageReadyq.e<...)IDATx.b...?./_..}.....O.?..0.....$N...0.2iAe..wv....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\variations\powderblue\style.css

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:ASCII text
      Category:dropped
      Size (bytes):217
      Entropy (8bit):4.820187094125549
      Encrypted:false
      SSDEEP:
      MD5:1AED393B00B94B801FACCC79587422CA
      SHA1:07DCAD0EC16135EDC78F1758474520486C65A1FC
      SHA-256:75012CEDA78D2020DE4D9CF5F0DF7E43E77429D64ED858DCB62AA89F3AF7481B
      SHA-512:AA788E12A4587888A596D35CB0C8127D527C222AF0FD5B7129FF4885837B67B5B03DEEFF466F2714605C48CE3548B168A33992E8D07236240AB7E54F7EC07FA2
      Malicious:false
      Reputation:low
      Preview:.#advinst-text, #advinst-text-shadow.{. position: absolute;. right: 10px;. top: 10px;. font: bold 11px 'Segoe UI', 'Trebuchet MS', Arial;. color: #64b3db;.}..#advinst-text-shadow.{. top: 11px;. color: white;.}.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\resources\whitebackground.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 400x300, components 3
      Category:dropped
      Size (bytes):1728
      Entropy (8bit):0.9300953826985205
      Encrypted:false
      SSDEEP:
      MD5:EB93C0ABAE8A7DE7AE6DC3755B12C802
      SHA1:5E288B9AD93663887681F577B8129DCD9B988062
      SHA-256:EDA260871BBA09273B71A165DC8B4F254B186046AB383722DC2D8803FA698725
      SHA-512:6B1A9C98A16DC19D417FE7B6DB6B4698036CACB6570816B063341F489B56CDC54769C07337488AA68FA8D9B39FDCCF04C7DFB4C8EBE536ACDF3FA7DE1464BC85
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................,...............K.....................................................................................?..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\spring\spring.ini

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Generic INItialization configuration [InitialDialogs]
      Category:dropped
      Size (bytes):7070
      Entropy (8bit):5.416880819971998
      Encrypted:false
      SSDEEP:
      MD5:F42D474A232B5B4FC3E2F41343249CDB
      SHA1:6625F3B252C7FDA8DA3F871FBCE6633052689540
      SHA-256:EB8D21831FF0FC6463AEFA45484EB828E93AC9DF61DC660CA960FA7D415ACD10
      SHA-512:581E3BE69E4EAE152EDE5081F005C6EEFAE0790B0BA90D9F1CCC4D8D18B93D9940EC76AD29169BA8A76130540043361C691C6DB716848409A7E9E7D251B81EEB
      Malicious:false
      Reputation:low
      Preview:[Settings]..DisplayName = Spring..UseEnhancedUI = true..WatermarkSize = 486x442..BannerSize = 657x559..Highlight = 4px dotted #FF7070..VerifyRemoveDlgCheckboxBBox = 45 90 320 11....[InitialDialogs]..DLGIT_INSTALL = WelcomeDlg SetupTypeDlg FolderDlg VerifyReadyDlg..DLGIT_MAINTENANCE = MaintenanceWelcomeDlg MaintenanceTypeDlg CustomizeDlg VerifyReadyDlg..DLGIT_PATCH = PatchWelcomeDlg VerifyReadyDlg..DLGIT_RESUME = ResumeDlg ....[AddDialogs]..; Values: DLGIT_INSTALL, DLGIT_MAINTENANCE, DLGIT_PATCH, DLGIT_RESUME, DLGIT_ALL_TYPES..WelcomeDlg = DLGIT_INSTALL..VerifyReadyDlg = DLGIT_INSTALL | DLGIT_MAINTENANCE | DLGIT_PATCH..MaintenanceWelcomeDlg = DLGIT_MAINTENANCE..VerifyRemoveDlg = DLGIT_MAINTENANCE..VerifyRepairDlg = DLGIT_MAINTENANCE..FolderDlg = DLGIT_INSTALL..SetupTypeDlg = DLGIT_INSTALL..LicenseAgreementDlg = DLGIT_ALL_TYPES..ReadmeDlg = DLGIT_ALL_TYPES..ExtRegDlg = DLGIT_INSTALL | DLGIT_MAINTENANCE..UpgradeDlg = DLGIT_INSTALL..ShortcutsDlg = DLGIT_INSTALL..StartMenuShortcutsDlg = DLG

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\AdminRegistrationDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3730
      Entropy (8bit):5.237647398973943
      Encrypted:false
      SSDEEP:
      MD5:9AE8E076E09DF04B8BB0F0574C202299
      SHA1:E0EAC0BF20F592FFEC16573CCABAC9F37C96026D
      SHA-256:5B7CF26D96A07EEBAE6EBEC4340F9B8F53A8E4EBF593D731464C191407EC5D3A
      SHA-512:D80D452D1EC2C175DB92466B4E34F6FC7CE191C779434E5C3D2457584264637320A769912D19B68367E7204A500D919F2133D1C47350AB6D8BB25FD157B8F6AC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="AdminRegistrationDlg" Control="Cancel" TextStyle="[MetroButtonText]" Type="ImageButton" Text="[metrobuttonimage]" ExtType="ImageButton" X="17" Y="0" Width="0" Height="0" Attributes="2" ExtData="[ButtonText_Cancel]" Order="-1"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="OrganizationLabel" Type="Text" X="17" Y="139" Width="312" Height="48" Attributes="65539" Order="200" TextLocId="Control.Text.AdminRegistrationDlg#OrganizationLabel"/>.. <ROW Dialog_="AdminRegistrationDlg" Control="OrganizationEdit" Type="Edit" X="17" Y="188" Width="312" Height="18" Attributes="3" Property="COMPANYNAME" Order="300" TextLocId="Control.Text.AdminRegistrationDlg#O

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\BrowseIISWebsitesDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2995
      Entropy (8bit):5.294853880216941
      Encrypted:false
      SSDEEP:
      MD5:217EFD1AAA5810A070A3CDE9FE29614D
      SHA1:FF7F715F0FBDC0C82C3360D6C6E0249DAB903C68
      SHA-256:C88F968A2FBE409EA8249C9F6DC5ACC797814D9B6A645B510CF6B54C570762C5
      SHA-512:7A00F4559A62AAFADB198047A325D1C3D9E0EBE828EF598DBAC4900EF4254708F7B37FD7DA9867D26D67066B7D9E7C9C7C355FF3A277BD977AEBC46E0F38311A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Cancel" Type="ImageButton" X="306" Y="277" Width="0" Height="0" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="100" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="WebsitesList" Type="CheckList" X="17" Y="139" Width="312" Height="210" Attributes="1048579" Property="IISBrowseListBox" Order="300" TextLocId="Control.Text.BrowseIISWebsitesDlg#WebsitesList" ExtType="CheckList"/>.. <ROW Dialog_="BrowseIISWebsitesDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" A

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\ClientServerDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5847
      Entropy (8bit):5.2663866273349695
      Encrypted:false
      SSDEEP:
      MD5:5A845E659FB2287B0BCA012FA9FCEA88
      SHA1:EA122A4B35C29051A0348D50BA53B790E47E39D5
      SHA-256:1C4B5EF3B3AF655C585A8855FC180C2D6A89158F41CFB5F7D5DE3704107AFD84
      SHA-512:D277F00A6FA9C8153A88DB79B64D95679F9985C5200EF967C8F6324C936650F531465FB764CA8B5956B465C681C0846751DF03C7CAC39D829F9FF0409EF519C3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ClientIcon" Value="clientic" Type="1"/>.. <ROW Property="ClientServerIcon" Value="clientserveric" Type="1"/>.. <ROW Property="ServerIcon" Value="serveric" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="clientic" SourcePath="&lt;AI_THEMES&gt;common-res\images\client.ico"/>.. <ROW Name="clientserveric" SourcePath="&lt;AI_THEMES&gt;common-res\images\client_server.ico"/>.. <ROW Name="serveric" SourcePath="&lt;AI_THEMES&gt;common-res\images\server.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ClientServerDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="50

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\ConfigureDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2708
      Entropy (8bit):5.301976548592797
      Encrypted:false
      SSDEEP:
      MD5:AD74913404DC5A343CBAC46A110902B5
      SHA1:777FDBA21AAD262B320B4B6409B4F6378F953F2F
      SHA-256:FA27A0C791F81C620C1A06D6535298F1F3151FFC5212A0894AB84BB8AA1B0479
      SHA-512:411BEC0FC8395A22F5A867C2B5E8D6C4326C7D0F541D664A04E8E23155E8CA97082C42D986001EF21245D3B4FF043C29F2446D475CACC3B99DC6941780E03D6A
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ConfigureDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="50" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="ConfigureDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="ConfigureDlg" Control="Tab" Type="TabHost" X="17" Y="105" Width="312" Height="245" Attributes="1" Property="TABHOST_1_PROP" Text="TabHost" Order="300" ExtType="TabHost"/>.. <ROW Dialog_="ConfigureDlg" Control="Back" Text="[BackButton]" Type="ImageButton" ExtType="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="3" Order="400" TextStyle="[MetroButtonText]" ExtData="[ButtonTex

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\CustomizePage.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1734
      Entropy (8bit):5.302508285510751
      Encrypted:false
      SSDEEP:
      MD5:ED7197A07E45C3F3593271BCEFD76483
      SHA1:E101F6E1D74F245684B675A4E655524655C5A9C8
      SHA-256:B49B30D64A205B0B5A280EADE7C5396538F366E6E1CE54A1DD3581EF0DAF2C5E
      SHA-512:F9DCFF656E80244C02CA5AD646EB275A3F8389E6D1F364304165A0716410B9E2B67039F493D0FA8E9A6F827247371A2D08107E87774231C05B83A7DD35DF07B1
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="CustomizePage" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="309" Height="222" Attributes="1" Text="[BackgroundSurface]" Order="100"/>.. <ROW Dialog_="CustomizePage" Control="Description" Type="Text" X="15" Y="15" Width="278" Height="12" Attributes="196611" Order="200" TextLocId="Control.Text.CustomizeDlg#FeatsShortDescription"/>.. <ROW Dialog_="CustomizePage" Control="Tree" Type="QuickSelectionTree" X="15" Y="37" Width="278" Height="170" Attributes="7" Property="_BrowseProperty" Order="300" TextLocId="Control.Text.CustomizeDlg#Tree" ExtType="QuickSelectionTree"/>.. <ROW Dialog_="CustomizePage" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="" Order="400" TextLocId="-"/>.. <ROW Dialog_="CustomizePage" Control="AdvInst" Type="Text" X="5" Y="388" Width=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\ExtRegDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3097
      Entropy (8bit):5.292090197244915
      Encrypted:false
      SSDEEP:
      MD5:4CE8AE89AE07F220308C64080A33045D
      SHA1:BA1181AB2B0D06AAFC38B6FD1A271A794FC88323
      SHA-256:8E7968DF6901D16A319DB56BE08B5F9BFC07571AC539BA37F97A5C2DB6332364
      SHA-512:F55548AF617020D661D4BE0B77EE8DCD0A6D8B0A0D22BBB4170395F9F59E55DF066CDF73A33D1C62D9D7EF8104CEE6742D037FF663A90F0FAFF75C388AF05047
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ExtRegDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="50" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="ExtRegDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="ExtRegDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="300" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="ExtRegDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="3" Text="[BackBut

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\FileAssociationsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2916
      Entropy (8bit):5.256118701429433
      Encrypted:false
      SSDEEP:
      MD5:93B01DAB833A9A52DD15F7D88AF20494
      SHA1:D16686FA2AD25F7DEB8EC6EF0E27D6BDB291468C
      SHA-256:56B265F6D8044EE91AD1889482A10684816DC614D82A8D00A600FC38A56D4E6C
      SHA-512:D88BD2B990FE2149881A2E87F5777ACF36071F8C8A6F72DFB3E7E5062CFA201694E2CB921851A681B2B82824E2E2A0734797E3A0DB41DFF51A675FA2C32E7E58
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FileAssociationsDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="50" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="3" Text="[BackButton]" Order="300" TextStyle="[MetroButtonText]" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataLocId="-"/>.. <ROW Dialog_="FileAssociationsDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\FolderDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (306), with CRLF line terminators
      Category:dropped
      Size (bytes):4962
      Entropy (8bit):5.294645114156659
      Encrypted:false
      SSDEEP:
      MD5:82F37F352C0C5728C2E713F24CB5ABAE
      SHA1:7F39507AAA04AA01649763F466980D638DAA2524
      SHA-256:5B3AC1DCB9C2B82001BF18811FC4A8D24F6C2104CA6B5D13E2A98517F5A82AB0
      SHA-512:DACBF38815339966B0C37475E24259D9320F309341225F50BFD8621F2B9AF75C89B6F7B1CEBFEE6BACE70BCE156CC2C4040B2C305DE8C6B9E66A8F9AB2DCDB2D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FolderDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="FolderDlg" Control="CompanyText" Type="Text" X="83" Y="16" Width="191" Height="12" Attributes="196611" TextStyle="[ManufacturerFont]" Order="200" TextLocId="Metro.Control.Text.Manufacturer"/>.. <ROW Dialog_="FolderDlg" Control="ProductLogo" Type="Bitmap" X="17" Y="5" Width="59" Height="63" Attributes="1" Text="[AppLogoIcon]" Order="300"/>.. <ROW Dialog_="FolderDlg" Control="ProductNameTitle" Type="Text" X="83" Y="21" Width="245" Height="50" Attributes="196611" TextStyle="[ProductNameForSplash]" Order="400" TextLocId="Metro.Control.Text.ProductName"/>.. <ROW Dialog_="FolderDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\FolderPage.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (306), with CRLF line terminators
      Category:dropped
      Size (bytes):3653
      Entropy (8bit):5.3144121836674225
      Encrypted:false
      SSDEEP:
      MD5:28814B51FA2FC50DC62DC2782AD0117A
      SHA1:F718F783EB96FB475B52D419BB356686CD150513
      SHA-256:EE3E170150C422886256718BD57302B3181B9B8C5B7545E060149C3D53AF8234
      SHA-512:7D2F42939607FCB38F8C9F13A381DC0D97A658045D6DA85FACF48BA542B04D5171F6FA33C524AE1873DD512221E857D7ACB20DAA255E5E1506FC72D4F7B687F5
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="FolderPage" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="309" Height="222" Attributes="1" Text="[BackgroundSurface]" Order="100"/>.. <ROW Dialog_="FolderPage" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="" Order="200" TextLocId="-"/>.. <ROW Dialog_="FolderPage" Control="FolderEdit" Type="PathEdit" X="15" Y="52" Width="254" Height="20" Attributes="7" Property="APPDIR" Help="|" Order="300" HelpLocId="Control.Help.FolderDlg#FolderEdit"/>.. <ROW Dialog_="FolderPage" Control="Text" Type="Text" X="15" Y="15" Width="278" Height="30" Attributes="196611" Order="400" TextLocId="Control.Text.FolderDlg#TextNoNext"/>.. <ROW Dialog_="FolderPage" Control="TotalSpaceText" Type="Text" X="144" Y="81" Width="46" Height="15" Attributes="589827" Property="PrimaryVolum

