Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
simaris-suite-installer.exe

Overview

General Information

Sample name:simaris-suite-installer.exe
Analysis ID:1367988
MD5:283c02361ea45d1c7db39c334b94b503
SHA1:722037a9c26b269cd3c1b7988a43c887bdf757f2
SHA256:2fb1fd57fda10c661806f8fa38bf303bb5c20a01d5a2ed1cc2be53aa7b7ae62a
Infos:

Detection

Score:42
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Allocates memory in foreign processes
Changes memory attributes in foreign processes to executable or writable
Sets file extension default program settings to executables
Writes to foreign memory regions
Creates a process in suspended mode (likely to inject code)
DLL planting / hijacking vulnerabilities found
Drops PE files
EXE planting / hijacking vulnerabilities found
Enables debug privileges
Enables security privileges
Found dropped PE file which has not been started or loaded
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
Queries keyboard layouts
Queries the volume information (name, serial number etc) of a device
Tries to load missing DLLs
Uses 32bit PE files
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • simaris-suite-installer.exe (PID: 5944 cmdline: C:\Users\user\Desktop\simaris-suite-installer.exe MD5: 283C02361EA45D1C7DB39C334B94B503)
    • cmd.exe (PID: 6104 cmdline: cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq SIMARIS Suite.exe" | %SYSTEMROOT%\System32\find.exe "SIMARIS Suite.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 5316 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • tasklist.exe (PID: 6460 cmdline: tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq SIMARIS Suite.exe" MD5: 0A4448B31CE7F83CB7691A2657F330F1)
      • find.exe (PID: 5532 cmdline: C:\Windows\System32\find.exe "SIMARIS Suite.exe" MD5: 15B158BC998EEF74CFDD27C44978AEA0)
  • SIMARIS Suite.exe (PID: 3112 cmdline: "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" MD5: 61FE3AE7F216D906024280616CE2A151)
    • SIMARIS Suite.exe (PID: 7100 cmdline: "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\simaris-suite-app" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1516 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2 MD5: 61FE3AE7F216D906024280616CE2A151)
    • explorer.exe (PID: 3904 cmdline: C:\Windows\Explorer.EXE MD5: 662F4F92FDE3557E86D110526BB578D5)
      • SIMARIS Suite.exe (PID: 6728 cmdline: "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" MD5: 61FE3AE7F216D906024280616CE2A151)
    • SIMARIS Suite.exe (PID: 6312 cmdline: "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\simaris-suite-app" --mojo-platform-channel-handle=1904 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8 MD5: 61FE3AE7F216D906024280616CE2A151)
    • SIMARIS Suite.exe (PID: 5960 cmdline: "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\simaris-suite-app" --app-path="C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=5632609578 --mojo-platform-channel-handle=2140 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1 MD5: 61FE3AE7F216D906024280616CE2A151)
    • SIMARIS Suite.exe (PID: 7148 cmdline: "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\simaris-suite-app" --app-path="C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar" --enable-sandbox --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=5634098685 --mojo-platform-channel-handle=2300 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1 MD5: 61FE3AE7F216D906024280616CE2A151)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

  • Privilege Escalation
  • Compliance
  • Spreading
  • Networking
  • System Summary
  • Persistence and Installation Behavior
  • Boot Survival
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion
  • Anti Debugging
  • HIPS / PFW / Operating System Protection Evasion
  • Language, Device and Operating System Detection

Click to jump to signature section

Show All Signature Results
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: WINSTA.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: MSIMG32.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: WINHTTP.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: WINMM.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: WTSAPI32.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: PROPSYS.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: Secur32.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: SSPICLI.DLL
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\d3dcompiler_47.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: profapi.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: MSASN1.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: VERSION.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: dxva2.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: kbdus.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: dwmapi.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: USERENV.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: mfplat.dll
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\vulkan-1.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: CRYPTSP.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: CRYPTBASE.DLL
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: ColorAdapterClient.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: UMPDC.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: IPHLPAPI.DLL
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\libEGL.dll
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\ffmpeg.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: mscms.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: mfperfhelper.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: UIAutomationCore.DLL
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\vk_swiftshader.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: dhcpcsvc.DLL
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: dxgi.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: RTWorkQ.DLL
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: OLEACC.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: msmpeg2vdec.dll
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\libGLESv2.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: msvproc.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: Wldp.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: DPAPI.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: mf.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: DWrite.dll
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\7zip-bin\win\ia32\7za.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\src\bin\elevate.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\simaris-suite-app-updater\installer.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\7zip-bin\win\x64\7za.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\Uninstall SIMARIS Suite.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\electron-sudo\dist\bin\elevate.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\electron-sudo\src\bin\elevate.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\7zip-bin\win\arm64\7za.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: cmd.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\elevate.exe
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: WINSTA.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: MSIMG32.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: WINHTTP.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: WINMM.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: WTSAPI32.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: PROPSYS.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: Secur32.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: SSPICLI.DLL
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\d3dcompiler_47.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: profapi.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: MSASN1.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: VERSION.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: dxva2.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: kbdus.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: dwmapi.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: USERENV.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: mfplat.dll
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\vulkan-1.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: CRYPTSP.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: CRYPTBASE.DLL
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: ColorAdapterClient.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: UMPDC.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: IPHLPAPI.DLL
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\libEGL.dll
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\ffmpeg.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: mscms.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: mfperfhelper.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: UIAutomationCore.DLL
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\vk_swiftshader.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: dhcpcsvc.DLL
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: dxgi.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: RTWorkQ.DLL
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: OLEACC.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: msmpeg2vdec.dll
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDLL: C:\Users\user\AppData\Local\Programs\simaris-suite-app\libGLESv2.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: msvproc.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: Wldp.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: DPAPI.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: mf.dll
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeDLL: DWrite.dll
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\7zip-bin\win\ia32\7za.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\src\bin\elevate.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\simaris-suite-app-updater\installer.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\7zip-bin\win\x64\7za.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\Uninstall SIMARIS Suite.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\electron-sudo\dist\bin\elevate.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\electron-sudo\src\bin\elevate.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\7zip-bin\win\arm64\7za.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: cmd.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeEXE: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\elevate.exe
Source: simaris-suite-installer.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: C:\Users\user\Desktop\simaris-suite-installer.exeRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\24074280-fd41-565e-991e-d48a07b3c328
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\LICENSE.electron.txt
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\LICENSE.txt
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\LICENSE.electron.txt
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\7zip-bin\LICENSE.txt
Source: simaris-suite-installer.exeStatic PE information: certificate valid
Source: simaris-suite-installer.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownDNS traffic detected: queries for: chrome.cloudflare-dns.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: C:\Users\user\Desktop\simaris-suite-installer.exeProcess token adjusted: Security
Source: C:\Users\user\Desktop\simaris-suite-installer.exeSection loaded: linkinfo.dll
Source: C:\Users\user\Desktop\simaris-suite-installer.exeSection loaded: cscapi.dll
Source: C:\Users\user\Desktop\simaris-suite-installer.exeSection loaded: sxs.dll
Source: C:\Users\user\Desktop\simaris-suite-installer.exeSection loaded: onecorecommonproxystub.dll
Source: simaris-suite-installer.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: classification engineClassification label: mal42.evad.winEXE@17/146@1/3
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Programs
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMutant created: \Sessions\1\BaseNamedObjects\Local\simaris-suite-appProcessSingletonStartup
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5316:120:WilError_03
Source: C:\Users\user\Desktop\simaris-suite-installer.exeMutant created: \Sessions\1\BaseNamedObjects\24074280-fd41-565e-991e-d48a07b3c328
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp2765.tmp
Source: simaris-suite-installer.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Windows\SysWOW64\tasklist.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime FROM Win32_Process WHERE Caption = 'SIMARIS SUITE.EXE'
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile read: C:\Users\desktop.ini
Source: C:\Users\user\Desktop\simaris-suite-installer.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile read: C:\Users\user\Desktop\simaris-suite-installer.exe
Source: unknownProcess created: C:\Users\user\Desktop\simaris-suite-installer.exe C:\Users\user\Desktop\simaris-suite-installer.exe
Source: C:\Users\user\Desktop\simaris-suite-installer.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq SIMARIS Suite.exe" | %SYSTEMROOT%\System32\find.exe "SIMARIS Suite.exe"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq SIMARIS Suite.exe"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\find.exe C:\Windows\System32\find.exe "SIMARIS Suite.exe"
Source: C:\Users\user\Desktop\simaris-suite-installer.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq SIMARIS Suite.exe" | %SYSTEMROOT%\System32\find.exe "SIMARIS Suite.exe"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq SIMARIS Suite.exe"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\find.exe C:\Windows\System32\find.exe "SIMARIS Suite.exe"
Source: unknownProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe"
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\simaris-suite-app" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1516 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe"
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\simaris-suite-app" --app-path="C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=5632609578 --mojo-platform-channel-handle=2140 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\simaris-suite-app" --app-path="C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar" --enable-sandbox --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=5634098685 --mojo-platform-channel-handle=2300 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\simaris-suite-app" --app-path="C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=5632609578 --mojo-platform-channel-handle=2140 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\simaris-suite-app" --app-path="C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar" --enable-sandbox --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=5634098685 --mojo-platform-channel-handle=2300 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
Source: C:\Users\user\Desktop\simaris-suite-installer.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq SIMARIS Suite.exe"
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Users\user\Desktop\simaris-suite-installer.exeRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\24074280-fd41-565e-991e-d48a07b3c328
Source: simaris-suite-installer.exeStatic PE information: certificate valid
Source: simaris-suite-installer.exeStatic file information: File size 79156408 > 1048576
Source: simaris-suite-installer.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\StdUtils.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\SIMARIS Suite.exeJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\win\arm64\7za.exeJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\System.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\vulkan-1.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\nsExec.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\ffmpeg.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\libEGL.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\SpiderBanner.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\d3dcompiler_47.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\nsis7z.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\LICENSE.electron.txt
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\LICENSE.txt
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\LICENSE.electron.txt
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\7zip-bin\LICENSE.txt

Boot Survival

barindex
Source: C:\Users\user\Desktop\simaris-suite-installer.exeRegistry value created: HKEY_CURRENT_USER_Classes\suite\shell\open\command C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe %1
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeRegistry key monitored for changes: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Spelling
Source: C:\Users\user\Desktop\simaris-suite-installer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\simaris-suite-installer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\simaris-suite-installer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\simaris-suite-installer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\simaris-suite-installer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\simaris-suite-installer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\win\arm64\7za.exeJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\vulkan-1.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\ffmpeg.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\libEGL.dllJump to dropped file
Source: C:\Users\user\Desktop\simaris-suite-installer.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\d3dcompiler_47.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeFile Volume queried: C:\Users\user\AppData\Roaming\simaris-suite-app\Code Cache\wasm FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeFile Volume queried: C:\Users\user\AppData\Roaming\simaris-suite-app\Code Cache\js FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeFile Volume queried: C:\Users\user\AppData\Roaming\simaris-suite-app\blob_storage\652c4440-e9a6-42f8-9a59-9392f544a8db FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeFile Volume queried: C:\Users\user\AppData\Roaming\simaris-suite-app\Cache\Cache_Data FullSizeInformation
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources
Source: C:\Users\user\Desktop\simaris-suite-installer.exeFile opened: C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked
Source: C:\Users\user\Desktop\simaris-suite-installer.exeProcess information queried: ProcessInformation
Source: C:\Windows\SysWOW64\tasklist.exeProcess token adjusted: Debug

HIPS / PFW / Operating System Protection Evasion

barindex
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory allocated: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C5080000 protect: page read and write
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory allocated: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C5090000 protect: page read and write
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory allocated: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A0000 protect: page no access
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory allocated: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A1000 protect: page execute and read and write
Source: C:\Windows\explorer.exeMemory allocated: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 1803C740000 protect: page read and write
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2DA90 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2DA90 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D650 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D650 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D790 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D790 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2F8A0 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2F8A0 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2F5A0 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2F5A0 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D4B0 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D4B0 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2F4E0 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2F4E0 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D190 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D190 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D470 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D470 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D5F0 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D5F0 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D5D0 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D5D0 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D4F0 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D4F0 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D530 protect: page write copy
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D530 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory protected: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A1000 protect: page execute read
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C5080000
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: FBC2CE52D8
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C5090000
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A1020
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2DA90
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A1060
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D650
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A10A0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D790
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A10E0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2F8A0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A1120
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2F5A0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A1160
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D4B0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A11A0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2F4E0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A11E0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D190
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A1220
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D470
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A1260
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D5F0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A12A0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D5D0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A12E0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D4F0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A1320
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FFDF4D2D530
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 2C2C50A1000
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FF686F2EDD0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FF686F36238
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FF686C41EF0
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FF686C42020
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FF686C42028
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FF686C41EE8
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FF686B4AF98
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 7FF686C41EC0
Source: C:\Windows\explorer.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 1803C740000
Source: C:\Windows\explorer.exeMemory written: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe base: 69281112D8
Source: C:\Users\user\Desktop\simaris-suite-installer.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq SIMARIS Suite.exe" | %SYSTEMROOT%\System32\find.exe "SIMARIS Suite.exe"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq SIMARIS Suite.exe"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\find.exe C:\Windows\System32\find.exe "SIMARIS Suite.exe"
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\simaris-suite-app" --app-path="C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=5632609578 --mojo-platform-channel-handle=2140 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\simaris-suite-app" --app-path="C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar" --enable-sandbox --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=5634098685 --mojo-platform-channel-handle=2300 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "c:\users\user\appdata\local\programs\simaris-suite-app\simaris suite.exe" --type=gpu-process --user-data-dir="c:\users\user\appdata\roaming\simaris-suite-app" --gpu-preferences=uaaaaaaaaadgaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1516 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "c:\users\user\appdata\local\programs\simaris-suite-app\simaris suite.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\simaris-suite-app" --app-path="c:\users\user\appdata\local\programs\simaris-suite-app\resources\app.asar" --no-sandbox --no-zygote --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=5632609578 --mojo-platform-channel-handle=2140 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "c:\users\user\appdata\local\programs\simaris-suite-app\simaris suite.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\simaris-suite-app" --app-path="c:\users\user\appdata\local\programs\simaris-suite-app\resources\app.asar" --enable-sandbox --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=5634098685 --mojo-platform-channel-handle=2300 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "c:\users\user\appdata\local\programs\simaris-suite-app\simaris suite.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\simaris-suite-app" --app-path="c:\users\user\appdata\local\programs\simaris-suite-app\resources\app.asar" --no-sandbox --no-zygote --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=5632609578 --mojo-platform-channel-handle=2140 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeProcess created: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe "c:\users\user\appdata\local\programs\simaris-suite-app\simaris suite.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\simaris-suite-app" --app-path="c:\users\user\appdata\local\programs\simaris-suite-app\resources\app.asar" --enable-sandbox --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=5634098685 --mojo-platform-channel-handle=2300 --field-trial-handle=1648,i,3982303759987223075,14234584191073094306,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs\simaris-suite-app VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\electron-logs.log VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\7zip-bin\package.json VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar.unpacked\node_modules\7zip-bin\index.js VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs\simaris-suite-app VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpactResource DevelopmentReconnaissance
Valid Accounts1
Windows Management Instrumentation		1
Windows Service		1
Windows Service		11
Masquerading		OS Credential Dumping1
Query Registry		Remote ServicesData from Local SystemExfiltration Over Other Network Medium2
Encrypted Channel		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationAbuse Accessibility FeaturesAcquire InfrastructureGather Victim Identity Information
Default Accounts1
Command and Scripting Interpreter		1
DLL Side-Loading		311
Process Injection		311
Process Injection		LSASS Memory2
Process Discovery		Remote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth1
Non-Application Layer Protocol		SIM Card SwapObtain Device Cloud BackupsNetwork Denial of ServiceDomainsCredentials
Domain AccountsAt2
DLL Search Order Hijacking		1
DLL Side-Loading		1
DLL Side-Loading		Security Account Manager1
Remote System Discovery		SMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration2
Application Layer Protocol		Data Encrypted for ImpactDNS ServerEmail Addresses
Local AccountsCronLogin Hook2
DLL Search Order Hijacking		2
DLL Search Order Hijacking		NTDS2
File and Directory Discovery		Distributed Component Object ModelInput CaptureTraffic DuplicationProtocol ImpersonationData DestructionVirtual Private ServerEmployee Names
Cloud AccountsLaunchdNetwork Logon ScriptNetwork Logon ScriptSoftware PackingLSA Secrets24
System Information Discovery		SSHKeyloggingScheduled TransferFallback ChannelsData Encrypted for ImpactServerGather Victim Network Information

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
simaris-suite-installer.exe0%ReversingLabs
simaris-suite-installer.exe0%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\SIMARIS Suite.exe0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\SIMARIS Suite.exe0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\d3dcompiler_47.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\d3dcompiler_47.dll0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\ffmpeg.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\ffmpeg.dll0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\libEGL.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\libEGL.dll0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\7x.sh0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\7x.sh0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\arm64\7za0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\arm64\7za0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\arm\7za0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\arm\7za0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\ia32\7za0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\ia32\7za0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\x64\7za0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\x64\7za0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\x64\build.sh0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\x64\build.sh0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\x64\do-build.sh0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\x64\do-build.sh0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\mac\arm64\7za0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\mac\arm64\7za0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\mac\x64\7za0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\mac\x64\7za0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\win\arm64\7za.exe0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\win\arm64\7za.exe0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\bin\applet.app\Contents\MacOS\applet0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\bin\applet.app\Contents\MacOS\applet0%VirustotalBrowse
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\SpiderBanner.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsp289E.tmp\SpiderBanner.dll0%VirustotalBrowse

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
chrome.cloudflare-dns.com0%VirustotalBrowse

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
chrome.cloudflare-dns.com
162.159.61.3
truefalseunknown

World Map of Contacted IPs

  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Public IPs

IPDomainCountryFlagASNASN NameMalicious
162.159.61.3
chrome.cloudflare-dns.comUnited States
13335CLOUDFLARENETUSfalse

General Information

Joe Sandbox version:38.0.0 Ammolite
Analysis ID:1367988
Start date and time:2023-12-29 15:00:53 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultwindowsinteractivecookbook.jbs
Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:18
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:1
Technologies:
  • EGA enabled
Analysis Mode:stream
Analysis stop reason:Timeout
Sample name:simaris-suite-installer.exe
Detection:MAL
Classification:mal42.evad.winEXE@17/146@1/3
Cookbook Comments:
  • Found application associated with file extension: .exe
  • Exclude process from analysis (whitelisted): dllhost.exe
  • Excluded domains from analysis (whitelisted): www.bing.com, ocsp.digicert.com, slscr.update.microsoft.com, fe3cr.delivery.mp.microsoft.com
  • Not all processes where analyzed, report is missing behavior information
  • Report size getting too big, too many NtAllocateVirtualMemory calls found.
  • Report size getting too big, too many NtOpenKeyEx calls found.
  • Report size getting too big, too many NtProtectVirtualMemory calls found.
  • Report size getting too big, too many NtQueryValueKey calls found.
  • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
  • Report size getting too big, too many NtSetInformationFile calls found.

Created / dropped Files

C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\electron-logs.log

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):865
Entropy (8bit):5.099851752282522
Encrypted:false
SSDEEP:
MD5:1276C05B6D64FC23ACAE7DB61557A947
SHA1:69A4047D982ACF52BEE7965C2F9556BC48A80658
SHA-256:48627E54DF7E955D22856D23B379D05E69A3046E86EE14C4DB6883903D3C70C8
SHA-512:42303A702FFF2C3007901240B5DEB224BFCD07AB301410FCB49D8121F228126C6CCA80ED150A1E34448DA76F40406AE880B427644D66098C1B5FE6DB4CBAD7BB
Malicious:false
Reputation:low
Preview:[2023-12-29 15:02:27.045 (+01:00)] [info] Log to C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\electron-logs.log..[2023-12-29 15:02:27.214 (+01:00)] [info] load language en C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\app.asar\src\assets\i18n\locale-en.json..[2023-12-29 15:02:27.218 (+01:00)] [info] Log to C:\Users\user\AppData\Local\Programs\simaris-suite-app\resources\electron-logs.log..[2023-12-29 15:02:27.344 (+01:00)] [info] Log Level = debug..[2023-12-29 15:02:27.348 (+01:00)] [info] asar..[2023-12-29 15:02:27.353 (+01:00)] [info] App starting.....[2023-12-29 15:02:27.478 (+01:00)] [info] App ready.....[2023-12-29 15:02:27.481 (+01:00)] [info] App locale on startup en-GB..[2023-12-29 15:03:00.736 (+01:00)] [info] Register custom protocol.....[2023-12-29 15:03:00.740 (+01:00)] [info] ... succeeded..

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\LICENSE.electron.txt

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ASCII text
Category:dropped
Size (bytes):1096
Entropy (8bit):5.13006727705212
Encrypted:false
SSDEEP:
MD5:4D42118D35941E0F664DDDBD83F633C5
SHA1:2B21EC5F20FE961D15F2B58EFB1368E66D202E5C
SHA-256:5154E165BD6C2CC0CFBCD8916498C7ABAB0497923BAFCD5CB07673FE8480087D
SHA-512:3FFBBA2E4CD689F362378F6B0F6060571F57E228D3755BDD308283BE6CBBEF8C2E84BEB5FCF73E0C3C81CD944D01EE3FCF141733C4D8B3B0162E543E0B9F3E63
Malicious:false
Reputation:low
Preview:Copyright (c) Electron contributors.Copyright (c) 2013-2020 GitHub Inc...Permission is hereby granted, free of charge, to any person obtaining.a copy of this software and associated documentation files (the."Software"), to deal in the Software without restriction, including.without limitation the rights to use, copy, modify, merge, publish,.distribute, sublicense, and/or sell copies of the Software, and to.permit persons to whom the Software is furnished to do so, subject to.the following conditions:..The above copyright notice and this permission notice shall be.included in all copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,.EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF.MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND.NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE.LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION.OF CONTRACT, TORT OR OTHERWISE, ARISIN

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\LICENSES.chromium.html

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:HTML document, ASCII text, with CRLF, LF line terminators
Category:dropped
Size (bytes):6600501
Entropy (8bit):4.741823952998234
Encrypted:false
SSDEEP:
MD5:997768AE7EB8C036425BED10F766E823
SHA1:2EC99026B977F6603A8A7890BC05594A9A4F13A1
SHA-256:AB30EE348B3257EC2F19FB5733E64278438BE792F1280CE0F28EAE0C9CB8943C
SHA-512:F408B817B68861CBAD62425E0BB8726F876D36A2212186A8F948D5C825C95ED819DCC41284D8AD8AC11E7AB7FF6141588FEDEDD01C287780F84269846515F639
Malicious:false
Reputation:low
Preview: Generated by licenses.py; do not edit. --><!doctype html>.<html>.<head>.<meta charset="utf-8">.<meta name="viewport" content="width=device-width">.<meta name="color-scheme" content="light dark">.<title>Credits</title>.<link rel="stylesheet" href="chrome://resources/css/text_defaults.css">.<link rel="stylesheet" href="chrome://credits/credits.css">.</head>.<body>.<span class="page-title" style="float:left;">Credits</span>.<a id="print-link" href="#" style="float:right;" hidden>Print</a>.<div style="clear:both; overflow:auto;"> Chromium <3s the following projects -->.<div class="product">.<span class="title">2-dim General Purpose FFT (Fast Fourier/Cosine/Sine Transform) Package</span>.<span class="homepage"><a href="http://www.kurims.kyoto-u.ac.jp/~ooura/fft.html">homepage</a></span>.<input type="checkbox" hidden id="0">.<label class="show" for="0" tabindex="0"></label>.<div class="licence">.<pre>Copyright(C) 1997,2001 Takuya OOURA (email: ooura@kurims.kyoto-u.ac.jp)..You may us

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\SIMARIS Suite.exe

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PE32+ executable (GUI) x86-64, for MS Windows
Category:dropped
Size (bytes):152129944
Entropy (8bit):6.710307912670088
Encrypted:false
SSDEEP:
MD5:61FE3AE7F216D906024280616CE2A151
SHA1:10A75004742DAC4EDD8333D46186E988C1D5DB74
SHA-256:9642FE4F425B7BC813ACFD4F8406EC0AF29E8BAEC06291F48A9311E809D650ED
SHA-512:704B7F3540BE71B7E8AF9897EFDBE0BC2958A6910B3632473146348AF661CC7883B73F4674F78EAD689070148F17257D4EEE7EC1C06F263CED4BEFBD34FC1F50
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d......c..........".......X..B......`..........@............................. L.....b.....`..........................................E...O.....h.....7.........H.;......=...P=...............................(...`.X.8...............x...8...`....................text...h.X.......X................. ..`.rdata...v_...X..x_...X.............@..@.data.....B..P...J...2..............@....pdata..H.;.......;..|..............@..@.00cfg..(.....6......D..............@..@.gxfg....A....6..B...F..............@..@.retplne.....07..........................rodata......@7..................... ..`.tls....y....`7.....................@....voltbl.P....p7.........................CPADinfo8.....7.....................@..._RDATA........7.....................@..@malloc_h......7..................... ..`.rsrc.........7.....................@..@.reloc.......P=......F..............@..B................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\chrome_100_percent.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):129228
Entropy (8bit):7.9197231284749146
Encrypted:false
SSDEEP:
MD5:A3D4515D3A33A407D313A62818E82A5D
SHA1:967FF9A6774A66F7B3299AF4FD5D70961ED54D79
SHA-256:662A9DB6EF4197CB4B6C50648A2CAFCEB7FD903015828DF3FEE605A602370BE0
SHA-512:0C757E1BECCBCA1AE0791FA0C51A9E2019696BD0965C73DE67B364FBA6F317EA2CF20FA65E4FA7DD22519683528E5112DC8C530049170F4E702E0C8D4E065801
Malicious:false
Reputation:low
Preview:..............b...#.....:.7...fl^...gl$...hl....il....jl....klN...ll[...ml....nl....ol7...pl....ql."..rl.,..xl.7..yl)9..|ld:..}l.<...l.<...l.B...lTH...l.J...l.K..vz.L..wz+M..xz.N..yz.Q..zz.T..{z.W..|z.\..}z._..~z.c...zJg...z}h...z.j...zck...zVl...z.l...z.m...z....z<................J....G...................k.........{.........F..............h....E.....#....&...I/....3....<....G....AK....L...U....^...._...u`...Vb...|e...(f...=i...\k....l....n...3q.....q...Qs....t...1x.....y.....|....n~.........A................C.....H.....M................j... .....!....".....#.m...$.R...%.D...&....'.....(.....).d...*.R...+.j...,.p...-.*.../.....0.....1.....2.I...3.....4.....5.....6.....7.....8.....;.................'.....}...........F...........].................K...............................................)...........B.............................K...........m.............................=.................h...........#.................K............... .Q.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\chrome_200_percent.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):179318
Entropy (8bit):7.942078621022635
Encrypted:false
SSDEEP:
MD5:3BAB45C70F22646CF8452C30903810CB
SHA1:40B31D4C79B5A2B8D12F8CF8B6C49C962C31F766
SHA-256:D4282AE977F23AFE252E19E421C8D09696EA3B83A1E73A6AAEBAAA5547C74CBC
SHA-512:85EDA055494F0233C963E821906CF69D94E664D8396E8B08E7A8F412E1C16AF71252FEF1BFE3ED43CFAD157AA90C0DCBB375626E2DDF0E807C9B23AD27E61D9C
Malicious:false
Reputation:low
Preview:..............b...#.....:.b...fl....gl....hl....il....jl....kl....ll.%..ml.*..nl.-..olQ5..pl.9..ql.A..rlnV..xl1k..yl.m..|l.o..}lgr...l.s...l.}...l{....l.....lk...vz....wz....xz....yz....zz....{z....|z....}z...~z.....zt....z.....z8....z.....z.....z"....z....z.....zf.....;..........."...$$...k'....,....7...x9....A....H....N....S...eZ.../\....`....d...Kn...wq....y....}...w...................x............................/....J.............\....................!..........:.....7.....U.....n...........`......'.....(....g-....J2....x3.....5.....6.. .q7..!..8..".w:..#..;..$.{=..%.3?..&..A..'.{F..(.iK..).JS..*.+[..+.Ca..,.Ig..-..m../..r..0..t..1.$u..2.Gv..3.kw..4..x..5..y..6.T{..7..}..8..~..;.v....p..........+...........8.....n.....G.................[.................#.................1...........V........................................................^...........\...........V..........v..........M......................E.................u... ..