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\InstallDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):6545
      Entropy (8bit):5.272608459082356
      Encrypted:false
      SSDEEP:
      MD5:46C48CF877D4C5E6CE65EA423E5BCFEB
      SHA1:B330AD082F52F61768DA88488E15C8909FBBCD71
      SHA-256:ECE200CCB13D3E11402C1564B303DCBF020EE81F03458A20B0ED1BF672C55F2E
      SHA-512:DD7053EB0B0CB859F63AE2B3BDAFEF27983C68C26B4F5F7CAA570A386488B442898155045CF8B82DF6BB2B1A3F368DA886D7D89888AA3793D3468057E9408B67
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.4" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="InstallDlg" Control="InstallDlgDialogInitializer" Type="DialogInitializer" X="0" Y="0" Width="0" Height="0" Attributes="0" Order="-1"/>.. <ROW Dialog_="InstallDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="InstallDlg" Control="Back" Type="ImageButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Text="[BackButton]" Order="200" HelpLocId="Air.Control.Help#Back" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataLocId="-"/>.. <ROW Dialog_="InstallDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="300" Options="1" ExtType="ImageButton" ExtDataLocId="-" ExtData="[Butto

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\InstallTypeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4093
      Entropy (8bit):5.302375304348919
      Encrypted:false
      SSDEEP:
      MD5:D9DAD287FAC5183054380CF62A8FF0D8
      SHA1:C3510AA998EE4EBB5D6A76B6040F50DB0A21F946
      SHA-256:11BC200BD81A4A749FF7CA3C8741309B5D25C09CF9C83FF4D0ACF206028B970E
      SHA-512:D6909925279809D9788E4A4B3B8F86F9D9CAF4A447FC297F6F61394920E2B348F27687ABCD0530E2344FD6C523F470C77532D7358AC8B66384F474CD059A5058
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_InstallPerUser" Value="1" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="InstallTypeDlg" Control="InstallTypeDlgDialogInitializer" Type="DialogInitializer" X="0" Y="0" Width="0" Height="0" Attributes="0" Order="-1"/>.. <ROW Dialog_="InstallTypeDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="50" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/> .. <ROW Dialog_="InstallTypeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="InstallTypeDlg" Control="Back" TextStyle="[MetroButtonText]" Typ

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\LanguageDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2912
      Entropy (8bit):5.366404671248219
      Encrypted:false
      SSDEEP:
      MD5:AC3827B600E7A7B7326BB17D402818AC
      SHA1:70085C9BB6B87F526AA7042AE408B47BD397DCF6
      SHA-256:96C2187FB7D7AC9134C34E8F52FF46DB6AF27805BCF56F5EA4C3B038854B8C6A
      SHA-512:562AA903DDFF4E8CD98D6ED007FA3C93885B8A3BF184969F0FA86BC851E0E52B60BC5AEFBA77B216338ECA9E424980F6CE5C601D75DA3CCB6E7999BA59C8E471
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent">.. <ROW Action="LanguageDlg" Sequence="75" Condition="AI_BOOTSTRAPPER AND (NOT AI_SKIPBOOTSTRAPPERLANG) AND (NOT Installed)" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_BOOTSTRAPPERLANG" Type="4" ValueLocId="Property.AI_BOOTSTRAPPERLANG"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LanguageDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="ImageButton" Order="100" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="LanguageDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dia

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\LicenseAgreementDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4271
      Entropy (8bit):5.212587332766305
      Encrypted:false
      SSDEEP:
      MD5:4F2CDF59678B96AEC0B5329FF8F368BB
      SHA1:A870E8566BB0649B89DB1B8F3157687DEAD17E6B
      SHA-256:AD1C10D7E210FD256234C784FC9203E2B91FFAC63E9640D746E60CE96B7804AC
      SHA-512:6C4760B268A87BD3DC4AAB94CCBAD5C2DFDD7B3A042234BF9076B09E5F11A988C7A74994B4D8627EA951127D0C7D131F55870CC9A687ED147624299898E6FD22
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.4" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LicenseAgreementDlg" Control="LicenseAgreementDlgDialogInitializer" Type="DialogInitializer" X="0" Y="0" Width="0" Height="0" Attributes="0" Order="-1"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="200" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Accept]" ExtDataLocId="-"/>.. <ROW Dialog_="LicenseAgreementDlg" Control="AgreeInstall" Type="ImageButton" X="219" Y="359" Width="110" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="300" E

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\LogonInformationDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4005
      Entropy (8bit):5.267950662881543
      Encrypted:false
      SSDEEP:
      MD5:844C548C9CA2A42129A238E4B4ED9D87
      SHA1:7595E673D3A18260FC6FB84E57D8FD6116C02C81
      SHA-256:162A7B73E5ADC8172771F6F34D050CD9D6E59B1E1BA6CB314B777080B23075F0
      SHA-512:4DCF00DA88F08E765240F74E15D5091ECF896D960A042DEAA943077C6B9A15B5C79A64824C87D88CEE4730BF11D54619421B0AAA2DE9962A800663E83DB3542C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="LogonInformationDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="50" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="LogonInformationDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="LogonInformationDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="3" Text="[BackButton]" Order="300" TextStyle="[MetroButtonText]" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataLocId="-"/>.. <ROW Dialog_="LogonInformationDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\MaintenanceTypeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (350), with CRLF line terminators
      Category:dropped
      Size (bytes):12347
      Entropy (8bit):5.2777684941916005
      Encrypted:false
      SSDEEP:
      MD5:7DEAD7C8A6D0D84F2FFEA7D70C6C057E
      SHA1:1A8B2EFAF76A8A5AF3D82EB9C1FFFF54C3EA95C0
      SHA-256:4AAC827DC3D1693EDA70D016CF9B9F92DFBB88F17E096D3DB86948EE8981FC9C
      SHA-512:DC5070036F26B19752C1E1FFE75F9E69C4947D998E5047A75B924D6338AB0BDBB0A09233474A866F3FF0DBEC0EA62D7923635C9CE5F9943BCD9C7B8AFB7F411C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.4" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MaintenanceTypeDlg" Control="Cancel" Type="ImageButton" X="1" Y="389" Width="11" Height="11" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="100" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="Back" Type="ImageButton" X="0" Y="2" Width="11" Height="11" Attributes="2" Text="[BackButton]" Order="200" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataLocId="-"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="RemoveButton" Type="PushButton" X="40" Y="249" Width="38" Height="38" Attributes="5767170" Text="[RemoveIcon]" Order="300"/>.. <ROW Dialog_="MaintenanceTypeDlg" Control="RepairText" Type="Text" X="91" Y="210" Width="230" Height="23" Attributes="65538"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\MaintenanceWelcomeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2251
      Entropy (8bit):5.236827843474683
      Encrypted:false
      SSDEEP:
      MD5:0FAD2516602581195257E932A8B8D805
      SHA1:2B899E7C5D569B680DFC1A5C1B82826B1C9786F2
      SHA-256:1DF67DC03ADE5C3B71EEBEFCCDC7F46AD018DCF413DE904045BF699F46DEB783
      SHA-512:6DBF10083451CCD30F636F5D9A5CBE5DC32AE78865229EF0F1DC6DCAC73F1370FBEC96E75FB237D45901E0E529C089AE942BD07B7C5C2C92E860C7340918DC00
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.4" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Cancel" Type="ImageButton" X="0" Y="0" Width="1" Height="1" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="100" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="3" Text="[BackButton]" Order="300" TextStyle="[MetroButtonText]" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="MaintenanceWelcomeDlg" Control="Description" Type="Text" X="17" Y="139" Width="308" Heig

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\MinProgressDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2534
      Entropy (8bit):5.26988241423721
      Encrypted:false
      SSDEEP:
      MD5:6DF68A0B8925ABFAD31CED0E607E0509
      SHA1:B82BAD6002715DDEE8AF1C7994E86488E2F2B714
      SHA-256:DCC39C55B0A4888F62D77135063C1D43CCDCC29344218D9079034AB6D3C43BEA
      SHA-512:55CA4C0379ABF3FE37A1D79294C376DD118EB82BA08CF31BC9BB07A9BE7CCD5D215DC1647C5FC9D6244523A41DE719BA8FE7F556F4E41F06D68048C3B7C80709
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MinProgressDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="370" Height="120" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="MinProgressDlg" Control="Cancel" Type="ImageButton" X="266" Y="78" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="200" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="MinProgressDlg" Control="Back" Type="ImageButton" X="25" Y="78" Width="78" Height="28" Attributes="0" Text="[BackButton]" Order="300" TextStyle="[MetroButtonText]" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataLocId="-"/>.. <ROW Dialog_="MinProgressDlg" Control="Next" Type="ImageButton" X="179" Y="78" Width="78" Height="28" Attributes="0" Tex

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\MultipleInstancesDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):7202
      Entropy (8bit):5.3938843809728025
      Encrypted:false
      SSDEEP:
      MD5:3E35133B429CCF86FDB69F0D24A11CA1
      SHA1:3E77580FA2C6325A44909E288DD5DD4AAFE7989A
      SHA-256:94252857DD4DEB96FC4320435FA52F07D03FABFC52D10AB0A1652487703A6E3E
      SHA-512:00577C139203F7BE9721154AB89EBA277B03E731185FB03C31AF919BB1DDE3383658B957858C0FF3D623C3A6923F38B1C198C5E280BCD5484CE2F07E4801ECBE
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="MultipleInstancesDlg" Sequence="450" Condition="AI_BOOTSTRAPPER AND AI_EXIST_INSTANCES" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="INST_RADIOBUTTONGROUP_PROP" Type="4" ValueLocId="Property.INST_RADIOBUTTONGROUP_PROP"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCheckBoxComponent">.. <ROW Property="INSTNAME_CHECKBOX_PROP" Value="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="MultipleInstancesDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="ImageButton" Order="100" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\OptionalFeatsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4098
      Entropy (8bit):5.295470042853081
      Encrypted:false
      SSDEEP:
      MD5:B6ECEBED5C657BFBD7797702162E5700
      SHA1:D167191DCE11181AEECD5C53888D3CBC852369F1
      SHA-256:D162853C8D3C8605EB30526DFFC40DB93A41A36C7AAC5890491DDF16371BB0A0
      SHA-512:000DA3424B46167AADBD6A2CF8FB759067940F19E92522A4F2D16ABE8821AF55701BE7D4DF85BBDB01787A2EFACA45A77E700779B865EF52A6EF1DE7832829B3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="OptionalFeatsDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="100" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="300" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="OptionalFeatsDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="78" Height="28"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\PreparePrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2826
      Entropy (8bit):5.309241534827498
      Encrypted:false
      SSDEEP:
      MD5:442738AA60624635535E1EEA8EC34DDD
      SHA1:6DAF44922ADE9E9B7F26CEF7F1F49259629B5FDA
      SHA-256:140395633FE770B48A076DB04EE5B0BEC0787AD08807FFF7436F1B2EFD04A14D
      SHA-512:A6637187420F64D4F05C8A4C93023DB4CAFAB644D3F6A29BAFEF50513662A3A8AA197371840DB59818D5BBAF4FD132F008FC3402EF5FFEC4922B2F04CC78AFDF
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="PreparePrereqDlg" Sequence="150" Condition="AI_BOOTSTRAPPER" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent"> .. <ROW Name="PreparePrereqDlgProgress.gif" SourcePath="&lt;AI_THEME_VAR&gt;PreparePrereqDlgProgress.gif"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="PreparePrereqDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="ImageButton" Order="100" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="PreparePrereqDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[BackgroundPrepare]" Order="200"/>.. <ROW Dialog_="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\PrerequisitesDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2784
      Entropy (8bit):5.256861680144617
      Encrypted:false
      SSDEEP:
      MD5:0A4C600CF55EA52669B706D922FA186E
      SHA1:B0C150383A6E5691FE5D823A170037A09E6536D5
      SHA-256:20BA607DBB338A9EED4D335A29F2BCEB81051DDCC8BEBB3F673D7F75A978D0FF
      SHA-512:CBEF89D6EAA368E391ACF34AD63C99C1A2D829234A97CE9393E8279007ED885EE74BFF7C9F8874A0AD0D8D5ED062EE06BE737F6D363ADA68E618654AFBD85D3E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="PrerequisitesDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="50" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Back" TextStyle="[MetroButtonText]" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="3" Text="[BackButton]" Order="300" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataLocId="-"/>.. <ROW Dialog_="PrerequisitesDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attribut

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\ProgressPrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):3652
      Entropy (8bit):5.3075822697898
      Encrypted:false
      SSDEEP:
      MD5:5D071229A2A3B8E306292762E13A52F3
      SHA1:4D7D331367E1964601BF12501B55D2E01408B68F
      SHA-256:109CDC022CAA40E5A6C20DA6DB6CE22EE97756C509CDBFFD7BFB12CF328F41F1
      SHA-512:90C1F1D30926C77D4734DE1B382C6BAE2CADD86487448EDB416839D1D0A60BFFDA9AFE0049FEBF13C580A32CD8330C87CEBED422497CFC7805F89C99A6738107
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent">.. <ROW Action="ProgressPrereqDlg" Sequence="300" Condition="AI_BOOTSTRAPPER AND AI_MISSING_PREREQS" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="PrereqProgressImage.png" SourcePath="&lt;AI_THEME_VAR&gt;PrereqProgressImage.png"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ProgressPrereqDlg" Control="Cancel" Type="PushButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="ImageButton" Order="100" Options="1"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="ProgressPrereqDlg" Control="Next" Type="ImageButton" X="251" Y="359"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\ReadmeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2794
      Entropy (8bit):5.258216479767539
      Encrypted:false
      SSDEEP:
      MD5:FDE5EA955E662652083E706FC0682776
      SHA1:59D27EA2A255D463980CC986BF68ADB17C408E71
      SHA-256:4B5719074BEBC14CAB5AA62FD34BDFE3F59ADFBD6F6555655ADEEAFF86055BA7
      SHA-512:8144E50413CD85422C4DE01DEB5C03AA42D2621681310A315E45A6DE0AC2D06BCCA375DF9A60ECBDE919D726F3C8001E05D417CD11D04B96DC89E8982BF81562
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ReadmeDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="50" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="ReadmeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/> .. <ROW Dialog_="ReadmeDlg" Control="ReadmeText" Type="ScrollableText" X="17" Y="139" Width="312" Height="210" Attributes="7" Order="300" TextLocId="Control.Text.ReadmeDlg#ReadmeText"/>.. <ROW Dialog_="ReadmeDlg" Control="Back" TextStyle="[MetroButtonText]" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="3" Text="[BackButton]" Order="400" Options="1" ExtType="ImageBu

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\SQLConnectionDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5231
      Entropy (8bit):5.281091386707983
      Encrypted:false
      SSDEEP:
      MD5:057E77DB0AFD1BE1C4EC602D8AFF0C93
      SHA1:0F44437CE8780DEAFB54432D8EA85254CF7A492C
      SHA-256:B940810E7E2CAED7DE9C6DCC45FB96FB2BFAA16BE194BCE5AA6C94FC87FDD3B9
      SHA-512:07A92A058ACC22C736FBA94438EAA84E0511900BDAF962EC3108D9F4387922DFF5D9C994BCA6C20DFA604D738DC4530319DFBFAF4B29AF8DCC0130240BFDD2DB
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SQLConnectionDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="SQLConnectionDlg" Control="OdbcResourceEdit" Type="Edit" X="95" Y="134" Width="234" Height="18" Attributes="3" Property="ODBC_RES_PROP" Order="200" TextLocId="Control.Text.SQLConnectionDlg#OdbcResourceEdit"/>.. <ROW Dialog_="SQLConnectionDlg" Control="ServerEdit" Type="Edit" X="95" Y="161" Width="234" Height="18" Attributes="3" Property="SERVER_PROP" Order="300" TextLocId="Control.Text.SQLConnectionDlg#ServerEdit"/>.. <ROW Dialog_="SQLConnectionDlg" Control="PortEdit" Type="Edit" X="95" Y="188" Width="234" Height="18" Attributes="19" Property="PORT_PROP" Order="400" TextLocId="Control.Text.SQLConnectionDlg#PortEdit"/>.. <ROW Di

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\SQLServerConnectionDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (319), with CRLF line terminators
      Category:dropped
      Size (bytes):7507
      Entropy (8bit):5.352987857818929
      Encrypted:false
      SSDEEP:
      MD5:C6DDA8761019FD525CFAF7AF973D7588
      SHA1:F36364A20C7432ED4A6551A2D41E05532A11BEA7
      SHA-256:6A966EB3272D3C1DB885EC38B71944BA104D2577CEC61CF0698632976D0047B6
      SHA-512:67D158436BE33C3556FE425DF683B371C6B47F000029156A122B3AD81713E9F21B240FAFEBA04C112AD03E7ABA5080AE0E611088AE7AAEB7A17A44F23A52E02F
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="12.6" RootPath="." Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent"> .. <ROW Dialog_="SQLServerConnectionDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="200" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataLocId="-"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="300" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="SQLServerConnectionDlg" Control="Cancel" Type="ImageButton" X

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\SequenceDialogs.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1267
      Entropy (8bit):5.320040581240548
      Encrypted:false
      SSDEEP:
      MD5:1242EA8D81F3B87326F79D9C94FBF76D
      SHA1:8BD8A5ECE3512BC3C98EC5707C48C95ECE97C7B8
      SHA-256:8D2F07F37473D474A037CB9472B51816E758965E73D1BFEA4A20A0C6F89FBEB2
      SHA-512:BDFD4793BA4DC41D02FA111DE2EFCD46460F1C9EED8CEFE09FBAF38EA31E1FA743445C12E4A715FF8F3AEFE673212D51D3C06BF27FC34F000CC645CA0134A500
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.4" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiInstallUISequenceComponent">.. <ROW Action="WelcomeDlg" Condition="AI_INSTALL" Sequence="1230" SeqType="3"/>.. <ROW Action="MaintenanceTypeDlg" Condition="AI_MAINT" Sequence="1250" SeqType="3"/>.. <ROW Action="ExitDialog" Condition="NOT AiSkipExitDlg OR NOT AI_INSTALL" Sequence="-1" SeqType="3"/>.. <ROW Action="FatalError" Sequence="-3" SeqType="3"/>.. <ROW Action="PatchWelcomeDlg" Condition="AI_PATCH" Sequence="1260" SeqType="3"/>.. <ROW Action="PrepareDlg" Sequence="75" SeqType="3"/>.. <ROW Action="ProgressDlg" Sequence="1280" SeqType="3"/>.. <ROW Action="ResumeDlg" Condition="AI_RESUME" Sequence="1240" SeqType="3"/>.. <ROW Action="UserExit" Condition="NOT AiSkipUserExit" Sequence="-2" SeqType="3"/>.. <ROW Action="AI_SetControlStyle" Condition="AI_NO_BORDER_NORMAL AND AI_CONTROL_VISUAL_STYLE_F

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\SetupTypeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4025
      Entropy (8bit):5.269565097882671
      Encrypted:false
      SSDEEP:
      MD5:0765E19C1973400D67374D5012AC56E3
      SHA1:83169E4D5F8C4E1487116948396E4EBB19CEF5C4
      SHA-256:4B0E4E9CB10040E50BA5386EB5EFB20C61BE2DAE2A069698FEF0BDC329EDADF6
      SHA-512:75FCD60E4C031757503E243D454FAFE4410627D2169A8BE55479EEE056775AF9F052837A59CE55532FEA79E58C2543FD0E371D35675311A91A7152CE58303EA1
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SetupTypeDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="50" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="SetupTypeDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="SetupTypeDlg" Control="ProductNameTitle" Type="Text" X="83" Y="21" Width="245" Height="50" Attributes="196611" TextStyle="[ProductNameForSplash]" Order="300" TextLocId="Metro.Control.Text.ProductName"/>.. <ROW Dialog_="SetupTypeDlg" Control="CompanyText" Type="Text" X="83" Y="16" Width="191" Height="12" Attributes="196611" TextStyle="[ManufacturerFont]" Order="400" Tex

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\SharePointLogDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2939
      Entropy (8bit):5.277893530979614
      Encrypted:false
      SSDEEP:
      MD5:44DE7A325C438BF4B154145E235DA533
      SHA1:7A5B1AEDA92782641143246F008333D71002156C
      SHA-256:A8783EC32017B5385BF4076D5D54FBA12007BE1015FE48ADE38ECD3D993AB274
      SHA-512:7B41651D5F336C8BF9B3343D49B01E27B513AD79B056E55B6B63477A141C182F269A586AC4DDC65187B647C5756FB2279098A08DAC209AFF8460C58C497B52A8
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="SharePointLogDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="SharePointLogDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="200" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="SharePointLogDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="300" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="SharePointLogDlg" Control="SharePointLog" Type="Edit" X="17" Y="139" Width="312" Height="2

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\ShortcutsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):5123
      Entropy (8bit):5.370742638004688
      Encrypted:false
      SSDEEP:
      MD5:083377D5DD8502A04D3962CB44AC2587
      SHA1:9F288ACF2BF68BBCF887959BCCB4A3C7AA6CBECD
      SHA-256:CAF5309B4F5F9A7B244C857F7EFB65B60E831F8C925FC6F545C2707E5E310B5F
      SHA-512:51075967853180C0E10B10F8DA4AC13538EFE67479D9AFB1352D7FFCA34247C687E024EFE9B0A11BCF9DA3FA0DB0713515B89DC1A09AB8B86D942B408D348641
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_DESKTOP_SH" Value="1" Type="4"/>.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTMENU_SH" Value="1" Type="4"/>.. <ROW Property="AI_STARTUP_SH" Value="1" Type="4"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiCheckBoxComponent">.. <ROW Property="AI_QUICKLAUNCH_SH" Value="1"/>.. <ROW Property="AI_STARTMENU_SH" Value="1"/>.. <ROW Property="AI_DESKTOP_SH" Value="1"/>.. <ROW Property="AI_STARTUP_SH" Value="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="ShortcutsDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="ShortcutsDlg" Control="Next" Type="ImageButton" X="251" Y="359"

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\StartMenuShortcutsDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4752
      Entropy (8bit):5.284715422687199
      Encrypted:false
      SSDEEP:
      MD5:7E5339ACB624EA7C1F6D9352FB3C1B33
      SHA1:DCDD935406D844B6BCF9BE61751D3C07FEFC48F4
      SHA-256:A5A92E25712B85AE7875E8069C47FC6C170110997E4DF3CA7C59A042276C4711
      SHA-512:62750BA37F8D4BD5ABC4EFACCE3905B43D315FF95F6F884E4CF6B10A1EF70E1E3CA9EE29ACA7D1A81EC9342F4D465220BC1912F61CD631B9F5B01AC73C9E5560
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiComboBoxComponent">.. <ROW Property="AI_SH_DIR" Order="1" Value="[ProductName]" TextLocId="[ProductName]"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="StartMenuShortcutsDlg" Control="ShDirDialogInit" Type="DialogInitializer" X="0" Y="0" Width="0" Height="0" Attributes="0" Order="-1"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="3" Text="[BackButton]" TextStyle="[MetroButtonText]" Order="200" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataLocId="-"/>.. <ROW Dialog_="StartMenuShortcutsDlg" Control="Next" Ty

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\TemplateChildDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1363
      Entropy (8bit):5.305922695037008
      Encrypted:false
      SSDEEP:
      MD5:C6EEA3093EAB5D5A55A8FDF602A46E29
      SHA1:A62A8781ADA99BCC48B7FE8AA08E5F2131EF36C3
      SHA-256:D6A4E6EE1E7E49B971899178E4183F6E077FF452821B818BC0C5D2F9F45ECAD9
      SHA-512:5ED1CD8DE169254C018C480B5322B8F78369C9D04B28CD607416F406E6127311BF37755C2B7371D0D594C1DCED89DBC170CB3AF5B2D5B8AE3D5C2F77C4E33A51
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateChildDlg" Control="Icon" Type="Icon" X="15" Y="30" Width="36" Height="36" Attributes="7340033" Text="[InfoIcon]" Order="100"/>.. <ROW Dialog_="TemplateChildDlg" Control="Text" Type="Text" X="60" Y="30" Width="230" Height="50" Attributes="196611" TextStyle="BlueText" Order="200" TextLocId="Control.Text.TemplateChildDlg#Text"/>.. <ROW Dialog_="TemplateChildDlg" Control="DefBut" Type="PushButton" X="0" Y="0" Width="0" Height="0" Attributes="2" Order="300" TextLocId="-"/>.. <ROW Dialog_="TemplateChildDlg" Control="AdvInst" Type="Text" X="5" Y="388" Width="74" Height="11" Attributes="196611" Text="Advanced Installer" TextStyle="[BrandingStyle]" Order="400"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlEventComponent">.. <ROW Dialog_="TemplateChildD

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\TemplateDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2622
      Entropy (8bit):5.250223747507324
      Encrypted:false
      SSDEEP:
      MD5:6BADC6EE08709D1DB5F1A2756749C8A7
      SHA1:6C37512357E039D1E51D1FC134E0D2B19151F0A0
      SHA-256:250215E68D9A59AC5BBEC5824C2212F6D7CD42452986F2939232B11681B11709
      SHA-512:46981ED03F83FBB6ECD7BEED0228C958F88A9D4EB4287D068384BFBD609849C135B3E3369A82004C4100400436C214795F88110DCEAE1A1FC9861E3490869F1B
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="100" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="TemplateDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="TemplateDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="300" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="TemplateDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="3" Text=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\TemplateSeqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2658
      Entropy (8bit):5.270834322538571
      Encrypted:false
      SSDEEP:
      MD5:204FA9F473BD726E81BAFAB86E8D023E
      SHA1:095F683A1E47AFBD0054583A0E88697FE9D9C6BD
      SHA-256:BEA56D4890033522390D739CC42F7029AB1EBBFC922E6EDFE3CC2A56AFFE73C6
      SHA-512:6FAEECE692C9E4AF1A3AF03F64AF2EB996202E26799C12833FE46197EAF4D2102869C85E270E5762D92C5750C46D808BF2708721AC9B71916583140821516F9E
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateSeqDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="100" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="300" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="TemplateSeqDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attribut