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\d3dcompiler_47.dll

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
Category:dropped
Size (bytes):4891080
Entropy (8bit):6.392150637672776
Encrypted:false
SSDEEP:
MD5:CB9807F6CF55AD799E920B7E0F97DF99
SHA1:BB76012DED5ACD103ADAD49436612D073D159B29
SHA-256:5653BC7B0E2701561464EF36602FF6171C96BFFE96E4C3597359CD7ADDCBA88A
SHA-512:F7C65BAE4EDE13616330AE46A197EBAD106920DCE6A31FD5A658DA29ED1473234CA9E2B39CC9833FF903FB6B52FF19E39E6397FAC02F005823ED366CA7A34F62
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........c...c...c..Z....c...c../c....7..c.......c.......c..Z....c..Z...bc..Z....c..Z....c..Z...6c..Z.[..c..Z....c..Rich.c..................PE..d...-L............" ......8.........`.(...................................... K.....2.J...`A..........................................F.x.....F.P.....J.@.....H.......J..!....J......vD.p.....................<.(...P.<.8.............<.(............................text.....8.......8................. ..`.rdata...=....8..@....8.............@..@.data...@.....F.......F.............@....pdata........H.......G.............@..@.rsrc...@.....J.......I.............@..@.reloc........J.......I.............@..B........................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\ffmpeg.dll

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
Category:dropped
Size (bytes):2787840
Entropy (8bit):6.68398013445294
Encrypted:false
SSDEEP:
MD5:5AC330B247CD02B425C57D28C5FC2515
SHA1:D8A75212663D225F4D7FE6145E5B14621BBB2B37
SHA-256:D21DF1C655A98273FE050D9C73D0C916405306EC68AAC226767A9DC982F1C122
SHA-512:77CA50472DA5E56A21AA3855E0A960395AFBD21A0B948091C5DB53412B6262D2CC445630C591BA7445439F4B23D872D0A733EE54BD3E00CF6D5C0FA3B404D0D7
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d......c.........." ......"..f......P.........................................@...........`A.........................................(.......(.(............`?...............@../...(.......................(.(....B".8...........x.(.P............................text....."......."................. ..`.rdata..$3...0"..4... ".............@..@.data........p).."...T).............@....pdata.......`?......v).............@..@.00cfg..(.....@......$*.............@..@.gxfg...0*... @..,...&*.............@..@.retplne\....P@......R*..................tls.........`@......T*.............@....voltbl.8....p@......V*................._RDATA........@......X*.............@..@.reloc.../....@..0...Z*.............@..B................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\icudtl.dat

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):10449360
Entropy (8bit):6.277673278554386
Encrypted:false
SSDEEP:
MD5:516F6B90D1539BD1EAEAA2FC32DADB92
SHA1:8017789BEF98902CDC95C18E67B84378DDD293C0
SHA-256:51EDD31F6C5D298C662AF320424B632172A31E3348CDBB201380636C95DED794
SHA-512:DB4B5FD7F8A0E0A331FFA7C574D011B059DF8654CDC6EE4970F84FDA20B88A3B8706F2605D91D19A6DD86D2702CC9542E026A054D28F85C51B676DAA8D3F3BB0
Malicious:false
Reputation:low
Preview:...'........CmnD........ Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html .L...dB......tB.. "...B..."...B...#...B..`#...B...#...B...L...B...L...B..@M...C.......C..`...'C..P...:C......MC......`C......sC.. ....C.......C.......C.......C......C..0....C.......C..@....D.......D..`...1D..P...DD......WD..`...jD......}D.......D......D..@....D.......D.......D..P....D.......E..`....E......&E......:E..`...JE......]E.. ...rE..P....E.......E......E..@....E.......E......E..0....E.......F......"F..0...9F..p...IF...?..\F..P?..oF...?...F...?...F..@@...F..0"...F...W...F..@.&..F....&..G....&.-G....&.GG....&.^G..P.'.uG....'..G....'..G....'..G....(..G...J)..G.. .)..H..0.*.9H..Pq*.YH.. .*.|H...1+..H...:+..H..`;+..H...=+..H.. ?+..H....+..I....+.4I....-.MI..`...dI..p....I.......I.......I..@....I...B...I...C...I..`C...I...C...J..0o.. J...o..3J...o..FJ.. p..YJ..pp..jJ...p..~J.. q...J..0s...J..p....J.......J.......J..../..J..@./..K.. ./.)K..

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\installerIcon.ico

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:MS Windows icon resource - 1 icon, 256x256, 32 bits/pixel
Category:dropped
Size (bytes):270398
Entropy (8bit):4.333318962992697
Encrypted:false
SSDEEP:
MD5:B815359E2778D5BF1C5B45A98CE2A707
SHA1:A15235662794A07D38458719FD586D72BB672C5D
SHA-256:3E436F845C40CC326656B09B69B9B0AA81384944617F094C574E0DAF0603C57A
SHA-512:B14913E93DA8FDD124D45D7DBB507EA2620F84F582CC0CC3C586209CC85225384B08E101B6A716A61CBD269EA38CB692C96080B67B0AC082796116CF681E49A3
Malicious:false
Reputation:low
Preview:............ .( ......(............. ...... .............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................V...........7..................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\libEGL.dll

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
Category:dropped
Size (bytes):468992
Entropy (8bit):6.328098775013582
Encrypted:false
SSDEEP:
MD5:D66FE56732D3C401112C410804B2F708
SHA1:E713B4E10BF34B2C224E0F48B4B8D287FD82F14F
SHA-256:F2BE27BA4A70F3823FA6434696CB53B6807F9D45DF5D849B796F3E357239A3C6
SHA-512:01DFB7518C742A54CD0CEEFF2AEACCBDBA3AE7017A176BC44330574A45A8019D7C17C71F60EAC0466EDABA6432E218058130A9CE531E9E77AF072A2C837F5DB7
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d......c.........." ......................................................................`A........................................@...........(.......x........?..............$...............................(...@!..8...........8................................text............................... ..`.rdata..Dy... ...z..................@..@.data....K....... ..................@....pdata...?.......@..................@..@.00cfg..(....0......................@..@.gxfg....#...@...$..................@..@.retplne\....p...........................tls....!...........................@....voltbl.8..............................._RDATA..............................@..@.rsrc...x...........................@..@.reloc..$...........................@..B........................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\af.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):328679
Entropy (8bit):5.419156782737885
Encrypted:false
SSDEEP:
MD5:17E95507F1FA28C93FDB16462C5B520F
SHA1:BDDBE3243A4A31F054317C9C83226E667B463DC7
SHA-256:0DC74A936D57A465F877030F5C91D2E5E22C2E2AF3C8733C96238955F2F18CBC
SHA-512:F0C0AEAC7ECBE859888CA3C7B2C6E063045930ADD6F8A188C59E10F6ED8072D9544127AF18492008F1CC50181F254624A6A25FD7D3058FB1894E086D4B5E63F1
Malicious:false
Reputation:low
Preview:........G...h.8...i.@...j.L...k.[...l.f...n.n...o.s...p.....r.....s.....t.....v.....w....y....z....|....}..........................................".....).....*.....+.....0.....].....j.....y...............................................................1.....D.....d.....k.....{........................................................&.....4.....D.....R........................................................................*.....B.....[.....w.............................................................. .....0.....@.....\.....q........................................................!...../.....I.....^.....w.....~.................................................... .....T.....\.....................................................................7.....I.....^...................................................!.....*... .3...".@...%.f...(.....*.....+.....,.........../.....0.....1.....3.+...4.M...5.h...6.....7.....8.....9.....<.....=.....>.....?.....@.)...A.Z...C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\am.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):532161
Entropy (8bit):4.9107356826199515
Encrypted:false
SSDEEP:
MD5:18F77D296D8C8543BEF7BAF245C9D327
SHA1:7D0AB5D6CE4BB7B29D04E9D226A044515994407C
SHA-256:AEE7B84EFB01790773FDB49F1595A7F1B1DC6AB240DF2D86B9C5D11247FBBBFB
SHA-512:896448AF22C173F15444E61312F084519AC5F07077DBE64C62F1275892BAD9A2D32DF72A8F767228A4A8922AB137CB45840601D8599D3A61FA8BE259B72E1E27
Malicious:false
Reputation:low
Preview:........O...h.H...i.S...j._...k.n...l.y...n.....o.....p.....r.....s.....t.....v....w....y....z....|....}...............................'...........5.....<.....=.....>.....C.....o.................................$.....7.....?...................................................I.....i.....y............................7.....Z.....l.....u............................<.....H.....W.....m..............................................Q....................................................(.....;.....p.................................B.....Z............................1.....P.....v.....y......................./.....O.....x.....................................................'.....t.................*.....J.....g.....................................................C.....f.......................T............................................. .6...".[...%.....(.....*.....+.....,....... .../.B...0.\...1.....3.....4.....5.@...6.....7.....8.....9.....;.8...<.I...=.`...>.....?.....@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\ar.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):574261
Entropy (8bit):4.921192472789663
Encrypted:false
SSDEEP:
MD5:2AF71E74A1AAE789FB3C7CFE1AEC91AB
SHA1:B7AE04EDCB8458AF0FB14EB8F346B97F3DFC2ED2
SHA-256:9274D60EDDC28A261943258FA644587C4586E91C4BC415346F0B79B20676ADA8
SHA-512:A0E880B5FD46C8CE93AA166F87A228777D991451701358B63DDFC1280D49E6844284214AC4AE8B08896095A847AF2218B9A33D5F504AC48C48EE365C1556C453
Malicious:false
Reputation:low
Preview:........,...h.....i.....j.....k.(...l.3...n.;...o.@...p.M...r.S...s.d...t.m...v.....w.....y.....z.....|.....}............................................................=.....V.....s........................................A.....s.....v.....z.................................$.....D.....[..............................................(.....C.....c.................................&.....0.....A.....K.....{.............................I.....t.......................................+....._.....o............................%.....u.................................3.....6.....Q.....p.......................................................................j.................!.............................,.....P.....m.....}...................................%.....n.......................#.....-.....7.....L.....n......... .....".....%.....(.+...*.....+.....,.........../.....0.....1.3...3.H...4.o...5.....6.....7.....8.O...9.h...;.....<.....=.....>.....?.....@.....A.....C.7...D.J...E...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\bg.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):611079
Entropy (8bit):4.67956612803863
Encrypted:false
SSDEEP:
MD5:03BDB0153929F96AD9AC8BAD7201DE71
SHA1:23703C372A11C133A954E974920480D7757ECCB1
SHA-256:67413B0B90B6646C4A584CA786A35AEC7B4926FD4007E75D9196C944B46DF02F
SHA-512:8E59A8CFED7A68E9241E0838297D8ACBE673622C2974096687EAD33DA28E7DB3C829A7F1CD022F85D59A6E03774C90CB1DC95C874FC2622749471C9B76093BB9
Malicious:false
Reputation:low
Preview:........W...h.X...i.`...j.l...k.{...l.....n.....o.....p.....r.....s.....t.....v....w....y....z.....|.....}...................$.....,.....4.....;.....B.....I.....J.....K.....P..................................&.....V.....b.....l................................1.....m.....y..........................0.....H.....r................................8.....S...........................&.....U.....[.....i.....}......................U............................+.....3.....:.....D.....j...........................Y.....t.......................*.....v................................... .....T.............................G.....N.....Q.....R.....f.....|.......................D...........^.....j...........5.....Z....................... .....4.....H.....R.......................8.......................e...................................,... .@...".p...%.....(.....*.....+.....,.......r.../.....0.....1.....3.-...4.k...5.....6.....7.;...8.n...9.....;.....<.....=.....>.*...?.9...@.Z...A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\bn.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):783768
Entropy (8bit):4.296797686898636
Encrypted:false
SSDEEP:
MD5:FBE7DC2B6BF403CDE758EB515B7D4B8A
SHA1:1C16E86521818928CA96906237540CD8BC384D38
SHA-256:6E2470842FF95BBE09CEAD9D1E22C15EE73231448FE6968A8D6F2D74E7C59178
SHA-512:0846B96A4EA8FE406782EC350665E56A3E6ED5DD44958583A9EA5951CA246DB1E47F6B25042E2B8443D131C679CFA9DFE6BFF1BD90957E3D3339AA65AD986421
Malicious:false
Reputation:low
Preview:........L...h.B...i.S...j._...k.n...l.y...n.....o.....p.....r.....s.....t.....v....w....y....z....|....}......................... .....%.....-.....4.....;.....B.....C.....D.....I................(.....S.....e.........................../.....l.....n.....r......................@.....u......................1....._................".....8.....G.....i.................7..............................................".....O......................L...............................................G.....c................./.............................'.......................Z............................. .....O.....}.........................................%.....P.....g.......................K.....c.................6.........................................+.....Z.................>.................^...........$.....3.....R.....x............... .....".....%.p...(.....*.....,.......".../.^...0.e...1.....3.....4.R...5.....6.A...7.v...8.....9.....;.9...<.V...=.v...>.....?.....@.....A.`...C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\ca.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):372017
Entropy (8bit):5.422047267870032
Encrypted:false
SSDEEP:
MD5:9D2BEC9781804347BBFC98B0168E5FEE
SHA1:BCE9EABAF5F94DC0C3FA8498A1611F22A2976280
SHA-256:28DCC1C37459D9F7E450DBC94CDE73EEA2EC100F9E2D5729D9A34AE514E40F4D
SHA-512:D1565CBBDF5FCF0192313CA6DA1176E4FDB841F44452CB921F129B26C96B9B156C588716C7D98D7F286114ACDEDEC2E0F32442C4AE8C4D34DCD86263BF592ECD
Malicious:false
Reputation:low
Preview:........Q...h.L...i.T...j.`...k.o...l.z...n.....o.....p.....r.....s.....t.....v....w....y....z....|....}......................... .....(...../.....6.....=.....>.....?.....A.....j..................................................4.....R.....T.....X........................................................3.....C.....a.....|.............................................. .....3.....C.....F.....I.....R.....f.....|.......................................".....*.....1.....C.....R.....c.....y.......................................5.....V....._.....p...................................................#.....7.....>.....A.....B.....K.....T.....\.....b.....t.................:.....B.....}.............................#.....(.....2.....=.....B.....X.........................................H.....a.....f.....p..................... .....".....%.....(.....*.(...+.+...,.I.....s.../.....0.....1.....3.....4.....5.....6.T...7.e...8.y...9.....;.....<.....=.....>.....?.....@.....A.....C.@...D.I.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\cs.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):378805
Entropy (8bit):5.852549401055339
Encrypted:false
SSDEEP:
MD5:146AAC893AE2282CD6F155C7E4246734
SHA1:453FEFA0D412A38C3838B12387AB47E940485E29
SHA-256:9F53DF9C3E5658F7B9DEC9900A671E06AD83601A59029FEA0A195893049C5FEB
SHA-512:A50276712DEE63121AEEDE1AF7437A25670A9F8F76432154DA8AAFA8299B33AF2EE9B8595ACA84BEECD8AB394690C8F80F47B5801CDBDB26E42287152181740C
Malicious:false
Reputation:low
Preview:........3...h.....i.....j.$...k.3...l.>...n.F...o.K...p.X...r.^...s.o...t.x...v.....w.....y.....z.....|.....}..................................................................?.....O.....a.....s.....|..................................-...../.....3.....[.....q....................................................,.....E.....T.....Z.....a.....r.......................................................#.....*.....D.....Y.....o.............................................................).....?.....J.....\.......................................6.....<.....H.....T.....d......................................................................................$.....0.....q.......................U.....r..................................................5.....[.....m.............................6.....R.....Y.....c.....p............... .....".....%.....(.....*.....+.....,.1.....N.../.e...0.o...1.....3.....4.....5.....6.2...7.F...8.\...9.r...<.....=.....>.....?.....@.....A.....C.&.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\da.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):343427
Entropy (8bit):5.471836348998569
Encrypted:false
SSDEEP:
MD5:7222ED24C57C7F033681F6B563205E3F
SHA1:548F2467011EF0010DB230A012FD4EC4D8DF9275
SHA-256:E211FED5ABD72CFB641333414B4B2AE5F32BC59151D863E9CBE038A5D8390952
SHA-512:46E0ACB73A375D90F3F1456B509FEF1470BE5A5FAFDD760EEDDEE1018DE6A3D8FE720F4E366D4B87BFED451B954A47EB728C58D5A88DBD2B13F444264C13E6D6
Malicious:false
Reputation:low
Preview:........\...h.b...i.s...j.....k.....l.....n.....o.....p.....r.....s....t....v....w.....y.....z.....|.....}.".....*...../.....7.....?.....G.....N.....U.....\.....].....^.....`......................................................".....;.....=.....A.....i.....~..........................................................-.....=.....C.....K.....[...................................................................%.....<.....S.....i.............................................................................O.....X.....y.......................................................#.....0.....;.....O.....a.....u.....|....................................................%.....c.....g..........................................................$.....2.....O.....d.....{............................+...../.....8.....G.....Z.....d... .h...".p...%.....(.....*.....+.....,.........../.&...0.0...1.^...3.j...4.....5.....6.....7.....8.....9.....;.....<.....=."...>.6...?.?...@.M...A.....C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\de.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):368726
Entropy (8bit):5.513791606252959
Encrypted:false
SSDEEP:
MD5:D16A67C02F9CDB288E7EC3399994A33C
SHA1:7D15BA33C6263E65D91053EAD94031C418AD23B0
SHA-256:17B98ABE332A2EE7D36E637B473742DF9B3DBE0984E0B7380C547135601BDDDC
SHA-512:FA7DAF53DEAAB8C7C138F5B95F2ACA8FB8CE5817ED54AB4A3EA9C111BE417BCFA9A485E29CFD53BBBD454F64DD29DD1F0339E650A6BB61B57EA03E534DB30448
Malicious:false
Reputation:low
Preview:..........'.h.....i.....j....k....l....n....o....p.....r.....s.....t.....v.....w.;...y.A...z.P...|.V...}.h.....p.....u.....}.................................................................................&.....?.....G.....P.....v................................................... .....).....5.....].....q..................................................H.....\.....c.....n.........................................................F.....o....................................................................G.....X.....q............................................./.....2.....E.....[.....o.................................................................O...........................3.....]....................................................................F.....d................................................... .....".'...%.O...(.l...*.....+.....,.........../.....0.....1.....3.....4.9...5.U...6.....7.....8.....9.....;.....<.....=.....>.....?.....@.3...A.\...C.{.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\el.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):665869
Entropy (8bit):4.771122464486368
Encrypted:false
SSDEEP:
MD5:3137C0E418547EA635D56D95BCC77F4D
SHA1:E72180B19B378CD8DDE175586053538FDECD1E84
SHA-256:30ACEE7EC34D80BDDA42F505A81C8A9A9AC24CB881F92EC6600D4F23CEF2756B
SHA-512:8C355969186EDA3256B71F65AA17D6C3AAF9B9CA23A1B4B5C0265A58EBC1A029B1C0F998CDC00E61DACC96E962CDDC4542F659C7D18076793DFF5DE2356E3181
Malicious:false
Reputation:low
Preview:........O...h.H...i.P...j.Z...k.i...l.t...n.|...o.....p.....r.....s.....t.....v....w....y....z....|....}...............................".....).....0.....7.....8.....9.....;.....................".....6....._........................................!.....I.....w....................,.....A.....X.....................&.....L.....d.....r......................?.....x.............................................;.....m........................................................?.....d.....}.......................J.....m.....~.................N.................................../.....2.....U.....x.......................,.....3.....6.....7.....S.....m.......................D...........h.....x...........N.......................G.....`.....t.............................=.....d.................G.......................*.....Q............... .....".....%."...(.c...*.....+.....,.........../.A...0.h...1.....3.....4.V...5.....6.....7.5...8.r...9.....;.....<.....=.....>.A...?.R...@.s...A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\en-GB.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):300650
Entropy (8bit):5.537302228597001
Encrypted:false
SSDEEP:
MD5:CA79F7E2286EA036B80CACD634233731
SHA1:79AD146ED5F7C9B505954E1D0278B582CDDD3B8F
SHA-256:186B697CFC4718C9BA3C6896671EF56D776CDF30F7212A061F8B2A6203B9BAC3
SHA-512:04AA99D6969F362D9795F619ED19F5D897B555595E266F51D8DB2F6E9C317B87B4DE484DE16A1C576312FAE6C52A2E020E946258FAE6CDAF94B2D587518C4893
Malicious:false
Reputation:low
Preview:............h....i.....j.....k.....l.....n.$...o.)...p.6...r.<...s.M...t.V...v.k...w.x...y.~...z.....|.....}.............................................................................*.....:.....A.....J.....a.....i.....s............................................................... .....,.....G.....Y.....h......................................................................!...........2.....5.....;.....K.....Z.....h.............................................................................*.....Y.....c.....o..................................................".....%.....6.....F.....V.....k................................................................................G.....N.....~.......................................................................2.....U.....j.............................................. ....".....%.....(.2...*.K...+.N...,.l.....}.../.....0.....1.....3.....4.....5.....6.3...7.C...8.X...9.e...;.v...<.~...=.....>.....?.....@...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\en-US.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):303030
Entropy (8bit):5.527689043935032
Encrypted:false
SSDEEP:
MD5:A2ED0E17819C287B824CAE5C0AC03AF7
SHA1:9694627F89CD65FBB511EACC6C785AB045525FF2
SHA-256:C4A2C6A90945868A02AD14B3A994E94B123981D56190BD34CC3CB14F31F2270B
SHA-512:A527351A1C61E6ED4E999C6549EC04B2096712644C4E1F28B48872C031C9F0A4BB118C0CEB40DC3A35315DDC7CF244E3C0C03D864A53D4A76F6DCF1B3889C109
Malicious:false
Reputation:low
Preview:..........].h.<...i.D...j.P...k._...l.j...n.r...o.w...p.....r.....s.....t.....v.....w....y....z....|....}..........................................&.....-.........../.....4.....\.....i.....x..........................................................................E.....I.....T.....d.....k.....w.............................................................A.....T.....X.....`.....l.....y.....}.....................................................................".....)...../.....8.....C.....`.....g.....v.......................................1.....:.....C.....M.....[.....n.....q.........................................................................................>.....k........................................................#.....(.....,.....<.....V.....e.....~..............................................!.....3.....;... .?...".H...%.h...(.....*.....+.....,.........../.....0.....1.....3."...4.6...5.M...6.....7.....8.....9.....;.....<.....=.....>.....?.....@...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\es-419.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):367471
Entropy (8bit):5.390200828837908
Encrypted:false
SSDEEP:
MD5:A3AD76C796CB2BECC92A393DDAA5A623
SHA1:728BAA0B1170A3D796E1E17D3E4C8EB3D77A99B5
SHA-256:BB52D2ED4A7729306E469DDEC37291FCFF2A8E16B1F9EAB13C2E73887624A776
SHA-512:0CD987557CEB7E1236470B31DA23F57C4C7A3138F979EAC12EE8FC2FB531BBAF8E249556A44A67B4441E1F639E00FB988B365BAF648855842A9D873180D21A3D
Malicious:false
Reputation:low
Preview:........g...h.x...i.....j.....k.....l.....n.....o.....p.....r....s....t....v.....w.....y.....z.....|.....}.0.....8.....=.....E.....M.....U.....\.....c.....j.....k.....l.....n........................................................7.....N.....P.....T..................................................#.....3.....D.....d.....~........................................,.....2.....?.....U.....j.....p.....s.....y.................................7.....\.....l.....r.....z..................................................&.....B.....N.....}...................................................".....5.....M.....e.....{..........................................................@.....v.....~.....................5.....D.....^.....o.....z...............................................@....._............................................. .....".....%.>...(.W...*.s...+.v...,.........../.....0.....1.....3.+...4.I...5.l...6.....7.....8.....9.....;.....<.....=.....>.7...?.A...@.V...A.....C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\es.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):368120
Entropy (8bit):5.369816081087308
Encrypted:false
SSDEEP:
MD5:A638E3161BEBAF58C501963EFC4040CE
SHA1:FB53A4732620555E30E10E40E886EE45FC4D653C
SHA-256:E2F3D548187B5B02C3BE595927130F097FF29BDEEF6C063980C90B298B1023C4
SHA-512:9DC94CAE924F4EA0B756145541E4DC70A283D84805D6F103FE7069B15C865730F632270B81A11FACEC17BF3C56986D337CEBB1904922B09C150E3B3AE05E2842
Malicious:false
Reputation:low
Preview:........Y...h.\...i.d...j.p...k.....l.....n.....o.....p.....r.....s.....t....v....w....y....z.....|.....}............. .....(.....0.....8.....?.....F.....M.....N.....O.....Q........................................................(.....@.....B.....F.....n........................................................*.....H.....b.....g.....o..............................................(.....=.....C.....F.....L.....c.................................7.....G.....M.....U.....\.....o.....|...............................................-.....]..............................................................-.....E.....Y.....`.....c.....d.....m.....v............................5.................................@.....O.....i.....z...............................................(.....B.....^............................................. .....".....%.0...(.M...*.l...+.o...,.........../.....0.....1.....3.....4./...5.N...6.....7.....8.....9.....;.....<.....=.....>.....?.&...@.;...A.n...C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\et.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):331671
Entropy (8bit):5.482021156207977
Encrypted:false
SSDEEP:
MD5:CD1025094C963017C56E6A4773C0D7A2
SHA1:C5E5E1569C34A09A95A717187C363EDB37926CA7
SHA-256:F961CA94397297A878076CC6441B31AF1AF75F5C2E705C8465D98419AE952C13
SHA-512:68E6082480C1CBEF270BEF7ABBE86B4321279EA9DBFB72CA3FB1C0487FCA3D978988450FB466FDA4B54D7FCC6161827DFD4A4F5CB7FCA9077131922907C2D409
Malicious:false
Reputation:low
Preview:........r...h.....i.....j.....k.....l....n....o....p....r....s.....t.....v.....w.!...y.'...z.6...|.<...}.N.....V.....[.....c.....k.....s.....z.....................................................................'.....1.....G.....~........................................................ .....+.....O....._.....q......................................................................(.....8.....<.....?.....F.....Z.....m...........................................................................D.....O.....[.............................................. .....,.....:.....M.....P.....`.....p....................................................................../.....o..................................Q.....].....h.....l.....v.....{.....~.......................................;.....d.....~................................. .....".....%.....(.0...*.L...+.O...,.m........./.....0.....1.....3.....4.....5.....6.O...7.f...8.....9.....;.....<.....=.....>.....?.....@.....A.....C.G.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\fa.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):536933
Entropy (8bit):5.054210346247053
Encrypted:false
SSDEEP:
MD5:A81DECBF9897152106864EA10B4FCB2A
SHA1:28CF65A1E91163DAC211372F82508175ABCC6769
SHA-256:D8A6AA3E91EF211D1525EF26DCD2E20819039AD497D789CBC1691F3CD96B58E3
SHA-512:899F5E3ADA4AEAD82B22F1CFF0954CEE843343407A0BF35E02A1C0D717BFC9C027405519F171FF0CDB9362DF890D76B8AC0BFB6C3B12E88D3B1EDB5273C6AAB8
Malicious:false
Reputation:low
Preview:............h....i....j....k....l.....n.....o.....p.....r.....s.&...t./...v.D...w.Q...y.W...z.f...|.l...}.~.......................................................................!.....=.....g.....v...................................5.....8.....@.....h.......................................+....._............................................6.............................................%.....+.....Y.....z......................:.....m..........................................................%.....m...........................&.....Y.....u............................................6.....W.....o...........................................................T.................A.............................A.....b.....j.....}...................................4.....o.......................:.....D.....J.....d............... .....".....%.....(.0...*.s...+.v...,.........../.....0.....1.6...3.E...4.v...5.....6.....7.@...8.y...9.....;.....<.....=.....>.....?.....@.....A.\...C.....D...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\fi.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):339946
Entropy (8bit):5.443010383901073
Encrypted:false
SSDEEP:
MD5:85870B393962D69088CB042748F2CFB4
SHA1:19BAE1D64C54FB863B750836BB90931FFFC7622B
SHA-256:9BE846E54800F73AB3B65DD9C11669B32706D2C803FA0257303D7D641D8DEF05
SHA-512:5E11BE5541FF3294EB2793778637D9FC5D6048AB71ADA8E47006EDF0CD870AEED9BD315C84DC3DA38A9CF5491EF8B8EDB617CA167FF31113F9B695BA6D88A80F
Malicious:false
Reputation:low
Preview:........$...h....i.....j.....k.....l.)...n.1...o.6...p.C...r.I...s.Z...t.c...v.x...w.....y.....z.....|.....}....................................................................../.....@.....S.....Y.....b................................................./.....L.....Q....._.....i.....x............................................................J.....W....._.....f.....x..................................................).....E.....a.....k.....p.....x................................................................(.....Y.....{....................................................................'...........1.....2.....;.....C.....J.....Q.....`................=.....E.........................................................#.....6.....R.....d........................................!.....'.....7.....H.....P... .[...".n...%.....(.....*.....+.....,.........../.0...0.>...1.v...3.....4.....5.....6.....7.....8.3...9.F...;.l...<.|...=.....>.....?.....@.....A.....C.....D.).

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\fil.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):381021
Entropy (8bit):5.216192394351911
Encrypted:false
SSDEEP:
MD5:8EA7C6702D16A196A9C92784CE322B5B
SHA1:E5491C608A9B45FF5F409976AC85F3FA88E01C03
SHA-256:B6D1AFB92FBFACA8AD9BFD944747F0683513D8862CC1948C6E61EBDA1115F700
SHA-512:36A842523CFF479D352F5F4D4D952AC5E92300BC4A076F793B8F4AD86D1F0267E249E89C4ACF4B78D9C475118EA4BDE001632A0C3ABBF2808A061595A0C74BE3
Malicious:false
Reputation:low
Preview:..........{.h.....i.....j."...k.1...l.<...n.D...o.I...p.V...r.\...s.m...t.v...v.....w.....y.....z.....|.....}..................................................................-.....:.....O.....e.....l.....u.................................................+.....H.....N....._.....u...................................................'.....9.....R.....h.......................................................(.....<.....U.....z............................................................0.....;.....[.......................................8.....H.....V.....d.....y.............................................1.....8.....;.....<.....F.....P.....Z.....e.....n......................X.....`...................................".....&.....3.....=.....C.....\.........................................W.....v.....}........................... .....".....%.....(.+...*.I...+.L...,.j........./.....0.....1.....3.....4.....5.$...6.]...7.s...8.....9.....;.....<.....=.....>.....?.....@...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\fr.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):396710
Entropy (8bit):5.400203335290439
Encrypted:false
SSDEEP:
MD5:E5AAFCA1E91390BC629B3108C773BF29
SHA1:9ABF2FD6AB40CD9AE1B45D404672AAA58EBAF9C8
SHA-256:1F71EA9B8568D096080F0D77126E1EA2C54989644F59D9E68A4111EE7676B38F
SHA-512:3467360A24095710D8E926D29A7CA1E48C30827A72A02BCBB9E5100869AB665B4301B5B77B01EA22D972D13BCDAC87762EB7FE7404C2EE3FCAA39475B4EB911B
Malicious:false
Reputation:low
Preview:........F...h.6...i.G...j.S...k.b...l.m...n.u...o.z...p.....r.....s.....t.....v.....w....y....z....|....}.....................................".....).....0.....1.....2.....4.....Y.....i.....w...............................................................=.....P.....n.....u..............................................5.....Q.....S.....f.....z.......................................................%.....=.....O.....`.........................................................'.....:.....Y.....a.....q................................1.....Z.....l.....v..................................................".....3.....:.....=.....>.....F.....N.....W.....^.....q.................5.....<.....|.........................................................5.....Z.....o.......................#.....Y.....p.....w........................... .....".....%.....(.....*.3...+.6...,.T.....k.../.....0.....1.....3.....4.....5.,...6.x...7.....8.....9.....;.....<.....=.....>.....?.....@./...A.n...C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\gu.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):758492
Entropy (8bit):4.339601867508025
Encrypted:false
SSDEEP:
MD5:93CC7570B7CA30B2F2138CABBF50883F
SHA1:321FE9CB0FC8E41CE07133DB7A4FC1469F7C10D4
SHA-256:719854191D874EF26EE5705D47280765AF694C63D555D05036318E0E62918F72
SHA-512:8169D9CD608EE19E5A8C94AF3122D36A514733C7B22D1894383D66740EAD4AFAA8ACA7DFD49A6203187625DE85F30162C2F2676F913816AFBE4197611615F995
Malicious:false
Reputation:low
Preview:........P...h.J...i.d...j.p...k.....l.....n.....o.....p.....r.....s.....t....v....w....y....z.....|.....}............. .....(.....0.....8.....?.....F.....M.....N.....O.....T.....................@.....U.....k......................;.....s.....u............................H..................................>.....a............................#.....L.....h..........).....5.....N.....s.................................:.....e................>.....................................................w......................./.....a.................T.............................5....._.....b...................................;.....B.....E.....G.....`.....y.......................X...........l.................c.................5.....U.....^.............................&.....R.................@.....w...........5.....D.....f..................... .....".....%.U...(.....*.....+.....,.......4.../.m...0.....1.....3.....4.A...5.w...6.....7.....8.h...9.....;.....<.....=.....>.$...?.7...@.l...A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\he.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):469840
Entropy (8bit):4.661607772147559
Encrypted:false
SSDEEP:
MD5:4DBEE5760858B45B8E68E46FEB73A6E4
SHA1:983E047B8D33D26FAD2ECDBCA5238E9C99CBD080
SHA-256:3C20332AD00960073D91FFC2852727E6F3350251C29CE48E885F45C676B68B31
SHA-512:8EBABFBAB2217123794D4E62FA3CACDCDFAA25DFDF21492A93DA405174D76F6CFA580FC13503B168973E8F3F3DDE8C192EF776E06A2DEF42718D64FF4EB6A39C
Malicious:false
Reputation:low
Preview:........(...h.....i.....j.....k.&...l.1...n.9...o.>...p.K...r.Q...s.b...t.k...v.....w.....y.....z.....|.....}..................................................................H....._.....x............................................0.....2.....6.....^.....z........................................R.....k...................................................W.......................................................9.....U............................*.....4.....<.....C.....O.....f........................................1.....T.....x...........................,.....G.....g.....j.....}.............................................................. .....+.....?.................u.............................U.....h.....................................................4.....h.......................&.....0.....:.....K.....r.....}... .....".....%.....(.....*.....+.....,.:.....K.../.k...0.x...1.....3.....4.....5.....6.a...7.z...8.....9.....;.....<.....=.....>.....?.....@.+...A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\hi.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):789419
Entropy (8bit):4.328117153068513
Encrypted:false
SSDEEP:
MD5:551E17FDF75742EC3363FE6D08E6B27E
SHA1:45D4CA9BA49F548E8B083EC8C21EE907D56B2EE8
SHA-256:056DB0CC0EC69F6EE09B46AB20EC8F24368B872C2E2334744A77C4AA811C9E2D
SHA-512:56208041788A4B179CCC1C4C57135AB06BF026F2D5FDD32B749FFE6E4AEF8AC7104FC9FF388A67CDFF9311DB2993948716C484AD4DB3481EBD6C7A3FAB57F6E3
Malicious:false
Reputation:low
Preview:......../...h.....i.....j.%...k.4...l.?...n.G...o.L...p.Y...r._...s.p...t.y...v.....w.....y.....z.....|.....}................................................................................................8.....e.......................*.....,.....0.....X............................?.....R......................?.................................C.....n...........D.....].....l.....................................t..........................................................).....O.....o.......................t...............................................-.....]...................................6.....g.....................................................G.....h.................J.....`...........5.....r.............................0.....S.....e.................@.................N.................=.....L.....q..................... .....".....%.o...(.....*.....+.....,.......A.../.....0.....1.....3.A...4.....5.....6.....7.W...8.....9.....;.....<. ...=.7...>.]...?.p...@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\hr.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):366938
Entropy (8bit):5.5337062139830735
Encrypted:false
SSDEEP:
MD5:888B004F14C9E753B754E7D38D812477
SHA1:251BB6E060A9D5B35E018A5117EB9D5EB42C5FEF
SHA-256:687B7117C03EEED10AA37D089CA8346B0571CE2FA32E2CE2449D6BAFC4703537
SHA-512:1F78ABDC46A51E79DDA7FADD9B1CA062F97B5C86DEF984E61783F3725FC5665B27761DE730AFBA1808A7BDA219C68B8BB29AFC6647FCE69C6E82B4E2392EC030
Malicious:false
Reputation:low
Preview:........j...h.~...i.....j.....k.....l.....n.....o....p....r....s....t....v.....w.....y.....z.&...|.,...}.>.....F.....K.....S.....[.....c.....j.....q.....x.....y.....z.....|..................................................).....N....._.....a.....e................................................. .....2.....A.....X.....h.....n.....v.............................................................. .....&.....:.....L.....\.....q........................................................&.....:.....E.....\.............................................*.....;.....F.....Z.....{.....~.......................................................................... .....,.....t.......................O.....k.................................................. .....J....._.....w.............................).....1.....;.....I.....k.....v... .....".....%.....(.....*.....+.....,.......,.../.>...0.D...1.x...3.....4.....5.....6.....7. ...8.:...9.Y...;.g...<.t...=.....>.....?.....@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\hu.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):396482
Entropy (8bit):5.653221243863825
Encrypted:false
SSDEEP:
MD5:2DA32B1023F28106A44BAED81C7B500B
SHA1:F097EDC07B6E97CC7370647C7D2055BDD3570937
SHA-256:DF0EC4343B4DC4A69DF239548DE3506F9A77BFACFD21B0AA4361FFA605D22AC2
SHA-512:E2317C8ADA92089F382EF296193CA8F158AC62F362398BF67774D15ECDF6C4DB8BF0F99270F06FEBA6A97D61EADE950F54BBEA3B036408717FC78BC32D6B0C28
Malicious:false
Reputation:low
Preview:........<...h."...i.3...j.=...k.L...l.W...n._...o.d...p.q...r.w...s.....t.....v.....w.....y.....z....|....}................................................................!.....`.....p.............................................,.....@.....B.....F.....n........................................... .....0.....A.....l..............................................%.....+.....5.....M.....l.....p.....s..................................,.....T.....w...............................................................K.....V.....n.....|......................................%.....(.....@.....U.....o............................................................................I.....O...................................7.....?.....M.....U.....[.....r.............................0.....h............................................. .....".6...%._...(.|...*.....+.....,.........../.....0.....1.7...3.C...4.`...5.....6.....7.....8.....9.....;.+...<.3...=.=...>.R...?._...@.r...A.....C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\id.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):325512
Entropy (8bit):5.390976179440157
Encrypted:false
SSDEEP:
MD5:4F666EFBA48CE60DB2B307DD9312DC34
SHA1:5656D28B78B31A42B11B008A3D380DF392DDB5F4
SHA-256:A736B9250768055F7F9AC593B1475B80AD0E0AFFB7134B2CA063DEBC2BBCF383
SHA-512:7D26E022394EFAE018BBC32B7920124E323B3FF194426442216D7DF8DB79A1580D9FBA66D29D373DE476D82347F4A13698A598CF6B63D621D23759D0E4E96C70
Malicious:false
Reputation:low
Preview:........E...h.4...i.E...j.Q...k.`...l.k...n.s...o.x...p.....r.....s.....t.....v.....w....y....z....|....}..................................... .....'.........../.....0.....2.....U.....c.....p...................................................................".....C.....K.....Y.....i.....q.....~....................................................... .....K.....`.....g.....n...............................................................".....@.....N.....S.....[.....b.....g.....q.....|........................................%.....4.....b.............................................................".....7.....H.....O.....R.....S.....[.....c.....k.....s.....y..................................P.....a.....q............................................................... .....E.....Z.....t.......................................... .....".....%.+...(.F...*._...+.b...,.........../.....0.....1.....3.....4.....5.....6.P...7.c...8.w...9.....;.....<.....=.....>.....?.....@...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\it.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):361692
Entropy (8bit):5.298517429184902
Encrypted:false
SSDEEP:
MD5:49030CBFBE1F35D6B9FC82657526B2BE
SHA1:84AB1C241CF3953C6C542B1401D824AECF194F3B
SHA-256:EDC264386DDA1D6093C584B893BC03B1B6BAC40002CA5566354E076E16509475
SHA-512:2A16BD01D71B30BC98468E791A0DE93DB879A56393C329D6C6FA854F2BDBE58549428E0491D0EEE125255296F4721A3F7AB909FB9476297261270ECB7B786688
Malicious:false
Reputation:low
Preview:........U...h.T...i.e...j.q...k.....l.....n.....o.....p.....r.....s.....t....v....w....y....z.....|.....}.............!.....).....1.....9.....@.....G.....N.....O.....P.....R.....}......................................................).....+...../.....W.....j.........................................................(.....>.....B.....W.....m....................................................................D.....X.....z..........................................................'.....>.....F.....T.......................................!.....-.....4.....@.....S.....h.....k...........................................................................!.....1.....v.......................N.....c.....x......................................................&.....?.....r...............................................2.....>... .A...".K...%.o...(.....*.....+.....,.........../.....0.....1.;...3.O...4.o...5.....6.....7.....8.....9.....;.+...<.8...=.G...>.r...?.}...@.....A.....C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\ja.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):440855
Entropy (8bit):5.723071892693291
Encrypted:false
SSDEEP:
MD5:7EEF8683B1FEEE0132EE090015DCD205
SHA1:D4CB5B63F5EA615969591EA0B82813CE4346E5DE
SHA-256:000785D21663F281CA02386960539FB932E2E9C75F0D20D865AC57EBEC6C0609
SHA-512:E36D450EEF21476EC9DD12EA44CB8F55E4E0FA9DE6078F210834F51A706A38EAFC9D2F9B325102379D85BF4F4341A81B8C42A13BFD8245D62D19FAD0D2826F66
Malicious:false
Reputation:low
Preview:..........y.h.....i.....j.....k.)...l.2...m.:...o.O...p.\...v.b...w.o...y.u...z.....|.....}...............................................................................8.....Q.....o.......................................F.....g.....i.....m....................................... .....A.....h.....x........................................... .....}....................................................-.....W............................A.....Q.....Z.....b.....i.....r..................................*.....`..................................#.....>.....b.....e.....t............................ .....'.....*.....3.....<.....B.....O.....b..........8.......................,.....D.....w...........................................................(.....d.....|.................#.....).....;.....P.....p.....v... .....".....%.....(.....*.6...+.9...,.[.....w.../.....0.....1.....3.....4.....5.B...6.....7.....8.....9.....;.....<.....=.8...>.g...?.q...@.....A.....C.....D.....E.*...F.].