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\TemplateSpawnDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):1992
      Entropy (8bit):5.28095234396844
      Encrypted:false
      SSDEEP:
      MD5:DEAAF3BB8188C5AF8F3DFA0DC929C0A8
      SHA1:245B739A2CD77029CA87EF06DD367A1155697916
      SHA-256:7D067521E0C2B7D3FC520738E72A4A648EA856F71CFBC2C2E6146AD6040381ED
      SHA-512:8F899F46268C17E4C235154306CC9688E5195735C4CCB4277F242A1781C00A1398BDAF483FAE2E6B13BBBEE98C1B5DFB69C2200EB3C83D213C900FD5818D95FD
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TemplateSpawnDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="330" Height="120" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="Yes" Type="ImageButton" X="136" Y="71" Width="78" Height="28" Attributes="3" Text="[metrobuttonimage]" TextStyle="[MetroButtonText]" ExtDataLocId="[ButtonText_Yes]" Order="200" TextLocId="-"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="Text" Type="Text" X="68" Y="26" Width="230" Height="50" Attributes="196611" TextStyle="[SubTitleStyle]" Order="300" TextLocId="Control.Text.TemplateSpawnDlg#Text"/>.. <ROW Dialog_="TemplateSpawnDlg" Control="No" Type="ImageButton" X="224" Y="71" Width="78" Height="28" Attributes="3" Text="[metrobuttonimage]" TextStyle="[MetroButtonText]" ExtDataLocId="[ButtonText_No]" Orde

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\TomcatServerDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4422
      Entropy (8bit):5.2762098822062695
      Encrypted:false
      SSDEEP:
      MD5:A65E7C93A1CA434D9323501D60A1E309
      SHA1:2CA4AB00C3865A926183BCE9306519E5E6574B26
      SHA-256:5873C145603A2EACD54820B1FBABB5C099D4C266914906341BF56447B0C6BC25
      SHA-512:A428DB0FFD35BEA29BD86309699E54536197022F234A73BCB3BFAAEA7E9E0FBDCCC5871A072FAE4DEDB6388ABF309A8C09C85ADC241BB3F8FE587B5C4F67854D
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="TomcatServerDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/> .. <ROW Dialog_="TomcatServerDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="3" Text="[BackButton]" TextStyle="[MetroButtonText]" Order="200" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataLocId="-"/>.. <ROW Dialog_="TomcatServerDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="300" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="TomcatServerDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attribute

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\UI.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with very long lines (5571), with CRLF line terminators
      Category:dropped
      Size (bytes):87233
      Entropy (8bit):5.3882984190760155
      Encrypted:false
      SSDEEP:
      MD5:B211699638017876E1EEF5E35BB30B24
      SHA1:5C770DFDF74E658AFCC6DB2626142B34E4436666
      SHA-256:DA399F11D72F875DE76928F25C16FA93BC86408B38BC8B5541084C38B4E4A578
      SHA-512:2BB79AF0AE417B2143AB7936B99A8064461F77D5BB478009DA27C0283867108D365E4F9F6E34F8BFB5979482E8DE57D5E14726CAD8E3FECC87DC711599ACE4FC
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.4" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="ButtonText_Back" ValueLocId="Property.ButtonText_Back_No_Arrow" Options="65536"/>.. <ROW Property="ButtonText_Next" ValueLocId="Property.ButtonText_Next_No_Arrow" Options="65536"/>.. <ROW Property="AI_CF_DRAG_FROM_ANY_POINT" Value="1" Type="4"/>.. <ROW Property="AI_CF_FrameBottomLeft" Value="frame_bottom_left.bmp" Type="1"/>.. <ROW Property="AI_CF_FrameBottomLeftInactive" Value="frame_bottom_left_inactive.bmp" Type="1"/>.. <ROW Property="AI_CF_FrameBottomMid" Value="frame_bottom_mid.bmp" Type="1"/>.. <ROW Property="AI_CF_FrameBottomMidInactive" Value="frame_bottom_mid_inactive.bmp" Type="1"/>.. <ROW Property="AI_CF_FrameBottomRight" Value="frame_bottom_right.bmp" Type="1"/>.. <ROW Property="AI_CF_FrameBottomRightInactive" Value="frame_bottom_right_inactive.bmp" Typ

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\UpgradeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4569
      Entropy (8bit):5.358281209681897
      Encrypted:false
      SSDEEP:
      MD5:A86ECF48656DD353D421D4516FB09B31
      SHA1:45574D1962548BFB0C53669B5E56004129DC06C3
      SHA-256:B95253D24CECFE07ED6C1888897960DDCE8F73B040F8F81AAD9F8F34D40B9C27
      SHA-512:9669EB420AE7A48847092021B04C598C6BFC3C31B195AE73487780B8012FDA00FF7F9603436BE5EAF5C2947FD6D9B822E47C12BE6B75D79FBF1045BF4B88A4E8
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="AI_Upgrade_Question_No" Type="4" ValueLocId="Property.AI_Upgrade_Question_No"/>.. <ROW Property="AI_Upgrade_Question_Yes" Type="4" ValueLocId="Property.AI_Upgrade_Question_Yes"/>.. <ROW Property="AI_Upgrade_Replace_Question_No" Type="4" ValueLocId="Property.AI_Upgrade_Replace_Question_No"/>.. <ROW Property="AI_Upgrade_Replace_Question_Yes" Type="4" ValueLocId="Property.AI_Upgrade_Replace_Question_Yes"/>.. <ROW Property="UpgradeLogoIcon" Value="upgradelogoicon" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="upgradelogoicon" SourcePath="&lt;AI_RES_COLOR&gt;UpgradeLogo.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="UpgradeDlg" Control="Bitmap" Type="Bitmap" X="0

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\UserRegistrationDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4941
      Entropy (8bit):5.305753189469974
      Encrypted:false
      SSDEEP:
      MD5:80D550A5D2771BE29D702F6B5F4A175C
      SHA1:9BC94E7C90533E084D14019D358018A4F3E4A441
      SHA-256:2E9CFDB45973D3E60CC4048AC6D8A421A6604785E876CF4E8AC9E16E48649515
      SHA-512:5D6BE6993DDC4E07CB8414E86EF8025D1CD0B7F8C2C3D336F8A4D3CDE6A93ACF30F0E778C91EAEDD5133AB094F3E63313C5D8DFA3A32645E6579879B5CB44F71
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiPropsComponent">.. <ROW Property="UserRegLogoIcon" Value="userreglogoicon" Type="1"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiBinaryComponent">.. <ROW Name="userreglogoicon" SourcePath="&lt;AI_THEMES&gt;common-res\images\UserRegLogo.ico"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="UserRegistrationDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="UserRegistrationDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="200" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="UserRegistrationDlg" Control=

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\VerifyRemoveDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4026
      Entropy (8bit):5.3841266487335915
      Encrypted:false
      SSDEEP:
      MD5:20480F3330AE5DA58C415C11A8CC36AB
      SHA1:F814C23A51ABF4D9AFA93E9D7A5F0906A5F67A49
      SHA-256:D24AFB348FD84EC243B4AE3C15516D8E242D654CD15891E49040030E5840ADE0
      SHA-512:0273AD5633E9EFE5EE9227A5351B65CCA684C655B14A981CE3E0D3A4A43F7A5E8A9AD8C5EE5D5285E86D32BA0D3C7AB12D381C9BA076769A8ED97BB2EAC9CC2C
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.4" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="VerifyRemoveDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="50" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="3" Text="[metrobuttonimage]" TextStyle="[MetroButtonText]" Order="300" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Back]" ExtDataLocId="-"/>.. <ROW Dialog_="VerifyRemoveDlg" Control="SubTitle" Type="Text" X="17" Y="105" Width="317" Height="19" Attribute

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\VerifyRepairDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):4182
      Entropy (8bit):5.365233275389665
      Encrypted:false
      SSDEEP:
      MD5:4893969578F1A7DEC35AB045C7952153
      SHA1:446390C194B15519B8DFD59FF5784E3195AC8EAB
      SHA-256:F825CC42406DD5AA859386FD87B5DB53FD382336644B43C461EFD134C5F9C0C9
      SHA-512:B1F60B5876A5D1FDBFF0E4CF66F741F3F6D1E2A0284ABEF93990E926B4D0A38CE23C004E58405BA036EE532C73A221DED0504B830EA832217B3C5605E5FCA9B9
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.4" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent"> .. <ROW Dialog_="VerifyRepairDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="300" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Repair" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="3" Text="[metrobuttonimage]" TextStyle="[MetroButtonText]" Order="300" Options="1" ExtType="ImageButton" ExtDataLocId="Metro.Control.ExtData.VerifyRepairDlg#Repair"/>.. <ROW Dialog_="VerifyRepairDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\WelcomeDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2600
      Entropy (8bit):5.261589145848386
      Encrypted:false
      SSDEEP:
      MD5:72791ADD13E6860FCF47D5FAC6AA4F3B
      SHA1:ED74EBC02997C11F8FFC74BAA490F3FFF7CD597D
      SHA-256:DB815259D33BCD70B5D419DDD28EC366C6491FCE0BDAA0FA8C07E0D56F1BA119
      SHA-512:19D552904411F039DD446F5D4E21B5A8F2536915A12FE45AD9E9694F06DBE4B7338AE3DB9805742FDA8476DD4EA7E55FF3EDFEB385E640E941CF160B85052AE3
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" CreateVersion="9.3" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomeDlg" Control="Bitmap_1" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="100"/>.. <ROW Dialog_="WelcomeDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="200" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Next]" ExtDataLocId="-"/>.. <ROW Dialog_="WelcomeDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="[MetroButtonText]" Order="50" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="WelcomeDlg" Control="Back" Type="ImageButton" X="17" Y="359" Width="78" Height="28" Attributes="0" Text="[N

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\fragments\WelcomePrereqDlg.aip

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
      Category:dropped
      Size (bytes):2904
      Entropy (8bit):5.326984326284408
      Encrypted:false
      SSDEEP:
      MD5:AC9FE7D6C5A42CDF11D2BCDFF114D83A
      SHA1:5E140D8F3AB6A73DF936D5F4A938AA1024F8997B
      SHA-256:BE9051D342ABA2968B96384178D6067962BEA2CF2882C4DFE02096ED149290DB
      SHA-512:2C90BD2D77D47A1578348804DC39F20C24A701AF2E21EE72141B507A75934689D377839F00C9DF9D55E455FAD357BFE49338725B3B7AE86587E750E7771FAB66
      Malicious:false
      Reputation:low
      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<FRAGMENT Type="ReadOnly" Language="en">.. <COMPONENT cid="caphyon.advinst.msicomp.BootstrapperUISequenceComponent"> .. <ROW Action="WelcomePrereqDlg" Sequence="250" Condition="AI_BOOTSTRAPPER AND (NOT AI_BOOTSTRAPPER_RESUME) AND AI_MISSING_PREREQS" SeqType="3"/>.. </COMPONENT>.. <COMPONENT cid="caphyon.advinst.msicomp.MsiControlComponent">.. <ROW Dialog_="WelcomePrereqDlg" Control="Cancel" Type="ImageButton" X="163" Y="359" Width="78" Height="28" Attributes="2" Text="[NextCancelButtons]" TextStyle="ImageButton" Order="100" Options="1" ExtType="ImageButton" ExtData="[ButtonText_Cancel]" ExtDataLocId="-"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Bitmap" Type="Bitmap" X="0" Y="0" Width="345" Height="400" Attributes="1" Text="[Background]" Order="200"/>.. <ROW Dialog_="WelcomePrereqDlg" Control="Next" Type="ImageButton" X="251" Y="359" Width="78" Height="28" Attributes="3" Text="[NextCancelButtons]" TextStyle="I

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\resources\variations\default\AI_logo.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 78 x 84 x 24, image size 19824, resolution 2835 x 2835 px/m, cbSize 19878, bits offset 54
      Category:dropped
      Size (bytes):19878
      Entropy (8bit):1.9713477137195046
      Encrypted:false
      SSDEEP:
      MD5:AF7AD9A40809C0D00004383C656C3692
      SHA1:898B75659E67E7E1DCC9E028BA92B9888CE53BAC
      SHA-256:83BFDB826D2D753F31B12C1D0A62E36D96004DC32038AE85D9006CA578612B60
      SHA-512:B325313982285754CDFDC61B165D1968DDD0437A1C0BB46D35C04BE03E3444A3D189BADED903EB91806552D26C1544D0576D2F8EA754EA4776054CB237BFCAD5
      Malicious:false
      Reputation:low
      Preview:BM.M......6...(...N...T...........pM..................................................................................................................***IIIppp.....................pppWWW888.........................................................................................................................................................................................III........................................................WWW....................................................................................................................................................................WWW.............................ppppppppppppppp{{{...........................uuu..................................................................................................................................................$$$....................WWW.............................................CCC...................III.........................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\resources\variations\default\PreparePrereqDlgProgress.gif