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\kn.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):875021
Entropy (8bit):4.244823588769762
Encrypted:false
SSDEEP:
MD5:82701D0C0D6F8F6CBED5B5C28A77249E
SHA1:8A23B895FA71808269BC45D01537D8F2957CF486
SHA-256:EC79726C2B75EDAB3AE5C8113D2365287DD571E99DC47016CF792CC278D894F0
SHA-512:65F7AC89E6821C932498AECAFFEE3BCC1421BEB38396F365022F248A7FE43DDDEC5533503EA0689165960DF0497864E416B6FFA89AF69E756B8AF123D57053E6
Malicious:false
Reputation:low
Preview:........l...h.....i.....j.....k.....l.....n.....o....p....r....s....t....v.....w.....y.....z.*...|.0...}.B.....J.....O.....W....._.....g.....n.....u.....|.....}.....~.................L...........................T.....u.................J.....L.....X......................,.....l......................p................<.....y.................................................<.....w.............................7.....w...........5.................8.....P.....X....._.....q.......................%.....T................. .....^.................o.............................k.....n.......................P.....................................................A.....k.................6.....Q.................<...............................................T.................J...........!.....a...........4.....I.....g..................... .....".a...%.....(.....*.Y...+.\...,.z........./.....0.....1.....3.....4.....5.P...6.....7.....8.O...9.....;.....<.....=.....>.*...?.=...@.....A.....C.T.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\ko.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):370216
Entropy (8bit):6.095417162315224
Encrypted:false
SSDEEP:
MD5:F0B51D41B3391117FA8B8CFC4DB402B0
SHA1:3CC481C6C29BE98D3365FE0C4F5572C87B136585
SHA-256:C723B3E570E233138522E790D8DCB93CF22ECECC34FD5F943FE6AEA75F7CE5DE
SHA-512:E1CEB83F5A31350F9FA1F312F6C7D5B135AA9B8C3D08C46ABFFCBD38E343AFE03D41CADD36AB6E3B8AA249B455418631B97768FE2EEBBE9CF1F3FDA3421087E3
Malicious:false
Reputation:low
Preview:............h....i.....j.....k.....l.....m.....o.#...p.*...r.0...s.A...t.J...y._...z.n...|.t...}................................................................................/.....B.....K.....X.....r...........................................#.....G.....S.....`.....p.....w.........................................................$.....1.....x..................................................................9.....Z.....~.......................................................$.....1.....t..................................>.....J.....`.....m....................................................................................../.................X.....a.....................+.....7.....J.....M.....`.....f.....o..................................1.....r....................................... .....".....%.....(.,...*.a...+.d...,.........../.....0.....1.....3.*...4.I...5.q...6.....7.....8.....9.....;.....<.....=.....>.2...?.C...@.W...A.....C.....D.....E.....F.....G...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\lt.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):396362
Entropy (8bit):5.647629376348365
Encrypted:false
SSDEEP:
MD5:38F69424E75F6E213E5B3EF204A1CBFA
SHA1:A519C40D601E3BF476019674DBC5DEA851D347B1
SHA-256:20EDC43A59A72234489CCEC63D598D82B9540A90DF874400DBB01862CF4C30ED
SHA-512:7C505B6193995F296A0032DDAD6F23DEC86FF8FE51713422B76D9B77C8C320F77F60D4405BD44BB734D0C7EB523A7CB38C30D59516B9FB45AB23DB658883837D
Malicious:false
Reputation:low
Preview:........\...h.b...i.s...j.....k.....l.....n.....o.....p.....r.....s....t....v....w.....y.....z.....|.....}.".....*...../.....7.....?.....G.....N.....U.....\.....].....^.....`...................................................-.....L.....]....._.....c.................................................<.....N.....].....w..........................................................!.....>.....\.....g.....r.....|............................ .....F.....m...............................................................<.....O.....Z.....q.......................................................0.....C.....U.....m..............................................................).....................(.....F.....g.....................................................P.....h.....|.......................,.....C.....J.....R.....l............... .....".....%.....(.....*.'...+.*...,.H.....t.../.....0.....1.....3.....4.....5.....6.k...7.....8.....9.....;.....<.....=.....>.....?.....@.#...A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\lv.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):395231
Entropy (8bit):5.643877222490623
Encrypted:false
SSDEEP:
MD5:7296DE64051AB88F0596237B1C97BCE0
SHA1:1E21AF0DD36CECD9468267188E0068D4EA0279FB
SHA-256:FE6B8DE069FE130CD64681CC0537BF0C2DB0FDA34D15ABD32F59E399334D6423
SHA-512:C0A28262E887ABCE4E0412470E4E06729EB83DF9C289782CA121297AC2902D15049B801683EE0A8B8D8D5A3A6E63CC73F723218A1B969867EB24E871177055A1
Malicious:false
Reputation:low
Preview:........b...h.n...i.....j.....k.....l.....n.....o.....p.....r....s....t....v.....w.....y.....z.....|.....}.......6.....;.....C.....K.....S.....Z.....a.....h.....i.....j.....l........................................................E.....a.....c.....g........................................................1.....I.....c.....t.....z.....................................................(.....>.....G.....J.....Q.....g.....y.........................................................-.....9.....R.....u.....y......................................K.....m.....~..................................................+.....C.....Z.....a.....d.....e.....o.....z............................-.....o.....z.....................J.....U.....g.....n.....}.........................................%.....D.....y............................................. .....".'...%.M...(.g...*.....+.....,.........../.....0.....1.+...3.<...4.R...5.w...6.....7.....8.....9.....<.....=.....>.+...?.3...@.C...A.....C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\ml.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):918317
Entropy (8bit):4.275099972323994
Encrypted:false
SSDEEP:
MD5:A9F7CFF33E1FBC052EEFA51446C6CF30
SHA1:B9901A146CEFB42455C2996F890A88196EED050C
SHA-256:CB97AA4711E4A307CC67E055C5D5631CD99433A2CC06572ECB153D41DC1D5643
SHA-512:23CA17E7207E9D7FD5874678F1C8B11D0E3CCEC663C02247558F96656420C80B74CFAEF0EBDE57B4BE52F3E77991C36BA29D52D9AA478E2F19691ED60BA51D71
Malicious:false
Reputation:low
Preview:........h...h.z...i.....j.....k.....l.....n.....o.....p....r....s....t....v.....w.....y.....z."...|.(...}.:.....B.....G.....O.....W....._.....f.....m.....t.....u.....v.....{.......... .....f......................=.....[...........+.....w.....y.....}................*.....Q..............................................e...........................7.....k...........B.....`...................................A...................................8........................................./.....W.................%.............................F...........8.....r.......................+...........r.................(.....[...............................................:.....u....."...........k...........(.................l...................................&.................U...........K.......................".....@.....w..................... .....".d...%.....(.Z...*.....+.....,.........../.l...0.|...1.....3.;...4.v...5.....6.p...7.....8.6...9.v...;.....<.....=.....>.)...?.?...@.s...A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\mr.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):745814
Entropy (8bit):4.323865784192064
Encrypted:false
SSDEEP:
MD5:5B0FFBD8848DDE61DCA9F39836390FAD
SHA1:7132F70058EC10A2353E963819DF020E2FB6B65F
SHA-256:B1D761386DFF997603BC1599422E09E244E385E32513FEB599F3DA7C0DFB7BD4
SHA-512:ED82D57318713B3769D705C4059DED2AE145F1D2760C42AF551D120EBB896562043742E543265C09BC843D88975D16722BC87B71D0515CB7320656A2D9E949A4
Malicious:false
Reputation:low
Preview:........'...h.....i.....j.....k.-...l.8...n.@...o.E...p.R...r.X...s.i...t.r...v.....w.....y.....z.....|.....}.....................................................................................................C.....U.....g......................".....J.....o......................:.....P...........................l....................................................................R.....[.....^.....z......................O................'.....J.....].....e.....l.....x.............................@.......................*.....X.................,.....^.........................................;.....\.....................................................#.....@...........p...................................Y.....r.........................................N.....s...........0....._.................?.....N.....m..................... .....".)...%.}...(.....*.....+.....,.......T.../.....0.....1.....3.*...4.g...5.....6.....7.:...8.....9.....;.....<.....=.,...>.X...?.k...@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\ms.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):340589
Entropy (8bit):5.2717274433443615
Encrypted:false
SSDEEP:
MD5:AF3F629EE9A1F6EF28A087BFC4735D42
SHA1:E49D9703937C15B31CA1F2CF3360E8BF4657CC90
SHA-256:1911FF37363577CA73CEBB803B8D076B77B7D8B7C81B7EDFFC28982514D7F46F
SHA-512:0BD51D0C0E4FE1AC4EBB6DBFBD68BD986F5B827FC1412F913892614D4B41A24AC6B981752543F8EC82FEAF1C8EAD9D798ECF06FA8182BDA8118E02F347FD23AD
Malicious:false
Reputation:low
Preview:........i...h.|...i.....j.....k.....l.....n.....o.....p....r....s....t....v.....w.....y.....z.....|.!...}.3.....;.....@.....H.....P.....X....._.....f.....m.....n.....o.....t.................................................(.....K.....b.....d.....h.................................................).....5.....C.....W.....d.....k.....p...................................................................#.....4.....C.....W.....n...........................................................'...........@.....n..........................................................3.....G.....J.....^.....r............................................................................8.....o........................................9.....K.....V.....`.....h.....o.............................................G.....\.....b.....h.....w............... .....".....%.....(.....*.....+.....,.).....:.../.P...0.Z...1.....3.....4.....5.....6.....7. ...8.<...9.O...;.c...<.n...=.....>.....?.....@...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\nb.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):333683
Entropy (8bit):5.446585856458686
Encrypted:false
SSDEEP:
MD5:025B1E129CABD2EC1F7CD9B19C97C96F
SHA1:5AB2AD877A1AFF52D450A9145AE197FAB7B6D2DE
SHA-256:DE03D755B7DB3C9D20708C1ACBF0EFE73B2531F92CF5F0741900E0AC15707BD2
SHA-512:94CD1C5D060EE6ADF84DA46032E41507571FE8B31846FA35A1FE64F6B0A06AA4ACA3CA27166AFE864997DEB75AD9422270AC16466F2F4854E68CFB768E77474C
Malicious:false
Reputation:low
Preview:........N...h.F...i.]...j.i...k.x...l.....n.....o.....p.....r.....s.....t.....v....w....y....z.....|.....}...................!.....).....1.....8.....?.....F.....G.....H.....J.....q.....|.................................................. .....".....&.....N.....b.....z.........................................................-.....3.....9.....H.....X.....g..................................................................1.....N.....g........................................................................./.....:.....D.....].....s..................................................................).....9.....M.....T.....W.....X....._.....g.....r.....y.............................2.....|.........................................................0.....M.....a.....x..............................................'.....?.....J... .O...".X...%.r...(.....*.....+.....,.........../.....0.....1.,...3.8...4.R...5.g...6.....7.....8.....9.....;.....<.....=.....>.....?. ...@.,...A.W.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\nl.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):344862
Entropy (8bit):5.379897450184995
Encrypted:false
SSDEEP:
MD5:A37AEE62D1C38D01C640278510EAFBC8
SHA1:59D7822DD1C6DB9E89C311180156624ADEB0BDBB
SHA-256:B4793C835F335BAD7E718EB9DF8C190984443C66D7458568BCA11F7BAD8AB4FA
SHA-512:2AEA71FED3164BD8F5FFD5EB4DC9ABDAB111A193D71A6F3C8521830D9D5C2A2F44F4A819EC3324CEC35DAB7152FC18AAD7BDD2ACB1E4C9E03CD6EE3199F715C8
Malicious:false
Reputation:low
Preview:........N...h.F...i.W...j.c...k.r...l.}...n.....o.....p.....r.....s.....t.....v....w....y....z....|.....}.........................#.....+.....2.....9.....@.....A.....B.....D.....r.....~....................................................................?.....W.....s...................................................%.....?.....D.....M.....\.....l.....{........................................................4.....I.....a...............................................................(.....?.....F.....[........................................-.....=.....G.....U.....t.....w.....................................................................$...........?.............................A.....V.....n.............................................................9.....\.....q................................................... .....".....%.9...(.T...*.m...+.p...,.........../.....0.....1.....3.....4. ...5.9...6.s...7.....8.....9.....;.....<.....=.....>.....?.....@.....A.H...C.a.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\pl.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):382301
Entropy (8bit):5.77753978888475
Encrypted:false
SSDEEP:
MD5:820518DD035E1B504C8B794506F56484
SHA1:01DA91E7D00EF0E8DE62161D0285B9B943A3B5BD
SHA-256:28FE82312383C121366EB254C37ED2DFBE2493C6248CDAC2B86DE82FEEEDFB45
SHA-512:714E2B72944A9BD4F732622EE2900C413D4B179CD79A5252FCB401CD75B9794382CD069041009CEFD5AA69D331A5CE8EA7FE07455C58783381E3C85A8D33CB94
Malicious:false
Reputation:low
Preview:........W...h.X...i.i...j.s...k.....l.....n.....o.....p.....r.....s.....t....v....w....y....z.....|.....}.............#.....+.....3.....;.....B.....I.....P.....Q.....R.....T.........................................................&.....;.....=.....A.....i..............................................................3.....D.....J.....P.....c.....w...................................................................3.....H.....d.......................................................................,.....e.....y..............................................&.....6.....V.....Y.....h.....v.......................................................................S.....................B....._.....z...................................................=.....L.....f............................. .....'.....1.....H.....b.....m... .v...".....%.....(.....*.....+.....,.......*.../.?...0.K...1.z...3.....4.....5.....6.....7.....8./...9.@...;.O...<.Z...=.d...>.x...?.....@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\pt-BR.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):361535
Entropy (8bit):5.443106688574975
Encrypted:false
SSDEEP:
MD5:9365F268AA04D060E381217506741C02
SHA1:055898349F1B7024923C1B2800E799FDB6A726C5
SHA-256:7E76684A6A86B0397714C9E5ECA2F567529931E27FE21A54ED5FC124329BCBD0
SHA-512:E29F436F899403BC751088038FEC7964957AB55AC52D3C0A1A10BC98EFE1CDD360081325F7D515E6A1AC5917312FA8191364AEB2F33C84946E53DE4E36550644
Malicious:false
Reputation:low
Preview:........j...h.~...i.....j.....k.....l.....n.....o....p....r....s....t....v.....w.....y.....z.&...|.,...}.>.....F.....K.....S.....[.....c.....j.....q.....x.....y.....z..................................................$.....,.....V.....k.....m.....q................................................$.....=.....W.....w..............................................1.....7.....B.....R....._.....c.....f.....m..............................................'.....-.....5.....<.....B.....M.....[.....s.....}................................(.....J.....T.....d.....q..................................................................... .....).....2.....;.....B.....R............................R.....g.....~......................................................).....=.....n...............................................(.....3... .7...".J...%.i...(.....*.....+.....,.........../.....0.....1.....3.*...4.N...5.g...6.....7.....8.....9.....;.....<.....=.....>.....?.$...@.9...A.p...C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\pt-PT.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):364667
Entropy (8bit):5.419087754984126
Encrypted:false
SSDEEP:
MD5:64547D12DC56F6CD5ED713E3F8042134
SHA1:95D7E036B1B42BAF45B74AD9DADF1C31E82F4B6E
SHA-256:D5EBE3EF0ED74F9236BE4F4F6D39EBB06E2E10FA356592AC9CF8C25E04032BFD
SHA-512:4EA47278467592C504ADF4BF83E1A767B690CD0EA05F9814D55B1DF73D71C36D6E2078DE6B19CB5BFD98250CD7263320B76404E8009B11DE28DFD03F851C3DD1
Malicious:false
Reputation:low
Preview:........u...h.....i.....j.....k.....l....n....o....p....r....s.....t.....v.....w.'...y.-...z.<...|.B...}.T.....\.....a.....i.....q.....y...........................................................................+.....7.....?.....`.....r.....t.....x................................................./.....?.....R.....m..............................................$.....,.....7.....G.....T.....X.....[.....b.....{......................................../.....5.....=.....D.....J.....U.....c.....y............................................4.....V.....a.....q.....~...................................................(...../.....2.....3.....<.....E.....N.....U.....f......................".....^.....r........................................................1.....F.....].........................................#...../.....M.....U... .Y...".m...%.....(.....*.....+.....,.........../.....0.....1.H...3.[...4.....5.....6.....7.....8.....9.#...;.7...<.F...=.R...>.v...?.....@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\ro.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):374111
Entropy (8bit):5.479941946149654
Encrypted:false
SSDEEP:
MD5:41495D709AEDE049BF63214D243804DC
SHA1:CDDCC90705779003ED20760B60B7339E2E83FDD8
SHA-256:4840DD4776B198AD61C8EA450075987D0C4CDE0B976508906907039C5B6FFC56
SHA-512:07C369773096AD96C3F49798E9C0561DF8FAAE5AC7E106DA2E359BCEEE711045E3C5292420D56E57AA0F4BA0EC46D7BC2EEA187481A12D2E7875BC361DEA1E45
Malicious:false
Reputation:low
Preview:........N...h.F...i.W...j.a...k.p...l.{...n.....o.....p.....r.....s.....t.....v....w....y....z....|....}.........................!.....).....0.....7.....>.....?.....@.....B.....}....................................................................".....J.....k...................................................#.....E.....\.....d.....w........................................*.....F.....J.....U.....].....z............................3.....V.....g.....o.....w.....~....................................................".....C.....S.....z...................................................,.....?.....Z.....x...............................................................u......................4.....J.....z.....................................................(.....?.....m.........................................3.....Q.....]... .g...".{...%.....(.....*.....+.....,.........../.....0.0...1.\...3.m...4.....5.....6.....7.....8.....9.&...;.9...<.E...=.V...>.q...?.y...@.....A.....C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\ru.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):607991
Entropy (8bit):4.854838927241052
Encrypted:false
SSDEEP:
MD5:DC22B380E7F3057CD30A1EFBEFFE329A
SHA1:CE964424B3821561C77C47C056432B2DD0E0B9BD
SHA-256:C0F56B46DD5E7CD893F2F8E79F9F5385A3906F6B51A5099F7EC2E64A7B508183
SHA-512:CEB2BE7F43EBEED2FFAB4AB99AB64D8F1F2F495A3CECEB2C33201D7693FA160EC6FDD59359EF4809C5C7747F4FF8AD29A0F06E9884416514583208CDAD3D6D3D
Malicious:false
Reputation:low
Preview:..........l.h.....i./...j.;...k.J...l.U...n.]...o.b...p.o...r.u...s.....t.....v.....w.....y.....z....|....}.....................................................................t.................................*.....4.....>.......................................#...../.....N.....b.....{............................J.....m.....y......................;.....u..................................................*.....E............................/.....=.....E.....S.....t.................................N.....^.......................).....J.....]..................................$.....B.....d...........................................................x.............................F.....m............................./.....D.....R...............................................N....................................... .....".#...%.V...(.....*.....+.....,.......+.../.d...0.u...1.....3.....4.....5.L...6.....7.....8.....9.+...;.A...<.[...=.o...>.....?.....@.....A.W...C.....D.....E...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\sk.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):385044
Entropy (8bit):5.826129719993973
Encrypted:false
SSDEEP:
MD5:9A609AD68435E0540C47A96EA0BC3CF5
SHA1:7C49AC1A2214A590693019F63F2A2ED7208EBF3F
SHA-256:3027384E30D01E7D53D9D340B7DDD91665C7EC94881C8D717344BAE354B2C6A1
SHA-512:177B09F27BC69FBCA37028B460012170B7B2A774CFD323585531E5A682FA31E4EA25CA1FA8A42F3C19AD370CF689E57487065E95C13E4058242C7A06B88D09C9
Malicious:false
Reputation:low
Preview:........Q...h.L...i.`...j.l...k.{...l.....n.....o.....p.....r.....s.....t.....v....w....y....z.....|.....}...................$.....,.....4.....;.....B.....I.....J.....K.....M........................................................6.....K.....M.....Q.....y............................................'.....5.....E.....a.....p.....v.....~..............................................'.....-.....;.....F.....d.....z......................................................... .....1.....@.....W.....b.....}...........................!.....F.....P.....^.....j.....y....................................................................'.....5.....=.....I.....Y.................M.....T.....................).....9.....T.....Y.....e.....p.....y...................................8.....o............................................. .....".)...%.M...(.h...*.....+.....,.........../.....0.....1.....3.!...4.A...5.`...6.....7.....8.....9.....;.....<.....=.....>.....?."...@.5...A.{...C.....D...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\sl.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):370696
Entropy (8bit):5.50251677777961
Encrypted:false
SSDEEP:
MD5:CA037617EA943C6D585931A912342FFE
SHA1:046FC9BA9678E3FA3DBC1939EE180E6E1D72E6D0
SHA-256:1B4F4FC0B71A8EBC8E74C44802CDE3B6ED1ABD4200D8B39AD296DA0A06B62BBB
SHA-512:D63BA528100E48F5EBA7BA43B3B8F1DBF569915E99DAC8EAC22E89F832F72110492543578EA593FD50816E6202DE9891164C9A7E9068A5458C84585B686F759C
Malicious:false
Reputation:low
Preview:........L...h.B...i.S...j.]...k.l...l.w...n.....o.....p.....r.....s.....t.....v....w....y....z....|....}...............................%.....,.....3.....:.....;.....<.....>.....h.....z.............................................+.....>.....@.....D.....l...............................................................-.....:.....B.....K.....Z.....n.....}..............................................................0.....I.....c.......................................................6.....I.....T.....d........................................!.....2.....A.....M.....\.....v.....{................................................................................%.....k.......................L.....o................................................. .....K.....\.....t.............................'...........5.....B.....].....i... .s...".....%.....(.....*.....+.....,.......(.../.E...0.O...1.....3.....4.....5.....6.....7.....8.-...9.M...;.Z...<.f...=.p...>.....?.....@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\sr.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):573866
Entropy (8bit):4.773847753538816
Encrypted:false
SSDEEP:
MD5:880FC5FEE125DDE8C1DBC2DAB16D4D05
SHA1:29C0F5F7892F6080CDF8D680972CFC15183A8F4A
SHA-256:8B0217042D8C86D49CCEACACE04B324859B44D1AC51AEEBCDB72C0772FCB8892
SHA-512:CFD85CA23EF47E280E927C897EEEAA1A73C7117BBF8CBE088B79983C08CD6BCC4E51EC0205A37C94C0EF93CDD66AD07C340C02A4916F51DDA37243B6A3AB2F29
Malicious:false
Reputation:low
Preview:........g...h.x...i.....j.....k.....l.....n.....o.....p....r....s....t....v.....w.....y.....z. ...|.&...}.8.....@.....E.....M.....U.....].....d.....k.....r.....s.....t.....v.....................7.....Q.....l.....................(.....]....._.....c.................................%.....<.....V.................................."...........V.......................%...../.....?.....X.....s.....}..................................0.....e.......................................#.....:.....\.............................!.....3.....V.....y.......................3.....C.....c.........................................<.....\.....c.....f.....g.....q.....}.......................I...........e.....u...........E.....r...................................4.....>.....b.......................G.......................1.....=.....Q.....f............... .....".....%.$...(.V...*.....+.....,.........../.....0.....1.e...3.|...4.....5.....6.U...7.}...8.....9.....;.....<.....=. ...>.R...?.c...@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\sv.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):336093
Entropy (8bit):5.546337755862254
Encrypted:false
SSDEEP:
MD5:E7D2D089133C561C69A5AEE13B61B11D
SHA1:F374EFE484CEAA718F930F8CC5AAC3CC845CE012
SHA-256:DFA03FA63B4B733829BF107C6944AC0E7A66D1D3DB732E90504B1AFC80565FFF
SHA-512:A2195896584924BEEF21BD4DC306B2F6905B560A94FC10777096837511D90DC22345A8431036367E4962D8D0AC047CA3F15F5A04EDEB0D7E0D8A2905DE85B61E
Malicious:false
Reputation:low
Preview:........3...h.....i.!...j.-...k.<...l.G...n.O...o.T...p.a...r.g...s.x...t.....v.....w.....y.....z.....|.....}....................................................................8.....I.....[.....o.....w........................................................5.....M.....S.....c.....t.....{........................................................'...../.....g.....}.....................................................................O.....s....................................................................<.....D.....O.....g.....w.......................................................%.....2.....D.....U.....r.....y.....|.....}........................................6.....p.....w................................).....2.....:.....<.....B.....T.....u.................................=.....W.....].....g.....w............... .....".....%.....(.....*.....+.....,.......).../.=...0.W...1.....3.....4.....5.....6.....7.....8.#...9.2...;.C...<.K...=.Y...>.p...?.y...@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\sw.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):352538
Entropy (8bit):5.355707355203267
Encrypted:false
SSDEEP:
MD5:0D31C0D250D567F354EE3DCC1386C67E
SHA1:E2588932DCB2EA27927EEB22E4AC30DC59193228
SHA-256:092E76CCE54B52990702440C5A4C6A25B2A9222DA43F72B4E6052A037C128235
SHA-512:3F3D364BCF17B4F2A26F72965B8149CC880D8324ABA16B4F148A9274C48578FE1427AD8773C876638D7D473A156FDB362C0F38AFDF8DC679879F548652330ED2
Malicious:false
Reputation:low
Preview:........a...h.l...i.w...j.....k.....l.....n.....o.....p.....r.....s....t....v....w.....y.....z.....|.....}.&...........3.....;.....C.....K.....R.....Y.....`.....a.....b.....g........................................................(.....?.....A.....E.....m........................................................'.....D.....U....._.....e.....|..................................................#.....&.....+.....<.....V.....n.........................................................,.....=....._.....f.....x................................>.....k.....u........................................................5.....E.....L.....O.....P.....].....d.....i.....p.....w..................................V.....n............................................................,.....J.....y...............................................;.....F... .N...".^...%.....(.....*.....+.....,.........../.....0.....1.M...3.c...4.y...5.....6.....7.....8.....9.....;.....<.(...=.6...>.J...?.S...@.n.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\ta.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):901855
Entropy (8bit):4.064355062810535
Encrypted:false
SSDEEP:
MD5:0FC74B600B04F49186800FE79F6039F8
SHA1:B60F34B645C7746CFA96B814F3F48958CE8D6F53
SHA-256:7529454C63A10CF54E283C7D6745B4BB74476CC5602F37CE090A06E80AA84C9F
SHA-512:4D88903F618F37B714E5509F7B0336AF648A76E4EBD15A1C1B56F6C21C099AD9133C9E4A0C28A0BA73013BEA01BEE87EF083DF72C323B876F5B4A2A506F898C5
Malicious:false
Reputation:low
Preview:........(...h.....i.....j.....k.&...l.1...n.9...o.>...p.K...r.Q...s.b...t.k...v.....w.....y.....z.....|.....}..................................................................................1.....O.....X.....................U............................'............................4............................x...........................=....._..........T.....l......................+...........@.....x.................%.................3.....U.....a.....i.....p.......................8.....S.....{.......................G...........,.............................>.............................9.....l.........................................$.....9.....L...........k...........................................................,.....S.....k.....w.................q...........T.................e.............................I.....m... .|...".....%.....(.....*.....+.....,.......C.../.b...0.{...1.....3.@...4.....5.....6.....7.....8.U...9.....;.....<.....=.....>.E...?.X...@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\te.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):838803
Entropy (8bit):4.3014840240988015
Encrypted:false
SSDEEP:
MD5:EA450A08E85FE4C5B7C71A61DE07868D
SHA1:A8FFF5309CF66699EE28E81101F8634DAD6CC49B
SHA-256:71E5E7665ABD657F33D2D8349B9684ABC8B944B9BEA682AA12E07E1C4E431E5E
SHA-512:C4F1344FCA990FAE6C0A5AE4AD3283F46029C0DB65A62200B189D68C8805B1FD804A4060276FDC92997D019D19EFBA4B0AD7E3A83E047007A667525188090270
Malicious:false
Reputation:low
Preview:........j...h.~...i.....j.....k.....l.....n....o....p....r....s....t.....v.....w.....y. ...z./...|.5...}.G.....O.....T.....\.....d.....l.....s.....z...................................?.....s.....................+.....L.....a..........@.....B.....N.....v......................>......................J.....l...........0.....a....................................................8.....u.............................D.................B.................v.........................................>.......................S...............................................V.....r.............................8.....Z.........................................0.....W.....~.............................7.............................c.................7.....C.....s.......................T.....................................................D..................... .....".&...%.....(.....*.2...+.5...,.S........./.....0.....1.....3.....4.....5.R...6.....7.....8.c...9.....;.....<.....=.....>.4...?.G...@.~.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\th.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):706701
Entropy (8bit):4.347949478657651
Encrypted:false
SSDEEP:
MD5:E7AA2AB72FF12D546F3794BEECC235AE
SHA1:018060AA8412988559C59D155435C5FC1EEAE34E
SHA-256:4CF9C52C112A1B4CD3563869518530662EACCC93C0F118AC15EB4571FD369D96
SHA-512:A236E19173790D43D9049D0CC00361C44934D6E8EC6A4B77DD1C4A57681FA66C6007C258DA045C8B67F799D51195F2E11FDCBD873BDA582F0891FF126A072E45
Malicious:false
Reputation:low
Preview:..........t.h.....i.....j.!...k.0...l.6...o.>...p.K...r.Q...s.b...t.k...v.....w.....y.....z.....|.....}........................................................................V.....z.......................@.............................;.....=.....A.....i...........................2.....J.....q.....................2....._.....z................(.....U............................O.....p.....|..................................V..............................................).....J.....i......................J.....}.......................s.............................T.....W.....{...................................%.....(.....F.....g.....y.................<...........W.....i.................h.............................F.....a.......................0.....`.....................................................R.....s... .|...".....%.....(.$...*.o...+.r...,.........../.....0.....1.....3.....4.....5.6...6.....7.....8.....9.D...;._...<.x...=.....>.....?. ...@.8...A.r...C.....D...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\tr.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):359192
Entropy (8bit):5.625655508927525
Encrypted:false
SSDEEP:
MD5:9CCE758EECD528EFFB7622997CE97F91
SHA1:5DD837F4C850761FAFFB424C80DE4157605D66EB
SHA-256:797AAFDE72761531697D23CC5D41096DBFAACFA7B83EF7088E941E9284586E74
SHA-512:BCCD704A3960C661EEA89A5E6C9F1667B30718FF7763431A711B2D6D139111D5DC57646B6943BEDD5BE103BF8D3490B704848746CC0D4642C6FAA2B46B668DE2
Malicious:false
Reputation:low
Preview:............h.....i.....j....k....l....n....o....p.....r.....s.....t.....v.0...w.=...y.C...z.R...|.X...}.j.....r.....w............................................................................&.....1.....?.....].....j.....~....................................................*.....=.....G.....`.............................................................X.....p.....t.....|.........................................................$.....<.....V.....d.....i.....q.....x............................................!.....=.....L.............................................................$.....;.....T.....d.....k.....n.....o.....y........................................2.....q.....w.................................-.....6.....@.....I.....P.....i...................................-.....Z.....p.....w.....}..................... .....".....%.....(.....*.'...+.*...,.H....._.../.x...0.....1.....3.....4.....5.....6.7...7.T...8.y...9.....;.....<.....=.....>.....?.....@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\uk.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):606754
Entropy (8bit):4.892360516025319
Encrypted:false
SSDEEP:
MD5:0EF500ED746D9682B8D1D626ADD09FF1
SHA1:346EAA1387D155635437429B038023CDF00F2C63
SHA-256:2D4B69CD662667668899EAF64CB0DAC362A35FB8E0F23577888975100AAB4382
SHA-512:34785B29BDF3032633C2610C0AEF31AB3ADAFC628E44E5DF76ED2E605FA79E2C47FC9D2AFF294DD67A90F7C3B36B56BC491DBDFF7FB96D91E8A98F6552F59757
Malicious:false
Reputation:low
Preview:............h....i....j.....k.....l.....n.....o.$...p.1...r.7...s.H...t.Q...v.f...w.s...y.y...z.....|.....}..................................................................G.....d.....}.................................'.....j..................................+.....=.....V.....j.................................N.....o.....{...........................7.....c.....m.....}.............................................3.....l............................(.....0.....>.....]................................8.....K..................................:.....Q.....q...................................1.....S...........................................................i...........u........... .....Q.......................+.....J.....^.....r.............................E.......................P.....{................................. .....".=...%.|...(.....*.....+.....,.$.....h.../.....0.....1.....3."...4.^...5.....6.....7.....8.5...9.T...;.Y...<.q...=.....>.....?.....@.....A.....C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\ur.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):534831
Entropy (8bit):5.162892753359617
Encrypted:false
SSDEEP:
MD5:D7BA85FB9A1FD2D2EA3CD9CB36AE1F82
SHA1:813296EA7216966F90CA1682C9650194CF879012
SHA-256:B978FE26B397FA7CD106821E405294C57567452EC95BBA551D0E1A6CC3531781
SHA-512:077D563C2CB8145558DB9F9D0B34EB36441E9E77067714C6F5855DE85FD90BE0D64DCA39DF7673CEB8BF691922483AD53B9B5AFEAD069DB400ABC0016DFA1643
Malicious:false
Reputation:low
Preview:........O...h.H...i.P...j.\...k.k...l.v...n.~...o.....p.....r.....s.....t.....v....w....y....z....|....}...............................$.....+.....2.....9.....:.....;.....@.................................#.....K.....W.....a......................................?.....T.....s............................(.....N.....z........................................k....................................................=.....h......................$.....S.....w....................................................H..................................h...............................................+.....F.....a.................................................................0.................n.............................E.....a.....}.........................................9.....p.................&.....s....................................... .....".1...%.d...(.....*.....+.....,.........../. ...0.2...1.....3.....4.....5.....6.Q...7.....8.....9.....;.....<.....=.....>.&...?.3...@.U...A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\vi.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):425500
Entropy (8bit):5.809000868111553
Encrypted:false
SSDEEP:
MD5:5ECE0B4F29B6ECD6BED46F70888B7F52
SHA1:C9526301591BA37D769670E2719EBABE418EEC6A
SHA-256:C93C04BAA7B629F11870D7ABC7A9F78BA5A68FCEB4DDFACB6FE4CCBE768DEAE1
SHA-512:BC0927F6235658CEFACD4ED1667C982754308A6998780394C65046010767F2237C5728660A5054358746F811989148FC624F02DFB997D05E205CE92506099078
Malicious:false
Reputation:low
Preview:............h.....i....j....k....l.....n.....o.....p.....r.....s.-...t.6...v.K...w.X...y.^...z.m...|.s...}.........................................................................................1.....>.....G.....n.....z............................................1.....;.....R.....r.....}................................$.....(.....-.....>.....P.....`............................................................!.....7.....b...........................................................F.....P.....o.................................R..................................................../.....M.....].....u................................................................Q..................................@.....K.....[.....f.....q...................................!.....[.....s.........................................*.....5... .A...".Z...%.....(.....*.....+.....,.........../.%...0.2...1.f...3.s...4.....5.....6.....7.....8.&...9.9...;.J...<.T...=.e...>.....?.....@.....A...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\zh-CN.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):308863
Entropy (8bit):6.687890614032225
Encrypted:false
SSDEEP:
MD5:73EF8BDFA58E55FC0753E88E34DD6EAF
SHA1:BDCDF0BCBF1987AF2C98D8B38D7AD59F2722C88B
SHA-256:08E67AAB8349A07B98CB8A17DCC582C8DE0411906D2851BC93BE76166E2773A5
SHA-512:49A9659D2F31251E3BE77223063978E09753B2D5932EABE0877D53FC8B80E0DD2E149CFA9D2CADB3C7D3CC5BC5E8F1722220F3633BCC81343669F8763265ED4B
Malicious:false
Reputation:low
Preview:..........K.h.`...i.h...j.k...k.z...l.....m.....o.....p.....r.....s.....t.....v....w....|....}.............................. .....%.....-.....4.....;.....=.....B.....p.....y....................................................................D.....Y.....q.....w.........................................................%.....+.....7.....O.....[.........................................................................0.....H.....`.....x.............................................................. .....,.....;.....S.....t.............................................................1.....E.....Y.....h.....o.....r.....t..............................................'.....T.....Z..............................................................,.....>.....J.....b..............................................*.....>.....G... .M...".Y...%.t...(.....*.....+.....,........./.....0.....1.1...3.B...4.W...5.x...6.....7.....8.....9.....;.....<.....=./...>.N...?.^...@.v...A.....C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\locales\zh-TW.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):306015
Entropy (8bit):6.696656078948314
Encrypted:false
SSDEEP:
MD5:C9E20AAE96B264476191F1B14B446905
SHA1:56DCF2F68E82B6989D1772187481140DD21A35D6
SHA-256:EAFFDB916700BEC8E840CBAF5DE8F4032C519CDD6C089BB95FFD13639E7CD3BF
SHA-512:9749D24778D57AD6B17DECBDD58036BD1F8C89F3AEC6319EA640DEC4CE65FCA5C4EBF21E7D0FF4A22DA816A16B467FDFA26273390765BAC6744918ACFFD18833
Malicious:false
Reputation:low
Preview:..........a.h.4...i.E...j.I...k.X...l.c...n.k...o.p...p.x...r.~...s.....t.....v.....w.....y.....z....|....}..................................................... .....X.....a.....m.....|..........................................................;.....J.....b.....h.....t..............................................................................L.....^.....d.....m.....y....................................................................".....(.....0.....7.....C.....O.....\.....q.....}......................................".....@.....I.....U.....a.....s.................................................................................(...........8.....H.....u...........................&.....8.....Y.....e.....q.....w..................................................%.....D.....k.....z................................. ....."....%....(.....*.!...+.$...,.T.....i.../.....0.....1.....3.....4....5.....6.6...7.K...8.]...9.i...;.{...<.....=.....>.....?.....@.....A.....C...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources.pak

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):5373804
Entropy (8bit):7.995234478545845
Encrypted:true
SSDEEP:
MD5:970A335685AAC2772CB4567AE3CDAD23
SHA1:47091B7C9B7A9DDBA675E41AE4DC71737A7E7940
SHA-256:5E536897B82B2357AB08A8BC6437C37BBB03FEA2A8B2D6506DC7CE5AEC7546EB
SHA-512:ACBBC12D5CA9AAEA4F2AA049A62E012EDC5D247EBE2F1F999E77F5BB1F7E3DA4982E5E5142F58C4C907246D7313093ACB2B75F2D0E6F3A25CA59CC4CD00DE578
Malicious:false
Reputation:low
Preview:............f.....g..(....p/....D2.....5....;H...0.N...0IW...0.Y...0Uk...0.n...0.r...0.t...0T}...0g....0....0>....0.....0.....0.....0....0.....0....0....0/....0\....0....0.....0....0^....0.....0.....0=....0T....0c....0.....0.....01....1:....19....1P....1.....1.....1,....1.)..#1.)..$1.*..%1.,..&1'8..'1.;..,1NS..-1.W...1.`../1yo..21M...31....41....51|...61.....1'....19....1.....1.....1.....1@....1P....1.....1.....1[....1C:...1.?...1.E...2.V...2.g.. 2.x..!2.y.."2.}...76....7.....7!....7....7....7.....7.....7.....7.....7v....76....7.....7.....7....7>....7.....7.....7.....7.#...7.0...7.8...7};...7.>...7_@...7.A...7,D...7.E...7.G...7.I...7-K...7.M...7.T...74V...7YZ...7.[...7.^...7.a...;.h...;7q...;.t...;.u...;.w...;.f...<.r...<.t...<.....<.....<....<.....<.....<V....<[....<.....<.....<.....<d....<K....<.....<f....<#....<n....<.....<.....<x....<.!...<.(...<*5...<27...<?9...<+<...<.=...<-?...<.A...I.....I....I....I.....I.....IF....I....I.....I.....I.....I.....Iz....IZ....I.....I..

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app-update.yml

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ASCII text
Category:dropped
Size (bytes):169
Entropy (8bit):4.726485828107381
Encrypted:false
SSDEEP:
MD5:F74C0DD846EC12073026967B64EFD694
SHA1:FF5CAA9B2DDF2C9254DCAA2B3C17DDDBB6FEF8F6
SHA-256:029A6B1C4CAB8FCD391E96BEA17184CD95C2A68E59A73C84E19076205BE17B20
SHA-512:E082FDCB64D060F0D4C72371B01590B628101B6ACB7B820A088AE630197E9DBBC40B6535FABCD6C4CA2CAA3C238BF127A3606E2F6B2CD4F088323111A03A493F
Malicious:false
Reputation:low
Preview:provider: generic.url: https://simaris-toolbox.siemens.cloud/download/suite/.updaterCacheDirName: simaris-suite-app-updater.publisherName:. - SIEMENS AG. - Siemens AG.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):23602047
Entropy (8bit):6.746580042913575
Encrypted:false
SSDEEP:
MD5:ABEFE88FF178C632D05E4F199E686FE7
SHA1:C2794B39AFF9645BBC86479976C0EC8ECA3192C8
SHA-256:5F4CD84A9550CDC3802DE140CC4B37A903A6631AD5F698389ABAB31F82D75841
SHA-512:FC8131B97C56D46B35FF1FA8AB474F72C259C7E1A9E9F45BCD7BB0C40ECCDB2A63267F9F50C341949A286923111F2D0401D949FA1515D864CBA8753195580B0E
Malicious:false
Reputation:low
Preview:....L...H...D...{"files":{"README.md":{"size":404,"integrity":{"algorithm":"SHA256","hash":"5afad66756e81512be98b3004d4ba027a0860a2c08fbec48228e50a79c1da4bc","blockSize":4194304,"blocks":["5afad66756e81512be98b3004d4ba027a0860a2c08fbec48228e50a79c1da4bc"]},"offset":"0"},"angular.json":{"size":4916,"integrity":{"algorithm":"SHA256","hash":"1331348000489ee4c8eefa4fa8e9e70816af57657cae5e87e4c244fd0b59c98e","blockSize":4194304,"blocks":["1331348000489ee4c8eefa4fa8e9e70816af57657cae5e87e4c244fd0b59c98e"]},"offset":"404"},"credentials.js":{"size":249,"integrity":{"algorithm":"SHA256","hash":"86e80978e0ec11a8b53beaf2674eff5e1a8b25612ac31c39bd62c2c3730cdb28","blockSize":4194304,"blocks":["86e80978e0ec11a8b53beaf2674eff5e1a8b25612ac31c39bd62c2c3730cdb28"]},"offset":"5320"},"dev-app-update.yml":{"size":51,"integrity":{"algorithm":"SHA256","hash":"16b02129f490e42a515682208ed3b762efafd5d1322cd0a134b9215a331db9d9","blockSize":4194304,"blocks":["16b02129f490e42a515682208ed3b762efafd5d1322cd0a134b921

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\7x.sh

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Bourne-Again shell script, ASCII text executable
Category:dropped
Size (bytes):235
Entropy (8bit):5.386038711240846
Encrypted:false
SSDEEP:
MD5:8A65A1AB93601DDECB93AF2A310DD68B
SHA1:A1D449CA51B5BA67BE9CBCAA7901CF9B3F1C0F04
SHA-256:AD693686D24184B7BC49FC357B93FCA63D35A62D6509B7225252D7F18701F49A
SHA-512:25844B7975D5567B70D793369342211BAC5CEB5D17FEE7CC7A0A6A0A2B8D42F4188119544927DA81CD88C115FAD9D09993F2EF61EE228ED16FC20E0AB323482A
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:#!/usr/bin/env bash..sz_program=${SZA_PATH:-7za}.sz_type=${SZA_ARCHIVE_TYPE:-xz}..case $1 in. -d) "$sz_program" e -si -so -t${sz_type} ;;. *) "$sz_program" a f -si -so -t${sz_type} -mx${SZA_COMPRESSION_LEVEL:-9} ;;.esac 2> /dev/null

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\LICENSE.txt

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ASCII text
Category:dropped
Size (bytes):1087
Entropy (8bit):5.112529278515453
Encrypted:false
SSDEEP:
MD5:D9FB291501A56892C48E0808076B7037
SHA1:EE89EB7662881FD2D5E21D5CC802162884FFEC2F
SHA-256:E9F2248A07935F444C613D84E5A0239EAB7537A80CC02212F386662F0DED0E11
SHA-512:A1F2D6B0DDC8ACF88D2A773C768E5F77829B9D3FD6CD04AD987DF8A4EE153261DE9BABB7F487A9E0CA3C9C8ACCAFD2DE08906E0AE5AEE1F1C63B969680872114
Malicious:false
Reputation:low
Preview:The MIT License (MIT)..Copyright (c) 2016 Vladimir Krivosheev..Permission is hereby granted, free of charge, to any person obtaining a copy.of this software and associated documentation files (the "Software"), to deal.in the Software without restriction, including without limitation the rights.to use, copy, modify, merge, publish, distribute, sublicense, and/or sell.copies of the Software, and to permit persons to whom the Software is.furnished to do so, subject to the following conditions:..The above copyright notice and this permission notice shall be included in all.copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,.FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE.AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER.LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,.OU

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\index.js

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ASCII text
Category:dropped
Size (bytes):500
Entropy (8bit):4.810669499537998
Encrypted:false
SSDEEP:
MD5:9FE8A485038BE54D687AD7DD9DFF80D3
SHA1:76FC7B47A329B759539BCA0B785AD41C083C29BE
SHA-256:48659F660A13B5FA01622F87DC8A5306CE7C232ABF93B82A3B2F6E94C2CF5C86
SHA-512:0F3B2CE074EDE02079BDAB4229F6D4DED5EB7EC64546C3B9F103114AABB35093FECFD04677A0A84D3691FB49BAE8A6C5489CEE946C7F5F4B86AEC3E96434DFAC
Malicious:false
Reputation:low
Preview:"use strict"..const path = require("path")..function getPath() {. if (process.env.USE_SYSTEM_7ZA === "true") {. return "7za". }.. if (process.platform === "darwin") {. return path.join(__dirname, "mac", process.arch, "7za"). }. else if (process.platform === "win32") {. return path.join(__dirname, "win", process.arch, "7za.exe"). }. else {. return path.join(__dirname, "linux", process.arch, "7za"). }.}..exports.path7za = getPath().exports.path7x = path.join(__dirname, "7x.sh")

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\arm64\7za

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ELF 64-bit LSB executable, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 3.7.0, BuildID[sha1]=2547eefd858937d7fe90bd2e31e0e9af3058f732, stripped
Category:dropped
Size (bytes):1155640
Entropy (8bit):6.225385453526986
Encrypted:false
SSDEEP:
MD5:BBBF518E41F7AC044CBF5E25BFAE8B2D
SHA1:5F1DF07D814224931D0AEF78D8B45FF89474AC78
SHA-256:D363B0055AFB4F7F336152DD5D00F1CC992D6E86A56E4A1EC84B2AC26DEE27FF
SHA-512:02C447DB478013E8D4452BE017222CCD261D6A818C28E210BFAC8C4C2ED2CACA16C0B8BC8290AF5FDD61077DE43FA36CB012007609279714051640DD276BE1BE
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:.ELF.....................1@.....@...................@.8...@.............@.......@.@.....@.@.....................................8.......8.@.....8.@...............................................@.......@...................................H.......H.R.....H.R.....l.......`...............................R......R.....................................T.......T.@.....T.@.....D.......D...............P.td....`.......`.N.....`.N.....<l......<l..............Q.td....................................................R.td....H.......H.R.....H.R............................./lib/ld-linux-aarch64.so.1..............GNU.............................GNU.%G....7.....1..0X.2...................$.N..@.. C..T...E.P%......@...".`P).b..m.. .)@!.d.....K%..(...9H..`....*J.....BH..T......(....y.H.....Q...``D.R.a@A...A..... ................................................................!.......#...&...'.......(.......,...........-...........0...1.......2...5...6.......7...8...............:.......;...........<...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\arm\7za

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for GNU/Linux 2.6.32, BuildID[sha1]=ee6eb3460fd91348d16604d09fd3e43435b24c53, stripped
Category:dropped
Size (bytes):1006780
Entropy (8bit):6.094143148356557
Encrypted:false
SSDEEP:
MD5:601642DC448C3B398E92EC0D19E447A1
SHA1:114F88FCA99D59EB7A1A180F0E3ECE3F056F28C9
SHA-256:3A68D5C794BB8534040F3F93480A7FE8194BF5ED8E0D3E2AC0DE4DEA9677A64C
SHA-512:E67CB183E4E7F8EE30D7CA8E3357573ACF6C04FA31415862D75703A9536E1C46C2A340F4B6F8A06213A05D802D0CD8B044D1E84D51A4E39211896BA3D1F9FB5D
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:.ELF..............(.....p$..4...4X......4. ...(........p............@C..@C..............4...4...4.......................4...4...4....................................H...H...............P...P...P......P................P...P...P......................P...P...P...D...D...........Q.td............................/lib/ld-linux-armhf.so.3................GNU............. ...............GNU..n.F...H.f....45.LS........ ..........$.F. A..@B..4..8V.R.........".".h.).b.0i.....P%.` ....i4.......@..q..h..J...(.R....@..........i.H..(..A.P.``..@.c.....@.$...H................................................................ ..."...#...&...'...(...).......-.........../...2.......3...4.......5...8...9.......:...<...............>.......?...........@...A...B...C...........D.......E.......H.......J...K.......L...M...O...............P...Q...S...........T...U...W...........X...Y.......Z...........\...]...^...........`...b...c...e...h...i...j...................l...m...n...q...s...t.......v...w...x.......z...{...

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\ia32\7za

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.0.30, stripped
Category:dropped
Size (bytes):1638192
Entropy (8bit):6.256673186188143
Encrypted:false
SSDEEP:
MD5:DBA8AD5C0F1A27E9E387817DF9CEEBBD
SHA1:33B7AE00C218A250C30588FA134DC9946665147B
SHA-256:8400FE1F78C7033DDF16F55B82C3A520A91C424A29D5163C45C6E085C5834373
SHA-512:1276BFF843177A0D4C6B6EDBE4BCBA26B88164853FD7A518D6ADC114E1F87D01CE3EFE3CB8F3E8A83355B3789B7F4DA53231A0E994E0314B8E38FCEE20E674E1
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:.ELF.......................4...........4. ...(.........4...4...4......................................................................................................O...................6...6.................................. ... .........../lib/ld-linux.so.2..............GNU.........................*.......5...|...........................o...k...M...........................Z...................{...V.......;...........N...................a...........`...<...z.......:...........W...............p...................R..........._...........w...............................s.......'...y...v.......................j.......................h...........f...^...........".......................X.......i...........8...........x...P.......................$...l...........)...E...............Y.......b.......................................................................................................................................................................................!...................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\x64\7za

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, stripped
Category:dropped
Size (bytes):1457384
Entropy (8bit):6.1582617055761215
Encrypted:false
SSDEEP:
MD5:6A2E4039A2F56265369F22ECB1A19FD5
SHA1:B0EA59484A4827D7D9A0A27A5270310EF07E61A8
SHA-256:AFC9448BD0CC2EEDA131CCE313EF4994F9656417E0A15C8465FCDA9CA859B280
SHA-512:796188635271CBD7DBD6A7F37CB4D4D5B394C8A302DC62008C40B4BE507382925EEB8A550CA11E81C791D5DBDA238F95DEDECBDD0DADDF84907C4FA3A9B1CA59
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:.ELF..............>......1@.....@........5..........@.8...@.............@.......@.@.....@.@.....................................8.......8.@.....8.@...............................................@.......@....................... ..............,.......,v......,v....................... ..............-.......-v......-v.....................................T.......T.@.....T.@..... ....... ...............P.td....0.......0.R.....0.R......t.......t..............Q.td....................................................R.td.....,.......,v......,v............................./lib64/ld-linux-x86-64.so.2.............GNU............. ...........z............ . T........D..z...~.......(.....l...c..fUa.8..&.....?.D.....lxIk..h......................................................................................................e.......................".......................Z...............................................Y...............................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\x64\build.sh

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Bourne-Again shell script, ASCII text executable
Category:dropped
Size (bytes):266
Entropy (8bit):5.263227075149896
Encrypted:false
SSDEEP:
MD5:08025B57DDF3DF9BC3E2844D86E4135F
SHA1:BECACDD4705FD90EB2A8F45775572FFA08629082
SHA-256:0EC26A7D575CC22EF6DD2FC6F35E9240593190FAF20B7F76B3F4BBD2B7EAB5FB
SHA-512:914D2DA94700E3C91974DA71B16366DFC8972AD59ED64719C4EB7805A89EE3ED1B12712A292C9C73164CDB9F9DF6F6CFA847EB123387ED499205D9157CDBE65F
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:#!/usr/bin/env bash.set -e..BASEDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"..rm -rf /tmp/7z-linux.mkdir /tmp/7z-linux.cp "$BASEDIR/do-build.sh" /tmp/7z-linux/do-build.sh.docker run --rm -v /tmp/7z-linux:/project buildpack-deps:xenial /project/do-build.sh

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\linux\x64\do-build.sh

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Bourne-Again shell script, ASCII text executable
Category:dropped
Size (bytes):646
Entropy (8bit):4.968817229012138
Encrypted:false
SSDEEP:
MD5:2F48A9C98543108EDADEDCBF4D45B4AE
SHA1:A7B0BAFDFB070E0CC6FDFA2977648B8D07593F5E
SHA-256:4304F90E9B9266CCCF357B212C6A8EA3B0816B68C39A4D4691D638C9E2F07286
SHA-512:CD17C759B1E7800260EB70BEFD37C273C78B34C44280290D60D406EFE0A174CB34A727BC2CF42E8FB80BB65924AC405175BFF69F34C115527EBC573A6A430B42
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:#!/usr/bin/env bash.set -e..apt-get update -qq.apt-get upgrade -qq..echo "deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-5.0 main" > /etc/apt/sources.list.d/llvm.list.curl -L http://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add -.apt-get update -qq.apt-get install -qq bzip2 yasm clang-5.0 lldb-5.0 lld-5.0..ln -s /usr/bin/clang-5.0 /usr/bin/clang.ln -s /usr/bin/clang++-5.0 /usr/bin/clang++..mkdir -p /tmp/7z.cd /tmp/7z.curl -L http://downloads.sourceforge.net/project/p7zip/p7zip/16.02/p7zip_16.02_src_all.tar.bz2 | tar -xj -C . --strip-components 1.cp makefile.linux_clang_amd64_asm makefile.machine.make -j4.mv bin/7za /project/7za.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\mac\arm64\7za

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Mach-O 64-bit arm64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK|PIE>
Category:dropped
Size (bytes):988208
Entropy (8bit):5.922329874968026
Encrypted:false
SSDEEP:
MD5:D8257AA0B1EB873E9EE8F89E97ED9B26
SHA1:0B3BE717F56AD4AB2C1745DA8BE7A7833B47D3F6
SHA-256:6F4DD78A82CF574F49118D99BE620FD3EDCFA9E48971D8523816B7ED20419C47
SHA-512:B850DE0E1E85DAE63EA4B857129EC1EB0BCB7EAE3C2100A9FA600D2D5F4D9BC8DAA0D07E148A2A57079E5496A68013C03725AC8DD3A39311E51660F27D29D1DE
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:..........................!.........H...__PAGEZERO..........................................................x...__TEXT...................@...............@......................__text..........__TEXT...........!......D........!..............................__stubs.........__TEXT..................4.......................................__stub_helper...__TEXT..........4...............4...............................__const.........__TEXT..........P........2......P...............................__gcc_except_tab__TEXT..................$.......................................__cstring.......__TEXT.......... .......V0...... ...............................__unwind_info...__TEXT..........x........H......x...................................8...__DATA_CONST.....@...............@..............................__got...........__DATA_CONST.....@...............@..................o...........__mod_init_func.__DATA_CONST.....A......P........A..............................__const.........__DATA_CONST....

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\mac\x64\7za

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK|PIE>
Category:dropped
Size (bytes):2941888
Entropy (8bit):6.509159959335658
Encrypted:false
SSDEEP:
MD5:335361D7F6FAF13CADBF116BFDB97226
SHA1:D6CBA0F2E221D1061261767EC38DDD7C550015A3
SHA-256:434075F6FF5EA9250571033CA06B95D464EFCAD87A528DD0B224816C86B1A444
SHA-512:5FA86F6EC50E0F2FA87EC7CFA0E98CF2BFE158035E5AF024E017CCE4DDB33AEA631008E43328E6049E0F95E8C63DAC8B1E03D3C949B34AD2A3E94AB979CAD0E0
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:..........................!.........H...__PAGEZERO..........................................................x...__TEXT...................0)..............0).....................__text..........__TEXT..................._ .....................................__stubs.........__TEXT..........tv .............tv .............................__stub_helper...__TEXT..........Xy .............Xy .............................__const.........__TEXT...........~ ......h.......~ .............................__gcc_except_tab__TEXT............'.....|.........'.............................__cstring.......__TEXT............(.....3>........(.............................__unwind_info...__TEXT............(.....L[........(.....................................__DATA...........0)......`.......0).............................__nl_symbol_ptr.__DATA...........0)..............0).................{...........__got...........__DATA...........0)..............0).................|...........__la_symbol_ptr.__DATA..........