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:GIF image data, version 89a, 83 x 28
      Category:dropped
      Size (bytes):24915
      Entropy (8bit):7.8131110484157675
      Encrypted:false
      SSDEEP:
      MD5:F550F449BAED1315C7965BD826C2510B
      SHA1:772E6E82765DCFDA319A68380981D77B83A3AB1B
      SHA-256:0EE7650C7FAF97126DDBC7D21812E093AF4F2317F3EDCFF16D2D6137D3C0544D
      SHA-512:7608140BC2D83F509A2AFDAACD394D0AA5A6F7816E96C11F4218E815C3AAABF9FC95DD3B3A44B165334772EBDAB7DFA585833850DB09442743E56B8E505F6A09
      Malicious:false
      Reputation:low
      Preview:GIF89aS..............................!!!%%%)))---111444999===AAADDDIIILLLQQQUUUYYY^^^aaaeeehhhnnnpppuuuyyy|||................................................................................................!..NETSCAPE2.0.....!..Built with GIF Movie Gear 4.0.!.......,....S......@.pH,.....`h:..e.I.Z....< ...xL.....um..B&B.h<..|..P .Sl.XJP.PR.s.............~...]ae.d.i.....06....60..i..........m......r..3...3...S.....m.......6.6...S...UL......6......\.C.......0`H;....#.O.@.Cl\x..^........H.u..d8A.$.....R.A...%r.).DJ!.)........@.v.i...&.. z..B.4.. ..".XY..X...JM2]...T.T'Z}.5..t...-9.T.gg..Y4d[.o...9.d].....Q.N.....J....\....."K...2a.*.&.x....#.zzn..P[7.{5..}......7g.a..\.$..s7.~z"...C~......2..me....$_59C..3-.....+w....Mp..8.8`.eV 8....2L1.(x...8.M..$P.\.`.......3.b.*3x .......`........0..$<^P.%....6k.a..I(B..z4...}.I.G...)_x..g...`..E.Od...A..!.......,....S......@.pH,....r.l6..4.2.J...Hx.`/.`PN..a.n..Lmb.h8.....X$..h.X.Z[\................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\resources\variations\default\PrereqProgressImage.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 121 x 14, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):173
      Entropy (8bit):5.758131192703689
      Encrypted:false
      SSDEEP:
      MD5:6BBC544A9FA50B6DC9CD6C31F841548E
      SHA1:E63FFD2DD50865C41C564B00F75F11BD8C384B90
      SHA-256:728C6CC4230E5E5B6FDF152F4B9B11AC4D104FA57A39668EDEA8665527C3BCC2
      SHA-512:2CF43D3A3F2E88805824E4C322832AF21C4C49D5309387AA731DDBEA8CC280A6049CAB4526E20B1C87C39C8781168C5FF80083C94BECF0984B94593B89AB77F8
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...y...........0....bKGD..............pHYs.................tIME......0..>H...:IDATX...Q........K#.$...?3.v[.]..1.{..&c2&c2&c2&c.....k.L.....?.....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\resources\variations\default\backbutton.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 624 x 37, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):404
      Entropy (8bit):6.07293049970108
      Encrypted:false
      SSDEEP:
      MD5:50E27244DF2B1690728E8252088A253C
      SHA1:B84AD02FD0ED3CB933FFBD123614A2495810442B
      SHA-256:71836C56EC4765D858DC756541123E44680F98DA255FAF1ECE7B83D79809B1C3
      SHA-512:BA3D3535BFD2F17919E1A99E89FDB1C9A83507FF3C2846C62770E210A50AEE1281445D510858D247CC9619861089AAF20F45B0B7C39F15C0EA039AC5498FA03E
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...p...%.............bKGD.......C......pHYs.................tIME......1.!.@...!IDATx.....@..QJ00....|..u......q.a..0..b .....{..O..rE.a....n.....).........M..0-....ca.|.....U.q.<n.........u~b.W.d.....}......?^...&F....8.........@... ....p..............p...8.........@... .............. ....p...8.........@....8.........@... ....p....!.............Y.L..!..8...y...'.1./9....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\resources\variations\default\background.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 5 x 5 x 24, image size 80, resolution 3778 x 3778 px/m, cbSize 134, bits offset 54
      Category:dropped
      Size (bytes):134
      Entropy (8bit):1.690754928353098
      Encrypted:false
      SSDEEP:
      MD5:A0EFB0E7B9CEE25B09E09A1A64E96BA6
      SHA1:0C1E18F6F5E6E5E6953E9FB99CA60FDEC35D6E39
      SHA-256:F044F542BC46464054084C63596877F06C6E2C215C0E954C4ACE9787CED82787
      SHA-512:7E53F9F564AAA529B3B15035671957C2923EC98DDEE93758EA7A4C8645EE9058962078771B853E3490290FDE1F57030DFF5092D40D69418776FFEE89F79C8A7C
      Malicious:false
      Reputation:low
      Preview:BM........6...(...................P...................................................................................................

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\resources\variations\default\browsebutton.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 168 x 26, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):253
      Entropy (8bit):6.4627211773425355
      Encrypted:false
      SSDEEP:
      MD5:9554BE0BE090A59013222261971430AD
      SHA1:9E307B13B4480D0E18CFB1C667F7CFE6C62CC97C
      SHA-256:F4302EE2090BC7D7A27C4BC970AF6EB61C050F14F0876541A8D2F32BC41B9BAB
      SHA-512:AC316F784994DA4FED7DEB43FE785258223ABA5F43CC5532F3E7B874ADC0BC6DBCD8E95E631703606DFAA2C40BE2E2BB6FA5BC0A6217EFE657E74531654EA71C
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR.............#I......pHYs.................tIME......5a.aP....IDATx.....1.@..s.....S.....`0QP.............@f.....:E....=...]..~CDDk.d......r.q...~FD..U.|..k..}..~..?&P...E. P.(..."P.(....@.(....@A......E...X.0/.....-.%....M....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\resources\variations\default\button.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 624 x 37, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):404
      Entropy (8bit):6.090863946477903
      Encrypted:false
      SSDEEP:
      MD5:17368FF7073A6C7C2949D9A8EB743729
      SHA1:D770CD409CF1A95908D26A51BE8C646CACE83E4C
      SHA-256:16E6E7662F3A204061C18090A64A8679F10BC408BE802ABD2C7C0E9FE865CBB4
      SHA-512:CBC3A378335F131D0146E5FE40CEA38A741A0754A26304DAEBFDA6F82C394CF0E151654782C6C8C7BBF7C354FCB72A2C66A77A87DF528C2A3FA87C88F204059D
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...p...%.............bKGD.......C......pHYs.................tIME........z....!IDATx.....@..QJ00....|..u......q.a..0..b .....{..O..rE.a....n.....).........M..0-....ca.|.....U.q.<n.........u~b.W.d.....}......?^...&F....8.........@... ....p..............p...8.........@... .............. ....p...8.........@....8.........@... ....p....!.............Y.L..!..8...y...'.1./9....IEND.B`.

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\resources\variations\default\dialog-image.jpg

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 533x350, components 3
      Category:dropped
      Size (bytes):46587
      Entropy (8bit):7.960155870151186
      Encrypted:false
      SSDEEP:
      MD5:07DF8EFF6685E8E33A2BA48D21EADE25
      SHA1:AA796847AB14DB4EC273F1A4D6FF9CD969B7D79E
      SHA-256:6D08CA704786EB0AB0F90A0BE62B184FDA0AC6C266D749107B2D4E8797D66CE6
      SHA-512:9F9778387A5D369946C1CC31FB551BC5925C52DC10479BD74A211B1CFE6263EE95BD89194DF925E2D76A6CD43545BEFBDD1A2816478A8E4AB8DF119D83350C01
      Malicious:false
      Reputation:low
      Preview:......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................^.........................................................................................!..1AQ"..aq.....2#..BR...3$.brC%......Sc&'(..4DT56.h..s...EVG8HXx...................A.1!qa...Q..2.#............?......@.2*5....n..o3tz...;,..*..w`.*......|b....X.mos.r.[!6+!e.....vxY.X..')W.H........@......i.....1e+..$.'Q}z...V...$. .q.]...\....C[ F...J...;.G.iVP#~U...)....h.q..(.v...}...X.....:`..E.....qY.......1.[i:t..pG....#Y..7.JT....8...%Y...O..D.w;&d-..(.....3.....'.9..Y..}.....0....4.%\s..!......_>...2. s.U..>N. 2F#EX..Q.H$...T.bgq..<.>\...*...L.7...b.s.U|.o.m....I.D.@.9.......D!..U.......a...$H...Y..<."...Xx4.)}.Pi..W..S._...A..,.9.NV.#.d....:)..h..r<l.Z.....U/%.....v.'..S.C.......+....rH[...c..:y.kvv.JeF..H.1...i..1.C....bN4.R=..."x..y....E......4..P@.f .:P`x

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\resources\variations\default\info.png

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PNG image data, 50 x 69, 8-bit/color RGBA, non-interlaced
      Category:dropped
      Size (bytes):1149
      Entropy (8bit):7.7634420661257595
      Encrypted:false
      SSDEEP:
      MD5:CCEA6A19293929C2E8744D36C79F8A4B
      SHA1:B352AD63F7956820B7CE4DE367C62E8ED0B91487
      SHA-256:C155D93A173E880A9CA4CAE1BE71CBED5DE3C6AAC84E05C734EE5898400B5296
      SHA-512:6A3043BE9BEC67A050F872B6031230602751CA60A3D1782E2B0E465002B6CE3AA399A106D861FDD3FC289E7CD3023A8DF56117992ED31B878D7DFB4BC8D089AE
      Malicious:false
      Reputation:low
      Preview:.PNG........IHDR...2...E.............tEXtSoftware.Adobe ImageReadyq.e<....IDATx.._HSq...I.r ..`%.|2. ..A..I...HX..@....C/=.X/....EI..H.B1.!H....$>H.hVb.......ws.w..;..w.......,...J.._..'.....xB<!v....*.V.....v.C,...:KL.3.Vf3D.......X...4E.C...RI...!F.+8$.L...'.O.$j.:".F...A.#~[.H..H....I..Q..V.H..Y{KD.j[V..!... :4..E..?......o...D.A.*..=...huJH/.......(BRM..;.L.BzG..C.N.....}..?.+...D.......R.4..bdZ...gkBg$.3.......*..-.!.9...f.r.!...f.V.h ^.=..me....m....Y..{ ..n......i.......Z.......n.n;.5O....}.k..K.....6.R._%.Om#0|.@.+.A.w...IB.C8..2._{..{7.#.x..W|..E..C=&....5..8.~9.......[..vFyN......K<.:l...M...1}......."!..w)$.k.EB..w.%..}w..M..?[....^r.F.O:."...2.]$$.}7.v..X.Nk........PB.f..9.}7...EU....g.Y..p..t..Kl4..s.!.1...*>g..A:?.,J......v........$q...?.t....<....A.j:H..VP5.v..b.*6....U.D..#.?(...e...R.b._@.*.Z....._.Ul..}f..}Ja..&L..3"..e...6_.}.U..b...;............A...L<....z....(3.9.Lb...2w.w...e......L.<.f..O..,..x....Q.&J.u.Qg

      C:\Users\user\AppData\Local\Temp\Advanced Installer\themes\surface\surface.ini

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:Generic INItialization configuration [InitialDialogs]
      Category:dropped
      Size (bytes):8765
      Entropy (8bit):5.64631314993
      Encrypted:false
      SSDEEP:
      MD5:4E51E289D1D81472D49277CA7ED34884
      SHA1:FBC5308FCC5597E05C359FA74370FA7716850BE1
      SHA-256:85A1438A4182DCCCDE9FD5B7FADD767009BAE48AA23AD0F39F37CE8BFF4F777A
      SHA-512:D84C55B30A48D182E93C5BBE6E3E631AE5EACC165D5AB6842B56E1C6562294D588977055BDB38EC49DC6BCB3886FD83DF6CD0AA8EAE99FFF31F9DA61194AB06B
      Malicious:false
      Reputation:low
      Preview:[Settings]..DisplayName = Surface..UseEnhancedUI = true..UseEnhancedUIMaint = true..BannerSize = 530x630..Highlight = 4px dotted #FF7070..VerifyRemoveDlgCheckboxBBox = 17 191 308 20..;#307070....[InitialDialogs]..DLGIT_INSTALL = InstallDlg..DLGIT_MAINTENANCE = MaintenanceTypeDlg CustomizeDlg..DLGIT_PATCH = PatchWelcomeDlg..DLGIT_RESUME = ResumeDlg....[AddDialogs]..; Values: DLGIT_INSTALL, DLGIT_MAINTENANCE, DLGIT_PATCH, DLGIT_RESUME, DLGIT_ALL_TYPES..WelcomeDlg = DLGIT_INSTALL..MaintenanceWelcomeDlg = DLGIT_MAINTENANCE..VerifyReadyDlg = DLGIT_INSTALL | DLGIT_MAINTENANCE | DLGIT_PATCH..VerifyRemoveDlg = DLGIT_MAINTENANCE..VerifyRepairDlg = DLGIT_MAINTENANCE..FolderDlg = DLGIT_INSTALL..SetupTypeDlg = DLGIT_INSTALL..LicenseAgreementDlg = DLGIT_ALL_TYPES..ReadmeDlg = DLGIT_ALL_TYPES..ExtRegDlg = DLGIT_INSTALL | DLGIT_MAINTENANCE..UpgradeDlg = DLGIT_INSTALL..ShortcutsDlg = DLGIT_INSTALL..StartMenuShortcutsDlg = DLGIT_INSTALL..SQLConnectionDlg = DLGIT_INSTALL..SQLServerConnectionDlg = DLGIT_

      C:\Users\user\AppData\Local\Temp\MSI11879\embeddeduiproxy.dll

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):8192
      Entropy (8bit):5.075636201762728
      Encrypted:false
      SSDEEP:
      MD5:7BD64E539AA04F866B8497C2F513FD46
      SHA1:F3131D7A3CFF3CBF7F0B9CAE4ADA592213091E48
      SHA-256:5503883401E33BE8445AE05E188AF42E84FD8B311B10F7889C13F5773711D564
      SHA-512:AE2018ED79379CD1C5BCF56298DDAECC0647B32B3FA467945F95F33541785AEF8D1FF3D1A74C3A089DE455849DE62A352DCC04B61C30124CBAB0E0B8CB400B4D
      Malicious:false
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m:..)[.})[.})[.} #.}"[.})[.}.[.}.2.|/[.}.2.|([.}.2c}([.})[.}([.}.2.|([.}Rich)[.}................PE..L......\.........."!......................... ...............................`............@..........................!.......#..P....@..@....................P......@!..p............................................ ..p............................text............................... ..`.rdata..4.... ......................@..@.data........0......................@....rsrc...@....@......................@..@.reloc.......P......................@..B........................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\nsj5BC.tmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:data
      Category:dropped
      Size (bytes):292137129
      Entropy (8bit):6.600340038585463
      Encrypted:false
      SSDEEP:
      MD5:6E884014E2F5373D674F0F4B02357100
      SHA1:97CC8D786833082579BF00F91C1B26FBDE5364CA
      SHA-256:14F0343F3FBACD3532D9E6E8BD2E0416057989B32A5974AD66DDA2F8D5475EAF
      SHA-512:AB505FE14DF10FA63B4B5C183A9B7AC63C2BC4E658B4AAB9F805B37AE8B5E17DE33E66E748CD3167C0D3747ABD7C40376DD6929519811DA76E32D8719F32495A
      Malicious:false
      Reputation:low
      Preview:........,.......l...............0.......{..............................................................:...................................................................................................................................................................................................;...................................................................g.......................B.......................................j.......................B...............................................................................................................................B...........................................................\g..................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\Aero.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed
      Category:dropped
      Size (bytes):6656
      Entropy (8bit):5.82675016487519
      Encrypted:false
      SSDEEP:
      MD5:243BF44688B131C3171F2827A93E39DC
      SHA1:07E9C7BD16AE47953E42C06AE2606DE188386F35
      SHA-256:04A577DF50431EB0FF6FB103566402BF66C50415BCC1F8A86B9C235053131455
      SHA-512:A1A8C21D38C54A43D1C6C394F481DFBDDCB359C617E9928ECCA8F84D47354616A78D20735A1FE7BEBD21626C21CF96D0E1A69E3E98F6B35F2A774CC0244F9516
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......e...!hj.!hj.!hj.(...&hj.!hk..hj.uKZ. hj.:... hj.:... hj.:... hj.:... hj.Rich!hj.........PE..L......O...........!.............p..@.....................................................@.........................8...D...@...........@...................|.......................................................................................UPX0.....p..............................UPX1................................@....rsrc...............................@......................................................................................................................................................................................................................................................................................................................................................................................................................3.07.UPX!....