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\package.json

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:JSON data
Category:dropped
Size (bytes):244
Entropy (8bit):4.447758219163925
Encrypted:false
SSDEEP:
MD5:2A3677C6C6BBA9A148BC83C2F145D136
SHA1:1B828BD2E2B4EAAED8E68821692A0BF87BDD54DB
SHA-256:ACABCD4F1C0B7399DE4C213E8FDFD5D064F29E278F94BD5B763D8AC8555E2C18
SHA-512:907651C11E31CE7C8242C825033E168C04A185E4717D6C28B1C77A48317EF662419C833300198FC6292721299905D7FE32069307BCC5751E3192E50C3C26209B
Malicious:false
Reputation:low
Preview:{. "name": "7zip-bin",. "description": "7-Zip precompiled binaries",. "version": "5.2.0",. "files": [. "*.js",. "7x.sh",. "index.d.ts",. "linux",. "mac",. "win". ],. "license": "MIT",. "repository": "develar/7zip-bin".}

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\7zip-bin\win\arm64\7za.exe

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PE32+ executable (console) Aarch64, for MS Windows
Category:dropped
Size (bytes):1104792
Entropy (8bit):6.353801915374218
Encrypted:false
SSDEEP:
MD5:AE6E345533241EB7C890537DF9DE04BA
SHA1:18EE28C8FDB186A0977EAD7C3BFA65580BF3AEDF
SHA-256:6ABB8F713AE35BF878DD02A61DD767D388F47BD18E80C7BC8B0161274CC49A45
SHA-512:668B04E83288956F4E500E9EC3BF6D462CC0B7C1691ACC9EC5530C9AC5E5077814F3E33F961D3778554BF2A4B8F97708D44EEA5BF3BA554EB508541F0DBE678B
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......@..........................h.......h.......h...................................../.....b.............Rich............PE..d....c.`.........."..........6.................@.............................`......:.....`.....................................................d....0...........i.......=...@.......x.............................. y..8............................................text...l........................... ..`.rdata..............................@..@.data...t.... ......................@....pdata...i.......j..................@..@.rsrc........0.......|..............@..@.reloc.......@......................@..B................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\.babelrc

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:JSON data
Category:dropped
Size (bytes):726
Entropy (8bit):4.150618061565444
Encrypted:false
SSDEEP:
MD5:9750DF8DB13F2820DED2FCE34A985A04
SHA1:6F388BA13F1DB96C422850D5F5C4CC9A93A856D0
SHA-256:60730749E66AF4AB471DD4BD0B174EC6AF5BB2C283C46B35488631AED0BC5293
SHA-512:69903F128989182B57FAD6F66E7A69C6ED263D61060EC406866087C069D8B8AEE211E84F84FDB7CE8D488C64AD3150752F822176E3C7ACD2A7EC1456B0A0EBAB
Malicious:false
Reputation:low
Preview:{. "env": {. "development": {}. },. "presets": ["stage-0", "es2015"],. "compact": true,. "plugins": [. "transform-runtime",. "transform-regenerator",. "transform-decorators-legacy",. "transform-class-properties",. "transform-flow-strip-types",. "syntax-object-rest-spread",. "syntax-decorators",. "syntax-async-functions",. "array-includes",. ["transform-async-to-module-method", {. "module": "bluebird",. "method": "coroutine". }],. ["babel-plugin-module-alias", [. { "src": "./src/", "expose": "~" },. { "src": "./test", "expose": "t" }. ]],. "lodash". ].}.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\.eslintignore

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ASCII text
Category:dropped
Size (bytes):14
Entropy (8bit):3.3787834934861767
Encrypted:false
SSDEEP:
MD5:4FE79B6FB2D539633F983C74C8677EA9
SHA1:3CA0E72FDFD533E411CC95DC9C91C5EC59661F95
SHA-256:4D56952B0FB13BF8F9B6C13A6D4C34A075BAC3AF447636A1DF4335D7576E2F97
SHA-512:7124CF8B0D12171FFD208071F243B4BE4308A2E3BBCB34BEEC75C55A262A31A5F1C2CEDD620468E4E464E0536F41B2C9202668B71478B4C7E147B47DBD6581EB
Malicious:false
Reputation:low
Preview:node_modules/.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\LICENSE

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ASCII text
Category:dropped
Size (bytes):1083
Entropy (8bit):5.113046393787529
Encrypted:false
SSDEEP:
MD5:4C5CC4436F959FB9FF3C5173471539C5
SHA1:538368BBFFA44452136BE8BE6C795B2820275B9B
SHA-256:E6466A9964B3281C7048B0F318F4D24113A8E01941FB5268DA55741150C98851
SHA-512:C0C52B4E9B585A216FCE67552E490D754A5F8BAD6C99732E3873ED844BB9ABA514A09630B113D6B955CBAB1BD99496A87609C2CC96AE55708C72FBC9336D6CA7
Malicious:false
Reputation:low
Preview:The MIT License (MIT)..Copyright (c) 2016 Aleksandr Komlev..Permission is hereby granted, free of charge, to any person obtaining a copy.of this software and associated documentation files (the "Software"), to deal.in the Software without restriction, including without limitation the rights.to use, copy, modify, merge, publish, distribute, sublicense, and/or sell.copies of the Software, and to permit persons to whom the Software is.furnished to do so, subject to the following conditions:..The above copyright notice and this permission notice shall be included in all.copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,.FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE.AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER.LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,.OUT O

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\assets\linux.png

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PNG image data, 437 x 191, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):69110
Entropy (8bit):7.99077628952399
Encrypted:true
SSDEEP:
MD5:1D6A2C8645A97501F743A9AFB88452A2
SHA1:805E9199FFEECC6E90495FC623B772AA079D5575
SHA-256:A22BA336AC380224721B26995D39B76931BB4C530B46332D344E3597EDE1342D
SHA-512:CB3DE16CC33080127638279D600B59826882C0DAAEC71698E84A5FAD8C0136D847C3644EEAEE2D74221CCC037C1E0DA72A3EAD259A08D27BD8AF68FA505986FA
Malicious:false
Reputation:low
Preview:.PNG........IHDR.............yFB.....iCCPICC Profile..H..W.XS...[R..-..).7Az..;..FH...CBP.....]DPTtED....`A.{_.QYY..6T.$.t.W.w.o..9s...;s3...=K .F........}..I.L..........-.xGE..(.....-h..$.?...(s."6.H....;..#...l.0..B......H.[.U.. .D..........&6..b?..T.K....$>3....(. ..sx|..C...`q .xBN.L......~.'.o1S.b.X.cX..T.~<. .5..,....l.....Q3.A..a..d...`..i.FDB.....Gj/..2.Aq#..l./..`...../.bXK.!.....,...........*..=....gG...Y.....\...M./ .b...#....2...|^|....w..bBG|..d.F.........M..D.l0...h^...%.K.b.... ./...%..r.p..e.0...7.....'z.H..5b.Ur...eu....cF}....&...8...%...E...8.....0...T0.d.^{.C?.%..., ...,G4.....>|...'D\ ...rA>...... M:./...O!..5q.....O/.lqg.e..8:+..G."....x.!.l...ot.....$\..9|.GxJ.$<&.$t..x.D.e.j..P..s&..]0Z.Hv.0f..n.Y;.>.;.....\.X..0.o.......3..q.V....>..........7.;f.c...j.}..r.0....b.X.`b'.F..;..c+.t%...-....Fm.k...?.cv.....}.<..<..).#.g.1.......&0m.m...|.e..7..w.a\...=..K1T.....8.....o:..p{...x.[,..p...9.....:....l.#p.^....H....tX..

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\assets\osx.png

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PNG image data, 888 x 466, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):63311
Entropy (8bit):7.916817231133606
Encrypted:false
SSDEEP:
MD5:4D694638BEB143B20CB83BEACCE52EC3
SHA1:E076361CD616A8C3FCDB51EB6D49EDA3CDE6D804
SHA-256:25A690E1657B6CB392807933F46893B018232A84FC85D5A35AFB2592F3D7AFAA
SHA-512:5AE213704ED955D445D1A758EAA92B0F1CEC9B37FF24A7CFA9162F87E3993EA50F152EE415745F16AED287318EB2287034115AA7C7781769383E1D627938FBD2
Malicious:false
Reputation:low
Preview:.PNG........IHDR...x..........vi.....iCCPICC Profile..H..W.XS...[R..-..).7Az.....`#$.B.!.T..k..Vt.D......(.D.^7.......*o....+.;.7s..9....;..@.%.d.J.d...>...D&I.......c.s...............r.R....U.9.\6.H...\v.....5..a.....7..'.....!A..d.N.a-.N.ak.Mt./.~...,.0...I|f>;..Q.@l..........@,.xBVV6.T.M........c1Y..1,.E*d?^. .5..,....L.....Q.A...a.*2.C$.rG...a...@|...K.4QP.}?;....0.@.....1.%..e.x.`[.P....0^^p..N.fG..G...a.#qV.q.G.Nn...M./ .b.....i.q2.hK>/6.b..;r3.BF|........E.....M..D.l0....0+6K:.:.^yi.A2_,....:....q.8\~..7......."Af.=.....).3v$7?j.+..0Y......2..;A^D.....P......`K.. ......./.H.`.!H.\`9.......a......qA..t.....V.[...h..#.<.8...=p7<..^......SqtV.?..D. ...`C.......B.....p...-..)...p. &.....4..,^....L0..a....a.Q....v.}pw..r...&...a&.'...j.g(.....?.'a.}>#z.s.....co.w...(.....!?Zb+.cX+v...5bu.....6.....'.0:[..[.............Y#......s.$..o.`.......;2...g[M`.Z.8. ..e....t.F....r..p)...o:...'..@..Mg..~^k.8.....e:\.....s.......)...8.7....d...A.....

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\assets\win32.png

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PNG image data, 466 x 389, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):36753
Entropy (8bit):7.964554580118444
Encrypted:false
SSDEEP:
MD5:753CAF627FAB4A313DA5E3C8B2D36742
SHA1:8988FFB3C0B84D98D31D115BCAAF35415B3B64C9
SHA-256:7E2E1978B862C0D03496E336A285C085098C7DD758005A1449A3975E7DC5F2FC
SHA-512:6D535F316EAEBC348A85ED93A7CA4B61ADDAEA193E406B2C2BCC5FA646C99D7D08948A8D8CA1ADA874B397CF625052955BF8E89448B65ACDD5C330D81BBD09FD
Malicious:false
Reputation:low
Preview:.PNG........IHDR.............I.ry....sRGB.........gAMA......a.....pHYs..........o.d...&IDATx^..x....y....(WT.......*\.`...i"....R..."...{.=..z/i...I......33.gfg7.l.B..>...3.....9;..'O.A.].P!.X,............._....)G*V...-Z..G.B$..D".W...Sgp.....w.A........1h.v.X,...~....L.{..S.R..2D...!...b.8..L.....d..g...;x>....b.X..g....3U ..D.D....b.X.....Y.... .r.....%...b.8HO8qQ.c.@...p.X,.... =....#.....b.X....s.t..b.X,......Kv..^./..2;.=..E....G/.=|.6.b.X,...&,E.K....d..<..>...q.H."...9.1t.l..:...7b...w..o.F..C.1..V,....`....`...ks....r.....c..O..&,F......l...........rL!l..../_...6.8......%...bqZ.....qj.l3....Gw......:.......6o.....hD,....7$.^..7.A.~.!....M..[.nUq....5/.X,...2.....81a0NN4...p~U......o>.m.K...\....|.....c../..!>>...9.....}t...?.';m.%....&..T!$.z......{....5....X..Py\Za..f%. O.a..r....3T.<..i._].e...<..b.e...Mkp|L...6.....e...1.....cd...u..._.. ..".M3....p[..T.<..g....qx..Z$F.......'.....a.W< u.k..x7...z|Za...?.g...g.(...F.....w.......P.:..X

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\dist\bin\applet.app\Contents\Info.plist

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:XML 1.0 document, ASCII text
Category:dropped
Size (bytes):960
Entropy (8bit):5.137410457860693
Encrypted:false
SSDEEP:
MD5:A0E3BDBE9880037F3C31443251B43932
SHA1:5786A415FD2DBCC2250751A15801225B88AB7993
SHA-256:36F93F53854708454D6F6F05232E28B17B1DBFBE94CC194470E449C4E7E9DBA3
SHA-512:355863267B4E48AE9575CA1BAAB1C2A167FE60E7EA568DF52EBFB317C89E0511B5C88F13FBD55B880B4B53CE0A688C0C005412BC31C67C0E895F123F713C75F6
Malicious:false
Reputation:low
Preview:<?xml version="1.0" encoding="UTF-8"?>.<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">.<plist version="1.0">.<dict>..<key>CFBundleAllowMixedLouserzations</key>..<true/>..<key>CFBundleDevelopmentRegion</key>..<string>English</string>..<key>CFBundleExecutable</key>..<string>applet</string>..<key>CFBundleIconFile</key>..<string>applet.icns</string>..<key>CFBundleIdentifier</key>..<string>com.electron-sudo</string>..<key>CFBundleInfoDictionaryVersion</key>..<string>6.0</string>..<key>CFBundleName</key>..<string>Password Prompt</string>..<key>CFBundlePackageType</key>..<string>APPL</string>..<key>CFBundleShortVersionString</key>..<string>1.0</string>..<key>CFBundleSignature</key>..<string>aplt</string>..<key>LSMinimumSystemVersionByArchitecture</key>..<dict>...<key>x86_64</key>...<string>10.6</string>..</dict>..<key>LSRequiresCarbon</key>..<true/>..<key>LSUIElement</key>..<true/>.</dict>.</plist>.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\dist\bin\applet.app\Contents\PkgInfo

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ASCII text, with no line terminators
Category:dropped
Size (bytes):8
Entropy (8bit):2.75
Encrypted:false
SSDEEP:
MD5:DB6F4017A24D2CB070AD3DE12ADB78F4
SHA1:94FDBEE3E734A2DF38FD68BE4837E8FEF066F005
SHA-256:412D70757C4FDECDD73355AC4BB3BA80C6705110D15CFBC9FE925E7B4FAF7962
SHA-512:DECF0A4297001FE030BBEBA5748A72E9685A4590C83A90EC512DC28412A4A4F89E8CE97D1C8824309F50D9EA111E42C9428714017BDAD47FF3FD7D241E19A352
Malicious:false
Reputation:low
Preview:APPLaplt

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\dist\bin\applet.app\Contents\Resources\Scripts\main.scpt

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:AppleScript compiled
Category:dropped
Size (bytes):526
Entropy (8bit):4.787465829121365
Encrypted:false
SSDEEP:
MD5:35AAEB5ECDDA5864920916F04D2EC307
SHA1:266EE05DD4A3E1869E318825C97C3290AE4439E5
SHA-256:21FF89939FD03764301B1AB1CEF0BAA277BD2245FC5B9B4B5AED08C1EFEDFFF3
SHA-512:00A609155A776CDFDB0A0CF4C6EA43E0DCB9A8CA2D3B842DACB426A83B835C053700388912B4F1575150167167AAB442FCC5B436E1326D81C6BB8E10AC3A1520
Malicious:false
Reputation:low
Preview:FasdUAS 1.101.10........................l.................I..................sysoexecTEXT........TEXT.....m....................j.m.k.d.i.r. .-.p. ./.v.a.r./.d.b./.s.u.d.o./.$.U.S.E.R.;. .t.o.u.c.h. ./.v.a.r./.d.b./.s.u.d.o./.$.U.S.E.R.................badm.....m..............boovtrue..................................................aevtoappnull........****..........................aevtoappnull........****.....k......................................................badm......sysoexecTEXT........TEXT.......el....ascr.......

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\dist\index.js

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ASCII text, with very long lines (32007)
Category:dropped
Size (bytes):48954
Entropy (8bit):5.164695833626107
Encrypted:false
SSDEEP:
MD5:823D9EDB41E23EF3F69D48AC948455AB
SHA1:2DD84A578A5071CEF204B0AEB846B3B2ED7FCD3E
SHA-256:B7B3666771CBBF0FDB1E25B1154F5CEBB48C7B8160A669A4B352194EAF2A674C
SHA-512:1AED2C1643C85301F4C5347296DC3885B9C93B7392ECF88428545A735DB9AE51019AE5AA682EC2276582BD377B93E72B999B12485BAE1D5AA2557C5BE09486F1
Malicious:false
Reputation:low
Preview:!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e(require("bluebird"),require("fs"),require("child_process"),require("crypto"),require("os"),require("path"),require("regenerator-runtime")):"function"==typeof define&&define.amd?define(["bluebird","fs","child_process","crypto","os","path","regenerator-runtime"],e):"object"==typeof exports?exports["electron-sudo"]=e(require("bluebird"),require("fs"),require("child_process"),require("crypto"),require("os"),require("path"),require("regenerator-runtime")):t["electron-sudo"]=e(t.bluebird,t.fs,t.child_process,t.crypto,t.os,t.path,t["regenerator-runtime"])}(this,function(t,e,n,r,u,o,i){return function(t){function e(r){if(n[r])return n[r].exports;var u=n[r]={exports:{},id:r,loaded:!1};return t[r].call(u.exports,u,u.exports,e),u.loaded=!0,u.exports}var n={};return e.m=t,e.c=n,e.p="./dist",e(0)}([function(t,e,n){t.exports=n(61)},function(t,e){var n=t.exports={version:"2.4.0"};"number"==typeof __e&&(__e=n)},function(

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\dist\index.js.map

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:JSON data
Category:dropped
Size (bytes):300805
Entropy (8bit):5.442229031893361
Encrypted:false
SSDEEP:
MD5:E70926241B2B59B884DBCA1FC61DD02D
SHA1:CCA65EC415887872175408F2EA51CEF14EC144D4
SHA-256:74041651D498E540297462860D0E54F2344CC64FEDF6AA09E5DCB06033DAB2A2
SHA-512:D9F5B09384F10B216BCAEB52B54022A9C466F1202731CF8195F49EAA4EC22EB91684016D9E50BFCC877ECF2DD085DAD55D4C41E09AC096445A574C9EAD73ED01
Malicious:false
Reputation:low
Preview:{"version":3,"sources":["webpack:///webpack/universalModuleDefinition","webpack:///index.js","webpack:///webpack/bootstrap d4f925d5d0eb044ce2fc","webpack:///./~/core-js/library/modules/_core.js","webpack:///./~/core-js/library/modules/_wks.js","webpack:///./~/core-js/library/modules/_global.js","webpack:///./~/core-js/library/modules/_export.js","webpack:///./~/core-js/library/modules/_object-dp.js","webpack:///./~/core-js/library/modules/_an-object.js","webpack:///./~/core-js/library/modules/_descriptors.js","webpack:///./~/core-js/library/modules/_has.js","webpack:///./~/core-js/library/modules/_hide.js","webpack:///./~/core-js/library/modules/_to-iobject.js","webpack:///./~/core-js/library/modules/_ctx.js","webpack:///./~/core-js/library/modules/_fails.js","webpack:///./~/core-js/library/modules/_is-object.js","webpack:///./~/core-js/library/modules/_cof.js","webpack:///./~/core-js/library/modules/_iterators.js","webpack:///./~/core-js/library/modules/_object-keys.js","webpack:///./

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\package.json

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:JSON data
Category:dropped
Size (bytes):1930
Entropy (8bit):4.837487316541724
Encrypted:false
SSDEEP:
MD5:3160A38541B1C59B22675163754EFB61
SHA1:8B563EE44FAC1C943154104EE5D8C87F80E89E0C
SHA-256:DB9971471DBA92B66B9AD5A5DFE92987CAEA9861E7FB9A0CB0270F4023076621
SHA-512:26AEA6558DAF7241D3A8A993091E4B603362855989E2624DB81C50E2D25F38E9174AF7CFA725C847F917C0562B6DF2A4DFFF8CC4AF163EB4A127BA868A576E97
Malicious:false
Reputation:low
Preview:{. "name": "electron-sudo",. "version": "4.0.12",. "description": "Electron subprocess with administrative privileges, prompting the user with an OS dialog if necessary.",. "main": "./dist/index.js",. "author": "Aleksandr Komlev",. "license": "MIT",. "repository": {. "type": "git",. "url": "git@github.com:automation-stack/electron-sudo.git". },. "homepage": "https://github.com/automation-stack/electron-sudo#readme",. "devDependencies": {. "babel-cli": "^6.10.1",. "babel-core": "^6.10.4",. "babel-eslint": "^6.0.0",. "babel-loader": "^6.2.4",. "babel-plugin-array-includes": "^2.0.3",. "babel-plugin-lodash": "^2.2.1",. "babel-plugin-module-alias": "^1.2.0",. "babel-plugin-syntax-async-functions": "^6.5.0",. "babel-plugin-syntax-decorators": "^6.5.0",. "babel-plugin-syntax-flow": "^6.8.0",. "babel-plugin-syntax-object-rest-spread": "^6.5.0",. "babel-plugin-transform-async-to-module-method": "^6.7.0",. "babel-plugin-transform-class-prop

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\bin\applet.app\Contents\MacOS\applet

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Mach-O universal binary with 2 architectures: [i386:\012- Mach-O i386 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|NO_HEAP_EXECUTION>] [x86_64:Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|PIE>]
Category:dropped
Size (bytes):25032
Entropy (8bit):1.036530424726268
Encrypted:false
SSDEEP:
MD5:BB97E2AE9BC6BF8E171D26E40F59361F
SHA1:9BCD87D5BCA1E18EFBD118D93D76002AA12BAA12
SHA-256:1F93D65A2692DA30BA3997FDFBFBBE5880C2EA76D6CAB9102FAA8A6431350E02
SHA-512:606111B939B1FBE3008F90AF616470E9C9D320A70021348540C03D32355892C5989DF28D08158930BDA313D3F0D9549AAAAA7EA6C1788CE4E283340ABB954163
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:......................!...............@...!.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\bin\applet.app\Contents\Resources\applet.icns

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Mac OS X icon, 56351 bytes, "ic08" type
Category:dropped
Size (bytes):56351
Entropy (8bit):4.184956630715575
Encrypted:false
SSDEEP:
MD5:9ACE56046961A8104D0F5121872CC010
SHA1:80FE32788DAF39B1C16FF4C471191D1D212423FB
SHA-256:DD9AA7A2C61535A9A49645F7F049A5581BE150456EC1F18193D43EA0B6CC273A
SHA-512:330AD8371FCCF39EFFFC847A32BE32CFEA8A8693474D7D0537E80C0B0200EE8561A732FB98072CAA5A4D65382B417D78430586B640266C811C51F3EF3AC1529E
Malicious:false
Reputation:low
Preview:icns....ic08....PNG........IHDR.............\r.f....iCCPICC Profile..8..U]h.U.>.sg#$.Sl4.t.?.%..V4......6n.I6.".d.....83...OEP|1..... (...>./..%.. (>...P..;3.i...e.|..{.g...X.......-.2.s...=+.......WQ.+].L.6O.w.[.C.{_.......F.. q.b.......U.v.z...?.Z..b.1@./z..c..s>~.if.,...USj.......F..1.._.Mj...b.u..p.a..m.h..m...>..a\.+5%..Q.K...F...km}.......?........D\..........!~.6.,.-..7..S......v.5Z..;....[...r.mS.....5..{yD...yH.}r.9..|..-...........FA......J...j..I.....[/.]m...K..7..K....R..D..r..Y..Q..O.-....Q...|.|.6........(.0...MX..d(@....h....2....._.f....<.:........._....*d.>.........e.\c.?~,7.?&. ...^2I..q2."y.<M.....d...JlE^<7....3R..E.9...`.3*L\S.,...#.)..]..._.\.,7Q.....W.._...2.+.j....W.r.Z..L..lXswU.m.........q..W.F~....]<Yo..F....j.V.N.D...,.'}(...}.}.}.}.]..;....p.s_..j..Z.{.y..g.k.J!#l...r.6.Qa2.'..cBQ......./.=..c...\..V......M.UUT.p.).VoM8.A..$Cd..6T..W.".O.Ri.S;S....A....v.m.....n.R..c.}.Y.:n....wK.b..6*.......L.hS..mZ..

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\bin\applet.app\Contents\Resources\applet.rsrc

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Apple HFS/HFS+ resource fork
Category:dropped
Size (bytes):362
Entropy (8bit):0.8372946718498536
Encrypted:false
SSDEEP:
MD5:4CDCDD8071D02EDE6173232F7BB19BDB
SHA1:B70C045A79039E50417958FDDB7FEA8B4B9EFBFD
SHA-256:6F2A0CD9DBFC52578DC28A25ABE671D0AE63C36CDD06B6BE8F08C56F02FBBA13
SHA-512:049C467EED33D2D19CEEEA6A00218DC3236FF27310277416CF8891243D774498172755CD7D5F0433EE0E8DC677FB350A25E44D9C763498E4906AB13DD92074F5
Malicious:false
Reputation:low
Preview:.......$...$...F....................................................................................................................................................................................................................................................@......................................$...$...F...........F..scsz....spsh............................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\bin\applet.app\Contents\Resources\description.rtfd\TXT.rtf

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Rich Text Format data, version 1, ANSI, code page 1252
Category:dropped
Size (bytes):102
Entropy (8bit):4.53830019144452
Encrypted:false
SSDEEP:
MD5:CB51E6FA885502BA84F7D85355106E28
SHA1:DEF335A818A1ADE9E99CFE7144E83BED2723212D
SHA-256:CA58C48C0F35C7768863F31357F68393F7709E9810818B3A06B3004274F03A56
SHA-512:33DBEB9C18E2A54C7C41282D73284B0A8C6D3ED0BB5CC556CE5D02EF0C670C86B74B46589750B866D2F148FF3B7DEA655E1F3403F50847D527DE4D24A5CBB905
Malicious:false
Reputation:low
Preview:{\rtf1\ansi\ansicpg1252\cocoartf1404\cocoasubrtf130.{\fonttbl}.{\colortbl;\red255\green255\blue255;}.}

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\bin\applet.app\LICENSE

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ASCII text
Category:dropped
Size (bytes):1083
Entropy (8bit):5.108766249286325
Encrypted:false
SSDEEP:
MD5:DDBFD5852E8BD2337F0CC8A40D9F4D80
SHA1:8479B510D385D3C4BE23F6FFAD3B1BE2DB329179
SHA-256:BB6F80CCCD928864F67DC6DDBA48443DFB51191B9D6506B01823EC05C48A151D
SHA-512:875490E7FF4C9BB387E48223ED91B4D5F18DFBDC27F045AB7FB302D4882C094371FED961F9EEA85673AB41AA8FDD785412CC91FA3282270E24787949304BB146
Malicious:false
Reputation:low
Preview:The MIT License (MIT)..Copyright (c) 2015 Joran Dirk Greef..Permission is hereby granted, free of charge, to any person obtaining a copy.of this software and associated documentation files (the "Software"), to deal.in the Software without restriction, including without limitation the rights.to use, copy, modify, merge, publish, distribute, sublicense, and/or sell.copies of the Software, and to permit persons to whom the Software is.furnished to do so, subject to the following conditions:..The above copyright notice and this permission notice shall be included in all.copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,.FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE.AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER.LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,.OUT O

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\bin\libgksu2.so.0.0.2

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=17b66da0a6017393f25255d38295214ef8cf96cf, stripped
Category:dropped
Size (bytes):69720
Entropy (8bit):5.3458883418356296
Encrypted:false
SSDEEP:
MD5:6DBC4226A62A578B815C4D4BE3EDA0D7
SHA1:EB23F90635A8366C5C992043CCF2DFB817CF6512
SHA-256:0EB70BD4B911C9AF7C1C78018742CADB0C5F9B6D394005EAEAA733DA4B5766E5
SHA-512:3A2836F712AD7048DBEB5B6EEC8E163652F97BEA521EAFCFF5C598CBEDF062BAEFAA7079D3A614470EF99EC954DAC518224CB3515CA14757721F96412443C7C4
Malicious:false
Reputation:low
Preview:.ELF..............>..... o......@.......X...........@.8...@....................................................... .............`.......`. .....`. .............(......... ....................... ....... .............................................................$.......$...............P.td....................................................Q.td....................................................R.td....`.......`. .....`. .........................................GNU...m...s..RU..!N.......................D@..%p.......................D..D......@.P .-. (@.. 4."... .d.. ........................................................................................................................................ .......!.......".......#.......$.......%...'...............(...............)...............+...,...........-.............../...0...1...2...3.......4.......5...6...............................7...............8...........9...........:...<.......>...................?...............@.......

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\index.js

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Java source, ASCII text
Category:dropped
Size (bytes):407
Entropy (8bit):4.357564930051603
Encrypted:false
SSDEEP:
MD5:75421745810771AFE3B9C60F6976944B
SHA1:1FEFD8D5130D666B37300C3EDB8DB21BF68F5810
SHA-256:9F6B1977CABD50BF5460E8C6B0340B14BB2215E5C69A1426AA175C7736F6B689
SHA-512:058115ACD9DE60FE463936BE4BBB072651B46643A224EC45058D5128E57E4336529133937965B8A69470769FE8F8E03B4879E70B67D5FDD2C640A76DF7902E90
Malicious:false
Reputation:low
Preview:import {SudoerDarwin, SudoerWin32, SudoerLinux} from '~/lib/sudoer';..export default (() => {. let {platform} = process;. switch (platform) {. case 'darwin':. return SudoerDarwin;. case 'win32':. return SudoerWin32;. case 'linux':. return SudoerLinux;. default:. throw new Error(`Unsupported platform: ${platform}`);. }.})();.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\lib\sudoer.js

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:C++ source, ASCII text
Category:dropped
Size (bytes):15565
Entropy (8bit):4.162979721810545
Encrypted:false
SSDEEP:
MD5:00533154AE60F86DBBABD46FAC7189FD
SHA1:6F2C990179170819099838C60865035DCC55D217
SHA-256:15F5724858F4D8399766060FA1B01FAF4742167037FBE003365F15618A335C78
SHA-512:3AA96A15B26260D75B96292F0B7C31711016EE2D741535E33809AE9526C71922ED36D0F22EC083A8BD9909CEC97837BF898A3B15BB4F53842B4AA8231FC5F106
Malicious:false
Reputation:low
Preview:import {tmpdir} from 'os';.import {watchFile, unwatchFile, unlink, createReadStream, createWriteStream} from 'fs';.import {normalize, join, dirname} from 'path';.import {createHash} from 'crypto';..import {readFile, writeFile, exec, spawn, mkdir, stat} from '~/lib/utils';..let {platform, env} = process;...class Sudoer {.. constructor(options) {. this.platform = platform;. this.options = options;. this.cp = null;. this.tmpdir = tmpdir();. }.. hash(buffer) {. let hash = createHash('sha256');. hash.update('electron-sudo');. hash.update(this.options.name || '');. hash.update(buffer || new Buffer(0));. return hash.digest('hex').slice(-32);. }.. joinEnv(options) {. let {env} = options,. spreaded = [];. if (env && typeof env == 'object') {. for (let key in env) {. spreaded.push(key.concat('=', env[key]));. }. }. return spreaded;. }.. e

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\lib\utils.js

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Java source, ASCII text
Category:dropped
Size (bytes):1754
Entropy (8bit):4.409225544588778
Encrypted:false
SSDEEP:
MD5:EC39F3A3FC5AC81FB78BF850B7A0399F
SHA1:36DA94305711F08A0F071B9D418246F6F6385979
SHA-256:63FC039856840F6094CB94426B390BAA8D350FA4F863214278C27CEB7B6072E4
SHA-512:FEC6B15E164C0BAF70D906132BA080EF3310ABE9D70DC15156197A146326215A298082072F59C8ADD016C7BB10FDA407B266787F4DAF8F78BC73E229F2257342
Malicious:false
Reputation:low
Preview:import fs from 'fs';.import child from 'child_process';...function promisify(fn) {. return function() {. return new Promise((resolve, reject) => {. fn(...arguments, function () {. if (arguments[0] instanceof Error) {. reject(arguments[0]);. } else {. resolve(...Array.prototype.slice.call(arguments, 1));. }. });. });. };.}..async function exec(cmd, options={}) {. return new Promise((resolve, reject) => {. child.exec(cmd, options, (err, stdout, stderr) => {. if (err) { return reject(err); }. return resolve({stdout, stderr});. });. });.}..function spawn(cmd, args, options={}) {. let cp = child.spawn(cmd, args, {...options, shell: true});. cp.output = { stdout: new Buffer(0), stderr: new Buffer(0) };. cp.stdout.on('data', (data) => {. cp.output.stdout = concat(data, cp.output.stdout);. });. cp.stderr.on(

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\vendor\win32\Elevate\Elevate.rc

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:C source, ASCII text
Category:dropped
Size (bytes):2317
Entropy (8bit):4.552628749649556
Encrypted:false
SSDEEP:
MD5:9F6B2F1799BE96D87172CD03CE8A2C76
SHA1:407B54811673015B70EBDE1D79AAB6B4A2E39604
SHA-256:01749E2800F82985013D6E0282934E738806D0C22C74DDC5FA61A88ED4936D3B
SHA-512:E1C8CB8D2D231BF3EF314B4871878DF1989F807EEA3F57236B3F6A42681EDCC8EC9A5565E4F3956C0199551A411BD547295AAB702F24F636CE6824BA7566D60D
Malicious:false
Reputation:low
Preview:// Microsoft Visual C++ generated resource script..//.#include "resource.h"..#define APSTUDIO_READONLY_SYMBOLS./////////////////////////////////////////////////////////////////////////////.//.// Generated from the TEXTINCLUDE 2 resource..//.#include "afxres.h"../////////////////////////////////////////////////////////////////////////////.#undef APSTUDIO_READONLY_SYMBOLS../////////////////////////////////////////////////////////////////////////////.// German (Germany) resources..#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_DEU).#ifdef _WIN32.LANGUAGE LANG_GERMAN, SUBLANG_GERMAN.#pragma code_page(1252).#endif //_WIN32..#ifdef APSTUDIO_INVOKED./////////////////////////////////////////////////////////////////////////////.//.// TEXTINCLUDE.//..1 TEXTINCLUDE .BEGIN. "resource.h\0".END..2 TEXTINCLUDE .BEGIN. "#include ""afxres.h""\r\n". "\0".END..3 TEXTINCLUDE .BEGIN. "\r\n". "\0".END..#endif // APSTUDIO_INVOKED...///////////////////////////////////////////////////////

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\vendor\win32\Elevate\Elevate.vcproj

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:XML 1.0 document, ASCII text
Category:dropped
Size (bytes):7275
Entropy (8bit):5.031201928219232
Encrypted:false
SSDEEP:
MD5:F91509D26CF3DF34F03191342488A1E9
SHA1:F45CF7F4869A0D17F0479DF67400EB3E4C2562FD
SHA-256:23B1BB402BAEBDEF9AFB03E449A2E3A26B65F3ABCB62B9A64C547C42CA3B915E
SHA-512:93C900E1AEC2154F50409781E6F9C47865CC38A1AE1C65644FDAD133E06DD6EB6ACF69A1D1CC61746D043BCE4D2E6910184EE3347AE8A14C95E7065AFAE9168B
Malicious:false
Reputation:low
Preview:<?xml version="1.0" encoding="Windows-1252"?>.<VisualStudioProject..ProjectType="Visual C++"..Version="8,00"..Name="Elevate"..ProjectGUID="{D44F41E2-0CEE-4B9B-825D-1AEBF6DCAB1C}"..RootNamespace="Elevate"..Keyword="Win32Proj"..>..<Platforms>...<Platform....Name="Win32".../>...<Platform....Name="x64".../>..</Platforms>..<ToolFiles>..</ToolFiles>..<Configurations>...<Configuration....Name="Debug|Win32"....OutputDirectory="$(SolutionDir)bin\x86\$(ConfigurationName)"....IntermediateDirectory="$(SolutionDir)bin\x86\$(ConfigurationName)"....ConfigurationType="1"....CharacterSet="1"....>....<Tool.....Name="VCPreBuildEventTool"..../>....<Tool.....Name="VCCustomBuildTool"..../>....<Tool.....Name="VCXMLDataGeneratorTool"..../>....<Tool.....Name="VCWebServiceProxyGeneratorTool"..../>....<Tool.....Name="VCMIDLTool"..../>....<Tool.....Name="VCCLCompilerTool".....Optimization="0".....PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE".....MinimalRebuild="true".....ExceptionHandling="0".....BasicRuntimeCh

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\vendor\win32\Elevate\Elevate.vcxproj

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text
Category:dropped
Size (bytes):9245
Entropy (8bit):5.205392292157393
Encrypted:false
SSDEEP:
MD5:995D9259EACFB4D6C8F33026450AC103
SHA1:36D3190D199768ED90C9A776C1C677156F79BA03
SHA-256:9B63FF821B80316006F1D598E4220E945F5C53A0A1547E4DAA706BCD33106687
SHA-512:1CA684C08F55A9F405808BBBF265E0F421320EC6B0EA3A7ADDF521A4C266E89F6F81A85895E8766F6D528D93E00C3CBEEC158C36BB65DE26EFF2593D6AC3DF3C
Malicious:false
Reputation:low
Preview:.<?xml version="1.0" encoding="utf-8"?>.<Project DefaultTargets="Build" ToolsVersion="14.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">. <ItemGroup Label="ProjectConfigurations">. <ProjectConfiguration Include="Debug|Win32">. <Configuration>Debug</Configuration>. <Platform>Win32</Platform>. </ProjectConfiguration>. <ProjectConfiguration Include="Debug|x64">. <Configuration>Debug</Configuration>. <Platform>x64</Platform>. </ProjectConfiguration>. <ProjectConfiguration Include="Release|Win32">. <Configuration>Release</Configuration>. <Platform>Win32</Platform>. </ProjectConfiguration>. <ProjectConfiguration Include="Release|x64">. <Configuration>Release</Configuration>. <Platform>x64</Platform>. </ProjectConfiguration>. </ItemGroup>. <PropertyGroup Label="Globals">. <ProjectGuid>{D44F41E2-0CEE-4B9B-825D-1AEBF6DCAB1C}</ProjectGuid>. <RootNamespace>Elevate</RootNamespace>. <Keyword>Win32Proj</Key

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\vendor\win32\Elevate\Elevate.vcxproj.filters

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text
Category:dropped
Size (bytes):1257
Entropy (8bit):5.168262002923168
Encrypted:false
SSDEEP:
MD5:79ADFF7E182DE33C3615383F6338053C
SHA1:335B3B3A4570CB32611A65F8AC20B1E38F85940B
SHA-256:A6EA2C77DEF26234FC34B962CDD6E852F616C616A07A0AE5A770D8CFF7C2750B
SHA-512:D319967D2D6891FB017F7D7D52CD8F17C9D8CCC8DE028EDBEBA689AE1D61144FF286C4FC76D1A41FAA3AF9CDF962343909078E325599E5DE64EA8CF0E3C6F72E
Malicious:false
Reputation:low
Preview:.<?xml version="1.0" encoding="utf-8"?>.<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">. <ItemGroup>. <Filter Include="Source Files">. <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>. <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>. </Filter>. <Filter Include="Header Files">. <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>. <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>. </Filter>. <Filter Include="Resource Files">. <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>. <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav</Extensions>. </Filter>. </ItemGroup>. <ItemGroup>. <ClCompile Include="main.c">. <Filter>Source Files</Filter>. </ClCompile>. </ItemGroup>. <ItemGroup>. <ClInclude Include="resource.h">. <Filter>Header Files</Filter>. </

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\vendor\win32\Elevate\main.c

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:C source, ASCII text
Category:dropped
Size (bytes):5641
Entropy (8bit):5.476611565735008
Encrypted:false
SSDEEP:
MD5:1352DA9CA3478119C3089A72C8A38959
SHA1:53FDDFBD80CFA70422104F99D29935F7C6775E2E
SHA-256:229FBF355EEE6D319CF559B0C6707BCCB6A3705DDE2FF92F30D751768C67E332
SHA-512:B438B29C1D38619BD6D3E75D283AB04F43135A70505F516A1A0D61F90F1797734B2818E518F4E042B89977690D44DC7C4BB3FF85F3CD2FA16FBFBC41E2EAD017
Malicious:false
Reputation:low
Preview:#include "stdafx.h"../*----------------------------------------------------------------------. * Purpose:. *..Execute a process on the command line with elevated rights on Vista. *. * Copyright:. *..Johannes Passing (johannes.passing@googlemail.com). *. * This library is free software; you can redistribute it and/or. * modify it under the terms of the GNU Lesser General Public. * License as published by the Free Software Foundation; either. * version 2.1 of the License, or (at your option) any later version.. *. * This library is distributed in the hope that it will be useful,. * but WITHOUT ANY WARRANTY; without even the implied warranty of. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU. * Lesser General Public License for more details.. *. * You should have received a copy of the GNU Lesser General Public. * License along with this library; if not, write to the Free Software. * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. */..#define

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\vendor\win32\Elevate\resource.h

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:C source, ASCII text
Category:dropped
Size (bytes):387
Entropy (8bit):5.0379326973092855
Encrypted:false
SSDEEP:
MD5:BC9E62B6CB089B290B08411B916204E1
SHA1:385BD286F697C2D137195D90E1B251727289111C
SHA-256:4926563E9C1173A2BDC8E2280B2A2BF50B20F897C373AEBABD4F23BDBF4CABEC
SHA-512:427BEA2B1B904BC8A7B599E7B6451C94EBE7A22C0BA56B1798EDA9F03A11115CF6D18A14069FFE4B8CE879C48195314FBE0429527C798FF435C96A7D2E2E263E
Malicious:false
Reputation:low
Preview://{{NO_DEPENDENCIES}}.// Microsoft Visual C++ generated include file..// Used by Elevate.rc..// Next default values for new objects.// .#ifdef APSTUDIO_INVOKED.#ifndef APSTUDIO_READONLY_SYMBOLS.#define _APS_NEXT_RESOURCE_VALUE 101.#define _APS_NEXT_COMMAND_VALUE 40001.#define _APS_NEXT_CONTROL_VALUE 1001.#define _APS_NEXT_SYMED_VALUE 101.#endif.#endif.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\vendor\win32\Elevate\stdafx.h

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:C source, ASCII text
Category:dropped
Size (bytes):1115
Entropy (8bit):5.129632346868624
Encrypted:false
SSDEEP:
MD5:18446A8A111F9C09A49BBBA2AD8D1A14
SHA1:7BEEC2A3510A84CD1B8DEFD3CED70B72F215D6BC
SHA-256:343238ABC0C0BE5AAD8FA86841FC0870E14A49E8A3A7BA7F6723D53E7D8A2975
SHA-512:FBF03CB3895C1C174AA77E92C51672EF2AA61FFD17911948FCD25EC601DADFC238E529C1A34D85DD67664ED78EE2C55C700C27544FE810BD9E6CDB22B5842041
Malicious:false
Reputation:low
Preview:#pragma once../*----------------------------------------------------------------------. * Copyright:. *..Johannes Passing (johannes.passing@googlemail.com). *. * This library is free software; you can redistribute it and/or. * modify it under the terms of the GNU Lesser General Public. * License as published by the Free Software Foundation; either. * version 2.1 of the License, or (at your option) any later version.. *. * This library is distributed in the hope that it will be useful,. * but WITHOUT ANY WARRANTY; without even the implied warranty of. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU. * Lesser General Public License for more details.. *. * You should have received a copy of the GNU Lesser General Public. * License along with this library; if not, write to the Free Software. * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. */..#define _WIN32_WINNT _WIN32_WINNT_VISTA.#define NTDDI_VERSION NTDDI_VISTA..#include <stdio.h>.#includ

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\vendor\win32\LICENSE.md

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ASCII text
Category:dropped
Size (bytes):1099
Entropy (8bit):5.0732858053810705
Encrypted:false
SSDEEP:
MD5:FD6E94032D68672350E66A3B47D73067
SHA1:F208A7B7EB83D5166A81A749C2F11B5391D7DB55
SHA-256:9F72CD8204854A7C5049209EB4AE1552613F3116D97DD2E737F94C21C80D3FDF
SHA-512:228FEF1581F96DC32FFE6AB3A5A0B42BB9FFA31FBC6687CBEEA26E57CCB9CC04857D39FC2D35DBA8067861BEDF580A065062AC754355F7BE00F489E3E000B9FA
Malicious:false
Reputation:low
Preview:The MIT License (MIT)..Copyright (c) <year> <copyright holders>..Permission is hereby granted, free of charge, to any person obtaining a copy. of this software and associated documentation files (the "Software"), to deal. in the Software without restriction, including without limitation the rights. to use, copy, modify, merge, publish, distribute, sublicense, and/or sell. copies of the Software, and to permit persons to whom the Software is. furnished to do so, subject to the following conditions:..The above copyright notice and this permission notice shall be included in. all copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR. IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,. FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE. AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER. LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARIS

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\src\vendor\win32\README.md

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:ASCII text
Category:dropped
Size (bytes):194
Entropy (8bit):4.458666756135422
Encrypted:false
SSDEEP:
MD5:82C55D2745430C2AA545B43A7402095C
SHA1:BF8D975B5F76402D2ECAF79887262D66C6179903
SHA-256:1ABD5A7EDDD33E4563971064B9034065EB93D8677C7FC8CC012C714037D51989
SHA-512:FBC09EFFF510066550333105E6F6ED4E4841AE62DE54CC496A808BAD20A039038AD9C5F6A77860E4F4EAEE7D32A690D78F9FA1715FF983A0E546F7A94BB9F01C
Malicious:false
Reputation:low
Preview:elevate.exe.=======..This tool allows you to start a program with elevated privileges from the command line...Fixed and extended version of the original tool https://github.com/jpassing/elevate.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\webpack\chmod.js

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Java source, ASCII text
Category:dropped
Size (bytes):245
Entropy (8bit):4.701333511167404
Encrypted:false
SSDEEP:
MD5:2FA96AE21D1D13C3DC96C0958E9221DE
SHA1:E7028FB02439872DA94A73A4ED8B8FEDDB0CB25A
SHA-256:EBCF5AEF7C71BAB50DD649008621F7A0BEC5945A6AF14BE60A87FFF5F3276775
SHA-512:B88F23165BD90BE2A7CCEEA2B35F91D7CC6BFD3DB9A46D131B4A6A8DE74765E531CC8919641546387EA7E72F22C367AA5BA2D0D62A044FE617358050CFDDEC5B
Malicious:false
Reputation:low
Preview:import {execSync} from 'child_process';.let {platform, argv} = process;..switch (platform) {. case 'darwin':. case 'linux':. execSync(`chmod +x ${argv.slice(2, argv.length).join(' ')}`);. break;. default:. break;.}.

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\resources\app.asar.unpacked\node_modules\electron-sudo\webpack\config.babel.js

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:Java source, ASCII text
Category:dropped
Size (bytes):2359
Entropy (8bit):4.404827100359133
Encrypted:false
SSDEEP:
MD5:B920BEEBD20F4EC9F4B9E03884250E12
SHA1:7266EC4BC3ED609C8DAA3C5F8EA9D429345E190F
SHA-256:55AE9E62D55C7BC5B7E3D445A1EAB78DF5A5CCCFA2AA36494F4E48B1C7E8E65C
SHA-512:6C814CCFEDD6E5DD928401E1543BFF271FDF5394A1D966DEC711764FEA3775B21797C33152B0C224B27EC7E2C3B0B509413A638EB5D5EFBBDD582964EA997161
Malicious:false
Reputation:low
Preview:import fs from 'fs';.import webpack from 'webpack';.import CopyWebpackPlugin from 'copy-webpack-plugin';.import ShellPlugin from 'webpack-shell-plugin';..let nodeModules = fs.readdirSync('./node_modules'). .filter((module) => {. return module !== '.bin';. }). .reduce((prev, module) => {. return Object.assign(prev, {[module]: 'commonjs ' + module});. }, {}),. srcPath = './src/',. distPath = './dist',. babelNode = './node_modules/babel-cli/bin/babel-node.js';..export default {. entry: [`${srcPath}/index.js`],. output: {. path: distPath,. publicPath: distPath,. filename: 'index.js',. library: 'electron-sudo',. libraryTarget: 'umd'. },. target: 'electron',. debug: false,. //devtool: 'source-map',. module: {. loaders: [. {. test: /\.js$/,. exclude: /node_modules/,. loader: 'babel',. query: {. cacheDirector

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\snapshot_blob.bin

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):411024
Entropy (8bit):3.4553383832837543
Encrypted:false
SSDEEP:
MD5:151F35BC2D477870AC8E71F270F10FEB
SHA1:BB10501911D0C7DDFA351C1ACAE263E6B8D3A518
SHA-256:B4AA8033EC584E30A2D99E581C72EBD96047B19F4A13CC16248C9A74169B16D6
SHA-512:9CEA868570D07D235A25A9A552E0C4C7860217EF4158F6B1564279A388F5722C23860DCBE7C4BF44017CA4E5BDEED047AEF784DAD433465923E214F8883D6F0F
Malicious:false
Reputation:low
Preview:........T..T10.4.132.24-electron.0..........................................8....... ...i.......a........a........a........at.......a........a...............y.`H.....W.....W.A...W.A.D......`H.....W.u...W.E...W.E.D....`H.....W.....W.I...W.I.D......`H.....W.....W.M...W.M.D....1.`......W.y...W.Q...W.Q.D....].`H.....W.....W.U...W.U.D......`H.....W.....W.Y...W.Y.D....`H.....W.....W.]...W.].D....`H.....W.....W.a...W.a.D......`H.....W.}...W.e...W.e.D....`H.....W.....W.i...W.i.D....`H.....W.....W.m...W.m.D....`H.....W.....W.q...W.q.D.(Jb....B.....@..F^.....U`....`.....(Jb....F.....@..F^...`.....H.1.IDa........D`....D`....D`.......`.....D]...D....D`.......VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa............L`.....HD...%.D...L.......................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\v8_context_snapshot.bin

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:data
Category:dropped
Size (bytes):733672
Entropy (8bit):4.738537826793014
Encrypted:false
SSDEEP:
MD5:F7C60382741418A35EAC74393D425A66
SHA1:C8B23A5F1445484A2694577357065651B4D325F1
SHA-256:101931B319B26817A7CB9ADFBAF0B236B5C5226F4AD98741F1B3AE549E667CF7
SHA-512:098A289657AE47FA002E80C31DBCB780B73630742D34F467718730A5A788E6319D23467B9B14A9E0F8A212BC65C7EA19EE61B3BF7D7916142A956830F62990BD
Malicious:false
Reputation:low
Preview:........nv.-10.4.132.24-electron.0.......................................... $.......Z..........i....#..a........a........aR.......at.......a........a...............y.`H.....W.....W.A...W.A.D......`H.....W.u...W.E...W.E.D....`H.....W.....W.I...W.I.D......`H.....W.....W.M...W.M.D....1.`......W.y...W.Q...W.Q.D....].`H.....W.....W.U...W.U.D......`H.....W.....W.Y...W.Y.D....`H.....W.....W.]...W.].D....`H.....W.....W.a...W.a.D......`H.....W.}...W.e...W.e.D....`H.....W.....W.i...W.i.D....`H.....W.....W.m...W.m.D....`H.....W.....W.q...W.q.D.(Jb....B.....@..F^.....U`....`.....(Jb....F.....@..F^...`.....H.1.IDa........D`....D`....D`.......`.....D]...D....D`.......VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa............L`.....HD...%.D...L...............................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\vk_swiftshader_icd.json