      C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\BrandingURL.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):4096
      Entropy (8bit):3.904876158695173
      Encrypted:false
      SSDEEP:
      MD5:71C46B663BAA92AD941388D082AF97E7
      SHA1:5A9FCCE065366A526D75CC5DED9AADE7CADD6421
      SHA-256:BB2B9C272B8B66BC1B414675C2ACBA7AFAD03FFF66A63BABEE3EE57ED163D19E
      SHA-512:5965BD3F5369B9A1ED641C479F7B8A14AF27700D0C27D482AA8EB62ACC42F7B702B5947D82F9791B29BCBA4D46E1409244F0A8DDCE4EC75022B5E27F6D671BCE
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............x...x...x...x...x...g...x..)g...x..)g...x..Rich.x..........................PE..L...KThF...........!................Q........ ...............................P......................................."..W...p ..d............................@....................................................... ..p............................text............................... ..`.rdata..G.... ......................@..@.data...P....0......................@....reloc.......@......................@..B................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\LangDLL.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):5632
      Entropy (8bit):3.951555564830228
      Encrypted:false
      SSDEEP:
      MD5:9384F4007C492D4FA040924F31C00166
      SHA1:ABA37FAEF30D7C445584C688A0B5638F5DB31C7B
      SHA-256:60A964095AF1BE79F6A99B22212FEFE2D16F5A0AFD7E707D14394E4143E3F4F5
      SHA-512:68F158887E24302673227ADFFC688FD3EDABF097D7F5410F983E06C6B9C7344CA1D8A45C7FA05553ADCC5987993DF3A298763477168D4842E554C4EB93B9AAAF
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$....................~..........z.....B....Rich..........PE..L......K...........!......................... ...............................`......................................p"..I...` ..P....@..`....................P....................................................... ..`............................text...l........................... ..`.rdata....... ......................@..@.data...l....0......................@....rsrc...`....@......................@..@.reloc..@....P......................@..B................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\System.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):11264
      Entropy (8bit):5.568877095847681
      Encrypted:false
      SSDEEP:
      MD5:C17103AE9072A06DA581DEC998343FC1
      SHA1:B72148C6BDFAADA8B8C3F950E610EE7CF1DA1F8D
      SHA-256:DC58D8AD81CACB0C1ED72E33BFF8F23EA40B5252B5BB55D393A0903E6819AE2F
      SHA-512:D32A71AAEF18E993F28096D536E41C4D016850721B31171513CE28BBD805A54FD290B7C3E9D935F72E676A1ACFB4F0DCC89D95040A0DD29F2B6975855C18986F
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......)...m.m.m...k.m.~....j....l.9..i....l.Richm.........................PE..L......K...........!................0).......0...............................`......................................p2......t0..P............................P.......................................................0..X............................text...1........................... ..`.rdata.......0......."..............@..@.data...d....@.......&..............@....reloc.......P.......(..............@..B................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\modern-header.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 150 x 57 x 24, image size 25766, resolution 2834 x 2834 px/m, cbSize 25820, bits offset 54
      Category:dropped
      Size (bytes):25820
      Entropy (8bit):2.547022416874695
      Encrypted:false
      SSDEEP:
      MD5:6C0402CA8BF0B49E2EA8EC68D7BEA709
      SHA1:87C46E95EDB6AAF4341A4A3AA021D752DBC834B7
      SHA-256:4801355D2734419425C25543C2569F05F74912E33CE5701BFA96BDEB695A61B1
      SHA-512:13E8134F9571AA8CD62537E1C6AF7936086BE3C7CB6F6B8FA1189EE710330368A63AB0F2A934DE714376D30F12E2B4257ED4DC126F1FEBE07CC91B2426CF72F5
      Malicious:false
      Reputation:low
      Preview:BM.d......6...(.......9............d.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .................................................................................................................................................................................................................................................................................................................................................................................................................................................................. ..........................................

      C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\modern-wizard.bmp

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PC bitmap, Windows 3.x format, 164 x 314 x 24, image size 154490, resolution 2834 x 2834 px/m, cbSize 154544, bits offset 54
      Category:dropped
      Size (bytes):154544
      Entropy (8bit):2.3854284088404483
      Encrypted:false
      SSDEEP:
      MD5:B92E93E36D901D67F3C7F2CCE761A42D
      SHA1:F7F723A251C2A0B0D4120F6E06694EC327AAA3B6
      SHA-256:5B04F601A115221070F453FA7E8E7444303C4EBF3834C0E8F163BA0F9EA9AC18
      SHA-512:619A7C731273FD85CF0AE08DB54EBE5ADE2DC48851D9E8822CDB68FF35A99BC61C23B8649DE935A752BBC089F2C0BA45A624A62E31A5CD90CF43D168448ED806
      Malicious:false
      Reputation:low
      Preview:BM.[......6...(.......:...........z[....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\nsy5CC.tmp\nsDialogs.dll

      Download File
      Process:C:\Users\user\Desktop\Advanced.Installer-15.9.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):9728
      Entropy (8bit):5.054726426952
      Encrypted:false
      SSDEEP:
      MD5:C10E04DD4AD4277D5ADC951BB331C777
      SHA1:B1E30808198A3AE6D6D1CCA62DF8893DC2A7AD43
      SHA-256:E31AD6C6E82E603378CB6B80E67D0E0DCD9CF384E1199AC5A65CB4935680021A
      SHA-512:853A5564BF751D40484EA482444C6958457CB4A17FB973CF870F03F201B8B2643BE41BCCDE00F6B2026DC0C3D113E6481B0DC4C7B0F3AE7966D38C92C6B5862E
      Malicious:false
      Antivirus:
      • Antivirus: ReversingLabs, Detection: 0%
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......../.cXN`0XN`0XN`0XNa0mN`0.A=0UN`0.mP0]N`0.Hf0YN`0.nd0YN`0RichXN`0........................PE..L......K...........!......... ...............0.......................................................................6..k....0.......`.......................p.......................................................0...............................text...G........................... ..`.rdata..k....0......................@..@.data........@......................@....rsrc........`....... ..............@..@.reloc..<....p......."..............@..B................................................................................................................................................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\shi2600.tmp

      Download File
      Process:C:\Windows\SysWOW64\msiexec.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):4509696
      Entropy (8bit):6.100941182830929
      Encrypted:false
      SSDEEP:
      MD5:F6153E803F1533042AC7E6988237C2C3
      SHA1:DDA81BB8BC8CC14877C9CB9B7C664DEFD81EBB4F
      SHA-256:F42A771D310C762C05A5BE3DE0CFDB9BEC28D3DFCCAEF800C901F551A0DF30ED
      SHA-512:7AE76A4CB58A9929C09B1D6376073268622C74B1E3F0C346AFA7A7829E2EF136CCF091F58CCA28BFE83C665573C23D9DB6AF51A44275DA0CC2CF8C1306ADDBAC
      Malicious:false
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........._.._.._..V.X.=..K..S..K..X..K..W.._.....K..^..K..-..K..D..K.4.^..K..^..Rich_..........................PE..L....+.X...........!.....dA.........P.3.......A....c.........................@E.......E...@A.........................i@.K&..L.A.......B.H.....................D..-......T....................O...... .................A.H....C@......................text.....@.......@................. ..`.wpp_sf.......@.......@............. ..`.data....6....A......hA.............@....idata...1....A..2...nA.............@..@.didat..4.....B.......A.............@....rsrc...H.....B.......A.............@..@.reloc...-....D.......C.............@..B........................................................................................................................................................................................................................

      C:\Users\user\AppData\Local\Temp\shi266E.tmp

      Download File
      Process:C:\Windows\SysWOW64\msiexec.exe
      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):83128
      Entropy (8bit):6.654653670108596
      Encrypted:false
      SSDEEP:
      MD5:125B0F6BF378358E4F9C837FF6682D94
      SHA1:8715BEB626E0F4BD79A14819CC0F90B81A2E58AD
      SHA-256:E99EAB3C75989B519F7F828373042701329ACBD8CEADF4F3FF390F346AC76193
      SHA-512:B63BB6BFDA70D42472868B5A1D3951CF9B2E00A7FADB08C1F599151A1801A19F5A75CFC3ACE94C952CFD284EB261C7D6F11BE0EBBCAA701B75036D3A6B442DB2
      Malicious:false
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......V.T...:...:...:.....&.:...9...:...;...:...;...:...:...:...4...:...?...:......:...>...:......:...8...:.Rich..:.................PE..L...Y.............!.........H.......n..............................................;.....@A........................P........B.......`............... ...$...p..........T............................................@...............................text.../........................... ..`.data....!..........................@....idata..H....@......................@..@.rsrc........`......................@..@.reloc.......p......................@..B........................................................................................................................................................................................................................................................................................................

      C:\Windows\Installer\MSI248A.tmp

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):481792
      Entropy (8bit):6.56333916269434
      Encrypted:false
      SSDEEP:
      MD5:99D9B8CB63CF556D8F2FECA25BC02054
      SHA1:C27C8A4339B8521B59546F4BA431B40647DBA1AC
      SHA-256:7C00A5DB386FAB9EF7A6B5114F3ACEAB952953E5C4D8DE1BDF0A3E57BBFC04BE
      SHA-512:F62D6E7C4AFC21901244BB99CE2A0C722C119E91E1B2B39C37E0A660017C988CC75E2A9DE471881F49CF24624230808F036725FE3744937A3373473449744415
      Malicious:false
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........[E...E...E....s1.K....s3......s2.X.......S.......d.......~...L.S.N...E..........U......D....?.D......D...RichE...................PE..L...e..\.........."!.....J...........7.......`............................................@.............................L.......<....@.......................P...E..0...p...............................@............`..T............................text....I.......J.................. ..`.rdata..>....`.......N..............@..@.data....+..........................@....rsrc........@......................@..@.reloc...E...P...F..................@..B................................................................................................................................................................................................................................................................................................

      C:\Windows\Installer\MSI24AA.tmp

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):358400
      Entropy (8bit):6.363468745228584
      Encrypted:false
      SSDEEP:
      MD5:A3EA197EA46E430AE12E9B984D7BB080
      SHA1:FE3CD0BC3CCE6D313AB185EDDFAA470C392C6652
      SHA-256:F8AD63686969B003636DC751E082C0BEF1110A40DA793F631F8E8373473EBEF1
      SHA-512:29EE1A6E7A1EA84E9A6E015DAA1BDDF411C6A712EBD8EAC7388EF2A747A38014776381AF7AAB8984CF4A91445718EEAE40450B697234BC31B86135EE9FAB159B
      Malicious:false
      Reputation:low
      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......I......R...R...R...R...R...R...R...R...R_.|S...R_.{S-..R_.zS:..R...R...R...R...R..~RK..R..vS@..R...S...R...R...R...R...R..}S...RRich...R........................PE..L....-.\.........."!.....n................................................................@.................................x........`..0....................p...>......p...........................p...@............................................text..._l.......n.................. ..`.rdata..x............r..............@..@.data........@.......&..............@....rsrc...0....`.......2..............@..@.reloc...>...p...@...8..............@..B........................................................................................................................................................................................................................................................................

      C:\Windows\Installer\MSI25B6.tmp

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):573952
      Entropy (8bit):6.402920219971455
      Encrypted:false
      SSDEEP:
      MD5:978BB0E99F6E61352882F196892F6D05
      SHA1:E87BD9DFB009DC38F81B1A945603048358855A4D
      SHA-256:2A0B8CF55E45BEECA0645EDC52130918C72B23730BE47791BDEC8CC98DE84C0D
      SHA-512:4E93E8B2CF60DE770BAE70790D7825A8311584FA88093ED269431C823E04FED2A5A2896346AC220A530DAC8753AB7F1E37E8EFECE710482630832B925B9B6C6A
      Malicious:false
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............q...q...q..O.U..q..O.W.iq..O.V..q.......q.......q.......q....'..q.... ..q....7..q...q...p..m....q..m....q..m.[..q...q3..q..m....q..Rich.q..........PE..L...J..\.........."!.....B...........v.......`............................................@..........................]..<....^..........h........................V..`...p...............................@............`..\...|[..@....................text...)@.......B.................. ..`.rdata.......`.......F..............@..@.data...<............X..............@....rsrc...h............d..............@..@.reloc...V.......X...j..............@..B................................................................................................................................................................................................................................................................................

      C:\Windows\Installer\MSI25D6.tmp

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):585216
      Entropy (8bit):6.379144670309411
      Encrypted:false
      SSDEEP:
      MD5:425B05A6F9BA9ADDA6F9C2A4881B435E
      SHA1:80600834503C5A770F09C1EA64EE1225F9CE1E40
      SHA-256:0EE1BF4404AB455FBB92F004A285EA5ABDC34D3DACF04BD62419DF6647270A8B
      SHA-512:42E3E7DE469758531DE354EC39E0C0BB6590548C00707ED40A651D4271F2F4F168571F2EB23FDDEB654250EA59AD2D0CD6AEC5A931C5CE295FEAB454FD8F336D
      Malicious:false
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.............}...}...}.L8....}.L8..d.}.L8...}...~..}...y..}...x...}.......}.....}...|..}.n.t..}.n.}...}.n....}......}.n.....}.Rich..}.................PE..L......\.........."!.........X..............................................0............@.............................t...D........p..................................p...........................@...@............................................text.............................. ..`.rdata..b........0..................@..@.data....u.......d..................@....rsrc........p.......<..............@..@.reloc...............B..............@..B................................................................................................................................................................................................................................................................................

      C:\Windows\Installer\MSI3019.tmp

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):717312
      Entropy (8bit):6.435084351312804
      Encrypted:false
      SSDEEP:
      MD5:9549B6311E491D0F5C06607A5991E543
      SHA1:4B79888D5101403D5648E0311A7BDD209D6BF8F2
      SHA-256:237E3518E98695500E5B9554546E9380D483099E4E9F9DDEFF2934DCB7808BBD
      SHA-512:C8625ECBB0DF2913A94F2B5897B4C056D39747C94B1EF55E2467520D51D4A56C246FB3CA467014B48B74DA7EA15EE68FEFC026659C618C95625FECF17EF3E71B
      Malicious:false
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........v.............J7....J7.f...J7..............................................h.......h.......h..............h.......Rich....................PE..L...7..\.........."!.....F...................`...............................@............@.................................`........`.................................p...............................@............`...............................text...HD.......F.................. ..`.rdata..Lr...`...t...J..............@..@.data...ty.......f..................@....rsrc........`.......$..............@..@.reloc..............:..............@..B................................................................................................................................................................................................................................................................................

      C:\Windows\Installer\MSI3D1E.tmp

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:data
      Category:dropped
      Size (bytes):4065254
      Entropy (8bit):6.487842793085781
      Encrypted:false
      SSDEEP:
      MD5:4066B201E054D1BE59305674A86D1817
      SHA1:EF11D930F20626C478300E01F46BE9BAE294D573
      SHA-256:1D0681CF8B2223990304C14F4EB91616688431AEF21968271A52CDD6FBBB33CF
      SHA-512:71244BB1B504256F88AA8605945154BCDD137961771BDDC5390073B62E345A6AB797790FD61A2BC295E197D67200F01674FA65D3AE8A6EFDDC94A34174082E1C
      Malicious:false
      Reputation:low
      Preview:...@IXOS.@.....@2}.W.@.....@.....@.....@.....@.....@......&.{BABEB095-3E12-417E-A23D-670D4FA86D3A}..Advanced Installer 15.9..packeg.msi.@.....@.....@.....@......AdvancedInstaller.exe..&.{1019FDC9-D963-4486-B7FC-95EAD3D51506}.....@.....@.....@.....@.......@.....@.....@.......@......Advanced Installer 15.9......Rollback..Rolling back action:....RollbackCleanup..Removing backup files..File: [1]...@.......@........ProcessComponents..Updating component registration...@.....@.....@.]....&.{A3F907C5-E217-4003-8DD2-9E30A013707A}P.C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\custact\x86\CPLApplet.cpl.@.......@.....@.....@......&.{81E1B538-F129-452E-AB66-3D09BA035419}..C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\fragments\prerequisites\MSSQL Express LocalDB 2014 x64\MSSQL Express LocalDB 2014 x64.aip.@.......@.....@.....@......&.{745B1AD2-DB4F-4259-B692-34897041F8A5}J.C:\Program Files (x86)\Caphyon\Advanced Installer 15.9\bin\x86\expatai.dll.@.......@.....@.....@......&.{DB4

      C:\Windows\Installer\MSI44A1.tmp

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):624128
      Entropy (8bit):6.450614654534588
      Encrypted:false
      SSDEEP:
      MD5:A72B24A9A50E1BB387F29FAA2652D52A
      SHA1:B45E82349C229F36A93EBC35B9BFBD1D203CA3EA
      SHA-256:33D8E54AD62164E6A49E94D97217BB15EBFF0EE7EE5E3DBECB080016E371954E
      SHA-512:06969B08B642427B4E7882F5D53B04D14077CF8EF16AACBF79B9FF5CDEB1E9FBF7969C9F246F9090D657E6E44FBC23108F107037A508583D5E918370CD72E58A
      Malicious:false
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......a...%.f.%.f.%.f.B..+.f.B...f.B..8.f.w.e.3.f.w.b...f.w.c...f.,...$.f.,...2.f.%.g...f.o...f.f.$.f...$.f.%...$.f.d.$.f.Rich%.f.................PE..L......\.........."!................!5....................................................@.................................x........@.......................P...c...N..p............................O..@...............T............................text............................... ..`.rdata..:...........................@..@.data........ ......................@....rsrc........@......................@..@.reloc...c...P...d..."..............@..B................................................................................................................................................................................................................................................................................

      C:\Windows\Installer\MSIC0E8.tmp

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
      Category:dropped
      Size (bytes):515072
      Entropy (8bit):6.529016027112654
      Encrypted:false
      SSDEEP:
      MD5:F31F8254C3F034770B85EC2A1658CC34
      SHA1:ADDBBF92E8FEA23081ABA2CBD67ADF393268556D
      SHA-256:7079C783A02FF3A7805A993DBFB4774447E54BC6E79A2DDD2285CF432E86011D
      SHA-512:180D4B20F70DD8D3A2D2B5A413FB84A9D4299A4372BA65C8DF959995A8BED8498B483C5C7A37257FE9ADCF0B0182672B85415408CB80967DD376DDF0AB9C527F
      Malicious:false
      Reputation:low
      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........w..~...~...~.......~......%~.......~.......~.......~.......~.......~...~..|~.......~.......~.....~.......~..Rich.~..................PE..L......\.........."!.................z....................................... ............@..........................}.......~...................................M......p...........................p...@............................................text............................... ..`.rdata..............................@..@.data...."...........z..............@....rsrc...............................@..@.reloc...M.......N..................@..B................................................................................................................................................................................................................................................................................................

      C:\Windows\Installer\SourceHash{BABEB095-3E12-417E-A23D-670D4FA86D3A}

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Composite Document File V2 Document, Cannot read section info
      Category:dropped
      Size (bytes):360448
      Entropy (8bit):5.9743284158765695
      Encrypted:false
      SSDEEP:
      MD5:D19BA7C13126EBD8226F258F4611DC23
      SHA1:203FB7A3AEA1F4BD95DDA7E144907E805DDD73A5
      SHA-256:0E089BEDA5ABD545567D724E00054DDE7651F0CEA1F486B96882D0EBADCC0782
      SHA-512:5100536C9F0ECBA4DE3D3F3AB1F97EF924A6934F4708C5FE1D23D14C339C207C0C25305749A887BBD2DA5EA191BFBE12271BED316F3A67D88263548AA3465C9D
      Malicious:false
      Reputation:low
      Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Windows\Installer\{BABEB095-3E12-417E-A23D-670D4FA86D3A}\AdvancedInstaller.exe

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 12 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
      Category:dropped
      Size (bytes):194301
      Entropy (8bit):4.061659973369792
      Encrypted:false
      SSDEEP:
      MD5:4DC013E82EF7618A49AC442FCCF6AE8D
      SHA1:7347D5417EF4ABD3C2C9E838652D81316731C57C
      SHA-256:516058129BA67F1DEAEAEB96A3F5BEEE82E9D183DB1C0A663D743F07E2D1A3BB
      SHA-512:715D9474A657601E567CBC4BACD5196ECC66ED007B8C3FC9BC2F81F69651C494625995203D070A4600E04F146FC44255DD5F0CAC4236D88C5DBF5DB15748660B
      Malicious:false
      Reputation:low
      Preview:............ ..#............ .(....#..``.... ......+..HH.... ..T......@@.... .(B..-...<<.... .H:..UW..00.... ..%......((.... .h...E... .... ............... .....U......... ............... .h........PNG........IHDR.............\r.f.. .IDATx..y....?6;"...[h...v.....L.......5.....f...%...L..A.L..X.!....KHX..1X`.....'6X`v0......Qz~..V.n.........H....U_..uk...Q.......&...',/Zj.0A. #L..).zm.`..o....$..-.0A. U..3.K.....b..gyQ..a.PA.(.w..vx.\...].ly.......R).h.k+....3.5.%.........6A."U..q.4....f0.!<hy.....RR5...pa..|.<...>.Q.>.NA0B......j......>.I...l. .Be..Q......f.7.)(A.dy.....Bz.$....]..g....G..J.p!...v..lb1@. .e..AH.J.0.......x........5I.....4.Q.[.J.m...`:...4.>2k...TE....0mG.,BM9NBy..Y^..IB/..i.............x.Q../j....)G!O.....v0m..^c@.&[^..a{.......F.....$D.+..>.^5l.Pq. .G.7....<.....-/z.=B...\..l....x..)...}`.$..TA...[....,F.........c.&.e..........K........GQ(.......]..EM..<.=K...F.X.v...0..a..Q...........G..@.r..Q.NJ+..zm[.i.v.....Z.$y...2..i.OM.!4e).(.

      C:\Windows\Installer\{BABEB095-3E12-417E-A23D-670D4FA86D3A}\ext.exe

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 6 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel
      Category:dropped
      Size (bytes):22486
      Entropy (8bit):3.336483005922248
      Encrypted:false
      SSDEEP:
      MD5:2174334A9D9D0DAD19E3FFCB29201F42
      SHA1:D15FE277A493AF362312B9CFE7AB1C054F1E4019
      SHA-256:8AF5E3C39C0878AB0FF1903092437D32D441992B732659FCB216AA59C0A41F61
      SHA-512:C43F2E03F37EE47C5EE7FC611D36533A46F461905E7F65F3A9E7F7445D7832DDE927E2B98CC957AA372AE1FABA26693624313BA17E24E33189F28D456AF8F437
      Malicious:false
      Reputation:low
      Preview:......00..........f... ......................h.......00.... ..%...... .... ......B........ .h...nS..(...0...`.....................................~..V.._..Y..]..[..].._..c..b..e..b..g..h..m..m..k..n..q..r..r..t..n..s..t..w..r..u..x..{..~..o..s..t..w..z..|....|r..mm..mm..tt...|.......y...y......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Windows\Installer\{BABEB095-3E12-417E-A23D-670D4FA86D3A}\ext_1.exe

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 10 icons, 64x64, 8 bits/pixel, 48x48, 8 bits/pixel
      Category:dropped
      Size (bytes):49334
      Entropy (8bit):3.1342676007589856
      Encrypted:false
      SSDEEP:
      MD5:B44A94D03862B0E5CA063B61F346979E
      SHA1:EFD7F71D03E5FEEB12C92AC4DE575E9A4F00E896
      SHA-256:E8CF6FDBCBA851403C44B72727F76F118C56428FA06C8BAE08656EBD28583EC3
      SHA-512:753A197C84E7106D3E744F7908E143B16B2C85CC8AEA7E30B635918D90D80D0FA916423D9FF7E4EAA3DE5BA10F47DB42091F80B58C3E52D58C81CB2FD27379D8
      Malicious:false
      Reputation:low
      Preview:......@@......(.......00.............. ..........v%..........................h....4..@@.... .(B..N:..00.... ..%..v|.. .... ............... .............. .h...N...(...@........................................k..b..e..f..k..m..o..p..r..t..|....vv..ll..ll..rr..uu..yy..||.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Windows\Installer\{BABEB095-3E12-417E-A23D-670D4FA86D3A}\ext_2.exe

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:MS Windows icon resource - 7 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
      Category:dropped
      Size (bytes):111315
      Entropy (8bit):3.913696419233688
      Encrypted:false
      SSDEEP:
      MD5:B514A80EF120002D47BB2AEC1B5D39E2
      SHA1:FEF6FD2B6EE0CBDDBEA9245C3091D748597CD0BB
      SHA-256:070118A661A1B9C6224C88D050AB218F7879186B01816579F939B1AFDFCAFE8B
      SHA-512:C4E85CDC90646960321133E6C2C5E470C1EB6349F534183E6679ECF4B00F9824E213924BE18EDA4BFAD6BA866C790454ED9AC4CFD88056A9DF8148B197B4C77C
      Malicious:false
      Reputation:low
      Preview:............ ..#..v......... .(...C$..@@.... .(B..k,..00.... ..%...n.. .... .....;......... .............. .h...k....PNG........IHDR.............\r.f....pHYs..........o.d.. .IDATx...yp..}....."@.....[.EKIl.];..3.3l;9..i.m4..nwwv:....i..=...NG.i.t6uR.v,K.l...II.D.x.. ~.......E...<...F.."~....~...!.ciV.@....Y...MY...#. .E).....i..w... .b)....}.2,y.9.R>...\V.@.a...!.L.@.......$..p0..!.L.@.......$..p0..!.L.@.......$..p0..!.L.@.......$..p09....k"@......+...?.....a6.@.|M.y ...+.L........5bqI.X..1..h...)...............\....+.U...&....R.......:.e.*`........hz..).'..KO3..a2W ..!..!7]D.....-...h...n|.....H.m..tk...5Y.mM.|w%"^<.k.....pB)u.8....@F.......&....RA..Xa...;.;..E..S.....qq8G.h.....z?.*.).@..\..........D......T..d`M[C`MS........}....).40.iZ...*lA....V......6.w....N.pr@....K:'......K#Y.!.!.#..[..p.M..".7*......+.Di...!..A2.0.Z........t...:..........9...]..Pw.......R...1.aBz..E..B.R.`%......h-*....._Hsr@...k.L.....G[2@G*@k.Ok2@<..........k.,...f.c$T.u.Q

      C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
      Category:dropped
      Size (bytes):454234
      Entropy (8bit):5.356169380051951
      Encrypted:false
      SSDEEP:
      MD5:B555C4327196C236023EEF7777C1505E
      SHA1:8B48FB711DC727952D620A4F3405F1BE049E4CCF
      SHA-256:4F803F8F94D9001D91627EC176168C6A2C7B603D46C51EBF7A5ADF1307E2B2D4
      SHA-512:7B3B3B41853D918A4CA049D0FD91B07C896687C446FE706E2B6B38593E2BB7298604795F30881A8541C2E142043A5BEE7B9B45C5EF47F2F19ACB2D772D9557E3
      Malicious:false
      Reputation:low
      Preview:.To learn about increasing the verbosity of the NGen log files please see http://go.microsoft.com/fwlink/?linkid=210113..12/07/2019 14:54:22.458 [5488]: Command line: D:\wd\compilerTemp\BMT.200yuild.1bk\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe executeQueuedItems /nologo ..12/07/2019 14:54:22.473 [5488]: Executing command from offline queue: install "System.Runtime.WindowsRuntime.UI.Xaml, Version=4.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil" /NoDependencies /queue:1..12/07/2019 14:54:22.490 [5488]: Executing command from offline queue: install "System.Web.ApplicationServices, Version=4.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil" /NoDependencies /queue:3..12/07/2019 14:54:22.490 [5488]: Exclusion list entry found for System.Web.ApplicationServices, Version=4.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil; it will not be installed..12/07/2019 14:54:22.490 [

      C:\Windows\Temp\~DF1F8E6BD646D0519E.TMP

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Composite Document File V2 Document, Cannot read section info
      Category:dropped
      Size (bytes):49152
      Entropy (8bit):1.461993157888407
      Encrypted:false
      SSDEEP:
      MD5:81312C2BA8C88BFCD3C66C7F2D003300
      SHA1:CDF4366F561143B932E52B4E0037A27914C7570A
      SHA-256:48DAF68C15AC87EAF0AADB131E095DE3988CAC98EDCC99FA0EDDAD65C8FBAC96
      SHA-512:81BC5B7016CE2AEFBF303C0FB623C6834996C51C072D9274B94C95A77BA3CF39695EC58059BD2FEEF2A707AB0359BBFF236BC98F82E8425273E4CD400A70CB98
      Malicious:false
      Reputation:low
      Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Windows\Temp\~DF2234B6EF9A543D5F.TMP

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:data
      Category:dropped
      Size (bytes):360448
      Entropy (8bit):5.885681740337147
      Encrypted:false
      SSDEEP:
      MD5:7336D0AC22D70A7DA9C4A96F69BB0570
      SHA1:95F496DD5410BF8AC586817E0EF584FF618D4002
      SHA-256:698137D9864420009322620170FD7ACC51AF2390771AAF6169EBD4CBC8305A2E
      SHA-512:091BB01952B966502519DE2662C69812AE99BA2C4012E9D568C5077B6EF557C5D3F9315770415ABA1A7AF4E87573532D915086B15B3E0CFEA78B101094F94F67
      Malicious:false
      Reputation:low
      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Windows\Temp\~DFC37FD7B2C7533EF0.TMP

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:Composite Document File V2 Document, Cannot read section info
      Category:dropped
      Size (bytes):20480
      Entropy (8bit):1.4965073219220242
      Encrypted:false
      SSDEEP:
      MD5:47C02CB7168EF886029CD89C512E831B
      SHA1:4BA4A3E1582688B66FDC3BC83B65DB8C76180E95
      SHA-256:EED6ABA7FE34F242CD42FB9B15DBBD02663A59EC44813D01498D08AF8975812E
      SHA-512:E191EA2C5303260F0B4FD2BF420684BA2738DA010DBA4F733DCA968B37BD21C334EF6DA6795DFA4DFAE059349AE9031307E1D97C782C117E7FF3045CCE94CE3D
      Malicious:false
      Reputation:low
      Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Windows\Temp\~DFCDEF38CE36875C8E.TMP

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:data
      Category:dropped
      Size (bytes):512
      Entropy (8bit):0.0
      Encrypted:false
      SSDEEP:
      MD5:BF619EAC0CDF3F68D496EA9344137E8B
      SHA1:5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5
      SHA-256:076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560
      SHA-512:DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE
      Malicious:false
      Reputation:low
      Preview:................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      C:\Windows\Temp\~DFDCDC79CCD90C9FDD.TMP

      Download File
      Process:C:\Windows\System32\msiexec.exe
      File Type:data
      Category:dropped
      Size (bytes):77824
      Entropy (8bit):0.47649563024763
      Encrypted:false
      SSDEEP:
      MD5:CDC944B4B5E0C65469B688F1B006D821
      SHA1:45D1A8A57920B2F858F0405FFABCE6B61A8C8AC5
      SHA-256:F39780F4B1EBDBC27DE05B4DAD18874B9D70B0BF91A8145DE819006521CB442B
      SHA-512:D3A61C40A342867D3BF4A0D4B958B4BA214E863A05717D6E04CDC15C9DE8F51124500DA4B9ED84EA5796C1EFFF2936F6D215BF3D00BC4E96349AD4334CB0EA3F
      Malicious:false
      Reputation:low
      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

      \Device\Mup\user-PC*\MAILSLOT\NET\NETLOGON

      Download File
      Process:C:\Windows\SysWOW64\msiexec.exe
      File Type:data
      Category:dropped
      Size (bytes):64
      Entropy (8bit):3.607563206984032
      Encrypted:false
      SSDEEP:
      MD5:2202AE3E2DF1C5C5BC3FB05A5A9E650A
      SHA1:3E9BD1CCCCAF239673E278E9D0F8444AA0B97659
      SHA-256:554A8CE14B581A36D4B9B51C97433295DB92111DADB0921E7C301766ED577A29
      SHA-512:A049340212024FDC3B8B676AD92C452C36276D81A6155D8BDBF3CE36D8F8A9301CED3242DD75D9553A12E870C077E8313614F11CE6E47268BDBEF1EFB6029767
      Malicious:false
      Reputation:low
      Preview:....3.6.7.7.0.6.....\MAILSLOT\NET\GETDCF9B3BEF6.................

      Static File Info

      General

      File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
      Entropy (8bit):7.999866934824573
      TrID:
      • Win32 Executable (generic) a (10002005/4) 92.16%
      • NSIS - Nullsoft Scriptable Install System (846627/2) 7.80%
      • Generic Win/DOS Executable (2004/3) 0.02%
      • DOS Executable Generic (2002/1) 0.02%
      • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
      File name:Advanced.Installer-15.9.exe
      File size:92'241'479 bytes
      MD5:62c79daecf351427875604ad88a740eb
      SHA1:38dfe177d440f53aacd414a240599f3b513ed2b4
      SHA256:36578303e42313df1a9f15045edc7b5fc7c8d95b0bccb26390c5f3e5e75e1e4a
      SHA512:41426d44ab2996ee58962f16672670020b4a3afa7935ced241f31db76f2eeecf4f2af632bea92ef77f5f24a7a6d2f794a5c2685670ee4126f00e890b4c3cdd2e
      SSDEEP:1572864:aKM05o/LlsUMNNBDg7cKCPtT5MPz4vqRoyUNwKM1nxY63doJvJVTVBxc98z6a3Zl:ar0C/iVvXxiz4iqwKoni6+bTVBxc98f
      TLSH:6A18335AE9846CC6E366A0FC1CC87B0051AEEF9E1465832170933E5DF8B5C5B4C25AEF
      File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......1..:u..iu..iu..i...iw..iu..i...i...id..i!..i...i...it..iRichu..i........................PE..L......K.................\.........

      File Icon

      Icon Hash:013d7f72b0712b07

      Static PE Info

      General

      Entrypoint:0x40323c
      Entrypoint Section:.text
      Digitally signed:false
      Imagebase:0x400000
      Subsystem:windows gui
      Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
      DLL Characteristics:TERMINAL_SERVER_AWARE
      Time Stamp:0x4B1AE3C6 [Sat Dec 5 22:50:46 2009 UTC]
      TLS Callbacks:
      CLR (.Net) Version:
      OS Version Major:4
      OS Version Minor:0
      File Version Major:4
      File Version Minor:0
      Subsystem Version Major:4
      Subsystem Version Minor:0
      Import Hash:099c0646ea7282d232219f8807883be0

      Entrypoint Preview

      Instruction
      sub esp, 00000180h
      push ebx
      push ebp
      push esi
      xor ebx, ebx
      push edi
      mov dword ptr [esp+18h], ebx
      mov dword ptr [esp+10h], 00409130h
      xor esi, esi
      mov byte ptr [esp+14h], 00000020h
      call dword ptr [00407030h]
      push 00008001h
      call dword ptr [004070B4h]
      push ebx
      call dword ptr [0040727Ch]
      push 00000008h
      mov dword ptr [00423F58h], eax
      call 00007F25D8DD4A7Eh
      mov dword ptr [00423EA4h], eax
      push ebx
      lea eax, dword ptr [esp+34h]
      push 00000160h
      push eax
      push ebx
      push 0041F458h
      call dword ptr [00407158h]
      push 004091B8h
      push 004236A0h
      call 00007F25D8DD4731h
      call dword ptr [004070B0h]
      mov edi, 00429000h
      push eax
      push edi
      call 00007F25D8DD471Fh
      push ebx
      call dword ptr [0040710Ch]
      cmp byte ptr [00429000h], 00000022h
      mov dword ptr [00423EA0h], eax
      mov eax, edi
      jne 00007F25D8DD1E7Ch
      mov byte ptr [esp+14h], 00000022h
      mov eax, 00429001h
      push dword ptr [esp+14h]
      push eax
      call 00007F25D8DD4212h
      push eax
      call dword ptr [0040721Ch]
      mov dword ptr [esp+1Ch], eax
      jmp 00007F25D8DD1ED5h
      cmp cl, 00000020h
      jne 00007F25D8DD1E78h
      inc eax
      cmp byte ptr [eax], 00000020h
      je 00007F25D8DD1E6Ch
      cmp byte ptr [eax], 00000022h
      mov byte ptr [eax+eax+00h], 00000000h

      Rich Headers

      Programming Language:
      • [EXP] VC++ 6.0 SP5 build 8804

      Data Directories

      NameVirtual AddressVirtual Size Is in Section
      IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
      IMAGE_DIRECTORY_ENTRY_IMPORT0x73a40xb4.rdata
      IMAGE_DIRECTORY_ENTRY_RESOURCE0x370000x309d0.rsrc
      IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
      IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
      IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
      IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
      IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
      IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
      IMAGE_DIRECTORY_ENTRY_TLS0x00x0
      IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
      IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
      IMAGE_DIRECTORY_ENTRY_IAT0x70000x28c.rdata
      IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
      IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
      IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

      Sections

      NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
      .text0x10000x5a5a0x5c00False0.6604534646739131data6.417698236857409IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
      .rdata0x70000x11900x1200False0.4453125data5.181627099249737IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
      .data0x90000x1af980x400False0.55859375data4.70902740305165IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
      .ndata0x240000x130000x0False0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
      .rsrc0x370000x309d00x30a00False0.14244758194087404data4.046495426591445IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

      Resources

      NameRVASizeTypeLanguageCountryZLIB Complexity
      RT_ICON0x374180x10828Device independent bitmap graphic, 128 x 256 x 32, image size 67584EnglishUnited States0.060910327694309714
      RT_ICON0x47c400x94a8Device independent bitmap graphic, 96 x 192 x 32, image size 38016EnglishUnited States0.08195816691191928
      RT_ICON0x510e80x5488Device independent bitmap graphic, 72 x 144 x 32, image size 21600EnglishUnited States0.09630314232902033
      RT_ICON0x565700x4228Device independent bitmap graphic, 64 x 128 x 32, image size 16896EnglishUnited States0.11088804912612187
      RT_ICON0x5a7980x3a48Device independent bitmap graphic, 60 x 120 x 32, image size 14880EnglishUnited States0.12097855227882037
      RT_ICON0x5e1e00x2920PNG image data, 256 x 256, 8-bit/color RGBA, non-interlacedEnglishUnited States0.9906914893617021
      RT_ICON0x60b000x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9600EnglishUnited States0.1508298755186722
      RT_ICON0x630a80x1a68Device independent bitmap graphic, 40 x 80 x 32, image size 6720EnglishUnited States0.17440828402366865
      RT_ICON0x64b100x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4224EnglishUnited States0.21482176360225141
      RT_ICON0x65bb80x988Device independent bitmap graphic, 24 x 48 x 32, image size 2400EnglishUnited States0.17295081967213113
      RT_ICON0x665400x6b8Device independent bitmap graphic, 20 x 40 x 32, image size 1680EnglishUnited States0.2069767441860465
      RT_ICON0x66bf80x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088EnglishUnited States0.2650709219858156
      RT_DIALOG0x670600x120dataEnglishUnited States0.5138888888888888
      RT_DIALOG0x671800x200dataEnglishUnited States0.3984375
      RT_DIALOG0x673800xf8dataEnglishUnited States0.6290322580645161
      RT_DIALOG0x674780xeedataEnglishUnited States0.6260504201680672
      RT_GROUP_ICON0x675680xaedataEnglishUnited States0.6896551724137931
      RT_VERSION0x676180x1a0dataRussianRussia0.5697115384615384
      RT_MANIFEST0x677b80x215XML 1.0 document, ASCII text, with very long lines (533), with no line terminatorsEnglishUnited States0.575984990619137

      Imports

      DLLImport
      KERNEL32.dllCompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetTickCount, CreateFileA, GetFileSize, GetModuleFileNameA, GetCurrentProcess, CopyFileA, ExitProcess, SetFileTime, GetTempPathA, GetCommandLineA, SetErrorMode, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, GetVersion, CloseHandle, lstrcmpiA, lstrcmpA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, MulDiv, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, GetWindowsDirectoryA
      USER32.dllEndDialog, ScreenToClient, GetWindowRect, EnableMenuItem, GetSystemMenu, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, RegisterClassA, TrackPopupMenu, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CharPrevA, DispatchMessageA, PeekMessageA, DestroyWindow, CreateDialogParamA, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, OpenClipboard, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, ShowWindow
      GDI32.dllSetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject
      SHELL32.dllSHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation
      ADVAPI32.dllRegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA
      COMCTL32.dllImageList_AddMasked, ImageList_Destroy, ImageList_Create
      ole32.dllCoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance
      VERSION.dllGetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA

      Possible Origin

      Language of compilation systemCountry where language is spokenMap
      EnglishUnited States
      RussianRussia