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:JSON data
Category:dropped
Size (bytes):106
Entropy (8bit):4.724752649036734
Encrypted:false
SSDEEP:
MD5:8642DD3A87E2DE6E991FAE08458E302B
SHA1:9C06735C31CEC00600FD763A92F8112D085BD12A
SHA-256:32D83FF113FEF532A9F97E0D2831F8656628AB1C99E9060F0332B1532839AFD9
SHA-512:F5D37D1B45B006161E4CEFEEBBA1E33AF879A3A51D16EE3FF8C3968C0C36BBAFAE379BF9124C13310B77774C9CBB4FA53114E83F5B48B5314132736E5BB4496F
Malicious:false
Reputation:low
Preview:{"file_format_version": "1.0.0", "ICD": {"library_path": ".\\vk_swiftshader.dll", "api_version": "1.0.5"}}

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\7z-out\vulkan-1.dll

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
Category:dropped
Size (bytes):869888
Entropy (8bit):6.545218607455662
Encrypted:false
SSDEEP:
MD5:C30AFFE870916C5F1B563324919A1FF9
SHA1:AF548C228A139824F84D734DAA741CE8676B132E
SHA-256:018E4661E01287D47D92D68818AAEA3013C99ABD204563E078FD5A583E6879B7
SHA-512:47259C1DC718568AB61881497BF87CF73768D8B21676CB1A2C2EB364973E7984812E44A36F3B22E3EA2203F3436A6B9EE4A9C42D4A80319A5FAE18C224BE6910
Malicious:false
Reputation:low
Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d......c.........." .........B.......s....................................................`A............................................@!......P................g..............4...T.......................8...(...@...8...........X................................text............................... ..`.rdata..$x.......z..................@..@.data...xL....... ...z..............@....pdata...g.......h..................@..@.00cfg..(....P......................@..@.gxfg...`'...`...(..................@..@.retplne\............,...................tls................................@....voltbl.8............0.................._RDATA...............2..............@..@.rsrc................4..............@..@.reloc..4............8..............@..B........................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\SpiderBanner.dll

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:dropped
Size (bytes):9216
Entropy (8bit):5.5347224014600345
Encrypted:false
SSDEEP:
MD5:17309E33B596BA3A5693B4D3E85CF8D7
SHA1:7D361836CF53DF42021C7F2B148AEC9458818C01
SHA-256:996A259E53CA18B89EC36D038C40148957C978C0FD600A268497D4C92F882A93
SHA-512:1ABAC3CE4F2D5E4A635162E16CF9125E059BA1539F70086C2D71CD00D41A6E2A54D468E6F37792E55A822D7082FB388B8DFECC79B59226BBB047B7D28D44D298
Malicious:false
Antivirus:
  • Antivirus: ReversingLabs, Detection: 0%
  • Antivirus: Virustotal, Detection: 0%, Browse
Reputation:low
Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........N.../../../..Wy./../../....../..Wi./..Wx./..W~./..W{./..Rich./..................PE..L...T{mW...........!................p!.......0...............................p............@..........................5..o...l1..P....P.......................`.......................................................0...............................text............................... ..`.rdata.......0......................@..@.data........@......................@....rsrc........P......................@..@.reloc..d....`....... ..............@..B........................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\StdUtils.dll

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:dropped
Size (bytes):102400
Entropy (8bit):6.729923587623207
Encrypted:false
SSDEEP:
MD5:C6A6E03F77C313B267498515488C5740
SHA1:3D49FC2784B9450962ED6B82B46E9C3C957D7C15
SHA-256:B72E9013A6204E9F01076DC38DABBF30870D44DFC66962ADBF73619D4331601E
SHA-512:9870C5879F7B72836805088079AD5BBAFCB59FC3D9127F2160D4EC3D6E88D3CC8EBE5A9F5D20A4720FE6407C1336EF10F33B2B9621BC587E930D4CBACF337803
Malicious:false
Reputation:low
Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........q....C...C...C...C...C...C...C...C...C...C...C...C...C.[.C...C.[.C...C.[.C...C.[.C...CRich...C........................PE..L...I..[...........!.....*...b...............@.......................................+....@..........................}..d....t..........X............................................................................@...............................text....).......*.................. ..`.rdata..TC...@...D..................@..@.data...l............r..............@....rsrc...X............x..............@..@.reloc..j............~..............@..B................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\System.dll

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:dropped
Size (bytes):12288
Entropy (8bit):5.719859767584478
Encrypted:false
SSDEEP:
MD5:0D7AD4F45DC6F5AA87F606D0331C6901
SHA1:48DF0911F0484CBE2A8CDD5362140B63C41EE457
SHA-256:3EB38AE99653A7DBC724132EE240F6E5C4AF4BFE7C01D31D23FAF373F9F2EACA
SHA-512:C07DE7308CB54205E8BD703001A7FE4FD7796C9AC1B4BB330C77C872BF712B093645F40B80CE7127531FE6746A5B66E18EA073AB6A644934ABED9BB64126FEA9
Malicious:false
Reputation:low
Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qr*.5.D.5.D.5.D...J.2.D.5.E.!.D.....2.D.a0t.1.D.V1n.4.D..3@.4.D.Rich5.D.........PE..L....~.\...........!....."...........).......@...............................p............@..........................B.......@..P............................`.......................................................@..X............................text.... .......".................. ..`.rdata..c....@.......&..............@..@.data...x....P.......*..............@....reloc.......`.......,..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\app-64.7z

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:7-zip archive data, version 0.4
Category:dropped
Size (bytes):78364243
Entropy (8bit):7.999994831096042
Encrypted:true
SSDEEP:
MD5:C52D4D29E8EAB983C1E035EF46061CCD
SHA1:5929C6497A1CDA3F59900D21963EF8D23496EB43
SHA-256:9AAE2762D890EC716F56067FBF93385FC9EBB5E91EDB6F09FD8702BCAD61CDF2
SHA-512:788DF21F11D3F08D7A2976CAC4925BD90D23AC0C7718ECF8E3B9A9D7169057B56568F8CE00B6AE2FC64F3E6547C542A73268BA621B6F3F8BFA2AF25BCAAE3EAC
Malicious:false
Reputation:low
Preview:7z..'......o........&........N....G..].!....w.f....}.%...2..r..(..+....;....*.0...Ml..&.[..A(.b..^...V"..w..*.:..4.(....L..Uoz.8m...y.$5..j.g.6.d...H...=.s.)w..R.A...l.k.?.+...sv....[.v.svm..E.Y.x.e.].....U......v..E.:&.....-.0...._..P..$.SW.....2.....9.....,.NC.e.]Q......lH..U#.J.._....Y.ZdQ.R..........o....f[......K;A...o_A<../...O...e~.....^.u.2..$GLJC.R.XF.oh.w.n.[..Y.7....."|~W....=_.......P..V..J.;>.B...'....F>.R....r.;.zF.z...iB~`...'...?Vtm.h...l../1TY...w.6...q.. Q..F?...}....s.7...........`Y2R......v`.&....[Rs#..L...u....#..;..k..2....Ps.nobJ...;..>u...5....9:......1.5u.g1.s`.........c.2.......N!Zi.._..Q....W..fj...U....2..I.8..A.(.2.N.3.D.l]v..{{..K6....).CR...|n N.....]...B.Gl.._.._.ZpHS....._m{p}.s...Q...My(.h...G.'.<....E..8.o.....6.=.#A.Cs....]..4.Q...a.\lm.cD.>.f(..._.E._.....*=..0. .#v{.......)R.k.M...l.....?...q.~-.xYt.y...0.P...$...P.V...BK....q.....j..fM..4.k...?..Ub/......+.]...m..._...jY?.Q.Z.....|....5Gxl.,

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\nsExec.dll

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:dropped
Size (bytes):6656
Entropy (8bit):5.155286976455086
Encrypted:false
SSDEEP:
MD5:EC0504E6B8A11D5AAD43B296BEEB84B2
SHA1:91B5CE085130C8C7194D66B2439EC9E1C206497C
SHA-256:5D9CEB1CE5F35AEA5F9E5A0C0EDEEEC04DFEFE0C77890C80C70E98209B58B962
SHA-512:3F918F1B47E8A919CBE51EB17DC30ACC8CFC18E743A1BAE5B787D0DB7D26038DC1210BE98BF5BA3BE8D6ED896DBBD7AC3D13E66454A98B2A38C7E69DAD30BB57
Malicious:false
Reputation:low
Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........................,..................Rich...........PE..L....~.\...........!......................... ...............................P............@..........................$..l.... ..P............................@....................................................... ...............................text............................... ..`.rdata..L.... ......................@..@.data........0......................@....reloc.......@......................@..B................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsp289E.tmp\nsis7z.dll

Download File
Process:C:\Users\user\Desktop\simaris-suite-installer.exe
File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:dropped
Size (bytes):434176
Entropy (8bit):6.584811966667578
Encrypted:false
SSDEEP:
MD5:80E44CE4895304C6A3A831310FBF8CD0
SHA1:36BD49AE21C460BE5753A904B4501F1ABCA53508
SHA-256:B393F05E8FF919EF071181050E1873C9A776E1A0AE8329AEFFF7007D0CADF592
SHA-512:C8BA7B1F9113EAD23E993E74A48C4427AE3562C1F6D9910B2BBE6806C9107CF7D94BC7D204613E4743D0CD869E00DAFD4FB54AAD1E8ADB69C553F3B9E5BC64DF
Malicious:false
Reputation:low
Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......L.6a..X2..X2..X2m.[3..X2m.]3..X2Z.]3+.X2Z.\3..X2Z.[3..X2m.\3..X2m.Y3..X2..Y2..X2..\3#.X2..]3..X2..X3..X2...2..X2...2..X2..Z3..X2Rich..X2........PE..L.....\...........!......................... ...............................@............@..........................6.......7..d................................E.....................................@............ ...............................text............................... ..`.rdata..8"... ...$..................@..@.data........P... ...6..............@....rsrc................V..............@..@.reloc...E.......F...Z..............@..B........................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-GB\default.dic

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:Unicode text, UTF-16, little-endian text, with no line terminators
Category:dropped
Size (bytes):2
Entropy (8bit):1.0
Encrypted:false
SSDEEP:
MD5:F3B25701FE362EC84616A93A45CE9998
SHA1:D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB
SHA-256:B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209
SHA-512:98C5F56F3DE340690C139E58EB7DAC111979F0D4DFFE9C4B24FF849510F4B6FFA9FD608C0A3DE9AC3C9FD2190F0EFAF715309061490F9755A9BFDF1C54CA0D84
Malicious:false
Reputation:low
Preview:..

C:\Users\user\AppData\Roaming\simaris-suite-app\2ace6670-750e-403e-b0e3-ed082a7dd92d.tmp

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:JSON data
Category:dropped
Size (bytes):389
Entropy (8bit):5.56523870770178
Encrypted:false
SSDEEP:
MD5:2D9410017EF6FD1EBDA191E98FE65D7B
SHA1:2BAC7152A65AE68C643875648EF00D9532444701
SHA-256:F9292920A17C67C0917D0C8388ED8E8233BDB08798B3347E0313D51CECF0894C
SHA-512:5E53E2CD235D166331D3D940C0F5752DCF5334988E827E2D2B4B00BB81282D423B8767E3F24B848CFEFCA32AC7E189659D653090FA14853D1F0CC86E324CEABF
Malicious:false
Reputation:low
Preview:{"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAByBIz4Q7yMQZ0mVgx5TRPnAAAAAAIAAAAAABBmAAAAAQAAIAAAANN/vmOaEV2Z+omT3md36jEYuTvsM3AaMR8TkmnY3f/sAAAAAA6AAAAAAgAAIAAAAN+/zJL94U9ATk0jpKmNRo6wDVMTiwuOCKCh6Bw414cDMAAAAC0nhic66Pcb3TfvYOwAEprvpoqK4Gw+EZp//uZvUbl4tELSuP1/0DNOI5Vw0AZbnUAAAAAYFAUaOmCqDdZ1nb7nYma+/FLCkojnkBKYruLK9jIZjRWVBSTwF8/baozVyuuDetwUT+yqlHyNSNZTdg4fg4Mb"}}

C:\Users\user\AppData\Roaming\simaris-suite-app\Cache\Cache_Data\data_1

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:data
Category:dropped
Size (bytes):270336
Entropy (8bit):8.280239615765425E-4
Encrypted:false
SSDEEP:
MD5:D0D388F3865D0523E451D6BA0BE34CC4
SHA1:8571C6A52AACC2747C048E3419E5657B74612995
SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
Malicious:false
Reputation:low
Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\simaris-suite-app\Cache\Cache_Data\index

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:FoxPro FPT, blocks size 512, next free block index 3284796353, field type 0
Category:dropped
Size (bytes):524656
Entropy (8bit):5.027445846313988E-4
Encrypted:false
SSDEEP:
MD5:B49A1E83197129106845432E70356061
SHA1:9F85750EA88B644DA590F8BF8F4165BD6A42A656
SHA-256:64016EC38D35826362D6D989EA05BBCC580919A2CF96041F57129AE90921BD02
SHA-512:212603CCD2E1F5AE16356120D639ABA700A85D64C7FD4C252824E93BD8181D968E33621859781EEC864B2EF31870BB69FAECD8E7BC36F84815095F1FEA211859
Malicious:false
Reputation:low
Preview:........................................4.S.<l/.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\simaris-suite-app\Code Cache\js\index-dir\temp-index

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:data
Category:dropped
Size (bytes):48
Entropy (8bit):2.868671614087538
Encrypted:false
SSDEEP:
MD5:63FE4DB81611D078B7B9E187364B0F74
SHA1:D6A62B8877870F58D23C08C0F5B67A19EFDBCD8D
SHA-256:FA9845BC484A16507DB07C2232F96FD921E8136CF264B04B561FBBCD21C08C66
SHA-512:6935747C97BA94D38652CAA2156E987106AD799AAE79346AB8BDA3867F74FBE148A7CC7F810696D6F113CDE37A44E121E8146626FA4E2B97D5AB98FF5A5E58BA
Malicious:false
Reputation:low
Preview:(....#..oy retne........................h`..<l/.

C:\Users\user\AppData\Roaming\simaris-suite-app\Code Cache\js\index-dir\the-real-index (copy)

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:data
Category:dropped
Size (bytes):48
Entropy (8bit):2.868671614087538
Encrypted:false
SSDEEP:
MD5:63FE4DB81611D078B7B9E187364B0F74
SHA1:D6A62B8877870F58D23C08C0F5B67A19EFDBCD8D
SHA-256:FA9845BC484A16507DB07C2232F96FD921E8136CF264B04B561FBBCD21C08C66
SHA-512:6935747C97BA94D38652CAA2156E987106AD799AAE79346AB8BDA3867F74FBE148A7CC7F810696D6F113CDE37A44E121E8146626FA4E2B97D5AB98FF5A5E58BA
Malicious:false
Reputation:low
Preview:(....#..oy retne........................h`..<l/.

C:\Users\user\AppData\Roaming\simaris-suite-app\Code Cache\wasm\index

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:data
Category:dropped
Size (bytes):24
Entropy (8bit):2.1431558784658327
Encrypted:false
SSDEEP:
MD5:54CB446F628B2EA4A5BCE5769910512E
SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
Malicious:false
Reputation:low
Preview:0\r..m..................

C:\Users\user\AppData\Roaming\simaris-suite-app\Code Cache\wasm\index-dir\temp-index

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:data
Category:dropped
Size (bytes):48
Entropy (8bit):2.8270049474208716
Encrypted:false
SSDEEP:
MD5:40E33CCBB7592BBB4A2E01193A46BD0E
SHA1:00A62661DFFD78E9DC9283A9B69602E3CBAE7C3D
SHA-256:ED402B76B346897FCE0A773323CDD5DB0D8492A0178FC12EF617228944B14B58
SHA-512:68B6E0BEB748731BDFE965A1478F7832D446708F5433D88458FE48FBD14BB17C0B536B9CE3AD22FC6ABDF920ADD29FB26EE65F2C0675E5242F0289C711897D8F
Malicious:false
Reputation:low
Preview:(...N./.oy retne.........................X..<l/.

C:\Users\user\AppData\Roaming\simaris-suite-app\Code Cache\wasm\index-dir\the-real-index (copy)

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:data
Category:dropped
Size (bytes):48
Entropy (8bit):2.8270049474208716
Encrypted:false
SSDEEP:
MD5:40E33CCBB7592BBB4A2E01193A46BD0E
SHA1:00A62661DFFD78E9DC9283A9B69602E3CBAE7C3D
SHA-256:ED402B76B346897FCE0A773323CDD5DB0D8492A0178FC12EF617228944B14B58
SHA-512:68B6E0BEB748731BDFE965A1478F7832D446708F5433D88458FE48FBD14BB17C0B536B9CE3AD22FC6ABDF920ADD29FB26EE65F2C0675E5242F0289C711897D8F
Malicious:false
Reputation:low
Preview:(...N./.oy retne.........................X..<l/.

C:\Users\user\AppData\Roaming\simaris-suite-app\GPUCache\data_0

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
Category:dropped
Size (bytes):8192
Entropy (8bit):0.01057775872642915
Encrypted:false
SSDEEP:
MD5:CF89D16BB9107C631DAABF0C0EE58EFB
SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
Malicious:false
Reputation:low
Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\simaris-suite-app\GPUCache\data_1

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:data
Category:dropped
Size (bytes):8192
Entropy (8bit):0.012096502606932763
Encrypted:false
SSDEEP:
MD5:259E7ED5FB3C6C90533B963DA5B2FC1B
SHA1:DF90EABDA434CA50828ABB039B4F80B7F051EC77
SHA-256:35BB2F189C643DCF52ECF037603D104035ECDC490BF059B7736E58EF7D821A09
SHA-512:9D401053AC21A73863B461B0361DF1A17850F42FD5FC7A77763A124AA33F2E9493FAD018C78CDFF63CA10F6710E53255CE891AD6EC56EC77D770C4630F274933
Malicious:false
Reputation:low
Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\simaris-suite-app\GPUCache\data_2

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:data
Category:dropped
Size (bytes):8192
Entropy (8bit):0.011852361981932763
Encrypted:false
SSDEEP:
MD5:0962291D6D367570BEE5454721C17E11
SHA1:59D10A893EF321A706A9255176761366115BEDCB
SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
Malicious:false
Reputation:low
Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\simaris-suite-app\GPUCache\data_3

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:data
Category:dropped
Size (bytes):8192
Entropy (8bit):0.012340643231932763
Encrypted:false
SSDEEP:
MD5:41876349CB12D6DB992F1309F22DF3F0
SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
Malicious:false
Reputation:low
Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\simaris-suite-app\GPUCache\index

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:FoxPro FPT, blocks size 512, next free block index 3284796353, field type 0
Category:dropped
Size (bytes):262512
Entropy (8bit):8.888592939060574E-4
Encrypted:false
SSDEEP:
MD5:F43FAEE3AA4FD6DDA9E692C6B8B7354B
SHA1:0B7D20D94B30C81BA17306ABC6844B9A9FDA32EC
SHA-256:75AAD3CB41791DEDB99FE6AFFC9E2FC768C29AADAB656F4DB5ACC509F8997A45
SHA-512:7FFC84C2643FE4433C719F2BCAD0B8E700C16AA43602662984BFC72DB4F87A3A8015DE2B5641FFC5EAF8DEF046D248E12A0E3FBD5C290A255DE4D294A4CB353A
Malicious:false
Reputation:low
Preview:............................................<l/.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\simaris-suite-app\Local State (copy)

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:JSON data
Category:dropped
Size (bytes):389
Entropy (8bit):5.56523870770178
Encrypted:false
SSDEEP:
MD5:2D9410017EF6FD1EBDA191E98FE65D7B
SHA1:2BAC7152A65AE68C643875648EF00D9532444701
SHA-256:F9292920A17C67C0917D0C8388ED8E8233BDB08798B3347E0313D51CECF0894C
SHA-512:5E53E2CD235D166331D3D940C0F5752DCF5334988E827E2D2B4B00BB81282D423B8767E3F24B848CFEFCA32AC7E189659D653090FA14853D1F0CC86E324CEABF
Malicious:false
Reputation:low
Preview:{"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAByBIz4Q7yMQZ0mVgx5TRPnAAAAAAIAAAAAABBmAAAAAQAAIAAAANN/vmOaEV2Z+omT3md36jEYuTvsM3AaMR8TkmnY3f/sAAAAAA6AAAAAAgAAIAAAAN+/zJL94U9ATk0jpKmNRo6wDVMTiwuOCKCh6Bw414cDMAAAAC0nhic66Pcb3TfvYOwAEprvpoqK4Gw+EZp//uZvUbl4tELSuP1/0DNOI5Vw0AZbnUAAAAAYFAUaOmCqDdZ1nb7nYma+/FLCkojnkBKYruLK9jIZjRWVBSTwF8/baozVyuuDetwUT+yqlHyNSNZTdg4fg4Mb"}}

C:\Users\user\AppData\Roaming\simaris-suite-app\Local Storage\leveldb\000001.dbtmp

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:ASCII text
Category:dropped
Size (bytes):16
Entropy (8bit):3.2743974703476995
Encrypted:false
SSDEEP:
MD5:46295CAC801E5D4857D09837238A6394
SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
Malicious:false
Reputation:low
Preview:MANIFEST-000001.

C:\Users\user\AppData\Roaming\simaris-suite-app\Local Storage\leveldb\CURRENT (copy)

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:ASCII text
Category:dropped
Size (bytes):16
Entropy (8bit):3.2743974703476995
Encrypted:false
SSDEEP:
MD5:46295CAC801E5D4857D09837238A6394
SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
Malicious:false
Reputation:low
Preview:MANIFEST-000001.

C:\Users\user\AppData\Roaming\simaris-suite-app\Local Storage\leveldb\LOG

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:ASCII text
Category:dropped
Size (bytes):265
Entropy (8bit):5.189974052447405
Encrypted:false
SSDEEP:
MD5:7A7A0E250D074CB15EE351B902E5E734
SHA1:F061543B8C7671FF9AE3FA6AB339B4D260EB80EC
SHA-256:D32E23059A91CF1A321A15F2CF21E96E772D0F7021F89F93060D35347D587556
SHA-512:7089296A5D2ED4C0F750801F26425E138918DA9495A8B4B79F66C1219E67A214D5C4C368818FE30417AD7ADC0E1C917197B328F708E38D84FE9024A8CAF5699A
Malicious:false
Reputation:low
Preview:2023/12/29-15:02:27.575 1368 Creating DB C:\Users\user\AppData\Roaming\simaris-suite-app\Local Storage\leveldb since it was missing..2023/12/29-15:02:27.592 1368 Reusing MANIFEST C:\Users\user\AppData\Roaming\simaris-suite-app\Local Storage\leveldb/MANIFEST-000001.

C:\Users\user\AppData\Roaming\simaris-suite-app\Local Storage\leveldb\MANIFEST-000001

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:OpenPGP Secret Key
Category:dropped
Size (bytes):41
Entropy (8bit):4.704993772857998
Encrypted:false
SSDEEP:
MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
Malicious:false
Reputation:low
Preview:.|.."....leveldb.BytewiseComparator......

C:\Users\user\AppData\Roaming\simaris-suite-app\Preferences (copy)

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:JSON data
Category:dropped
Size (bytes):57
Entropy (8bit):4.283088322451805
Encrypted:false
SSDEEP:
MD5:329622F40165883B656ABAB0D93674C4
SHA1:DD0DDF3B58BA7BF841B7664F890C65DC7B20CE87
SHA-256:2A2BF0F32B2E88B7394AB518C2EF85880824317076DCE7E932BB8C9B8F218488
SHA-512:BF9173F47118D3FD466378CA186B74EFB7481AF15AEABD0BDBA43331721D93F5F9E4D1FD94F38873B8DBA9352D2EB4BF8044A21C52A52409615E3E25894393CF
Malicious:false
Reputation:low
Preview:{"spellcheck":{"dictionaries":["en-GB"],"dictionary":""}}

C:\Users\user\AppData\Roaming\simaris-suite-app\ec3f9cf4-e490-44be-b409-704d64136edc.tmp

Download File
Process:C:\Users\user\AppData\Local\Programs\simaris-suite-app\SIMARIS Suite.exe
File Type:JSON data
Category:dropped
Size (bytes):57
Entropy (8bit):4.283088322451805
Encrypted:false
SSDEEP:
MD5:329622F40165883B656ABAB0D93674C4
SHA1:DD0DDF3B58BA7BF841B7664F890C65DC7B20CE87
SHA-256:2A2BF0F32B2E88B7394AB518C2EF85880824317076DCE7E932BB8C9B8F218488
SHA-512:BF9173F47118D3FD466378CA186B74EFB7481AF15AEABD0BDBA43331721D93F5F9E4D1FD94F38873B8DBA9352D2EB4BF8044A21C52A52409615E3E25894393CF
Malicious:false
Reputation:low
Preview:{"spellcheck":{"dictionaries":["en-GB"],"dictionary":""}}

Static File Info

General

File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Entropy (8bit):7.999502802445704
TrID:
  • Win32 Executable (generic) a (10002005/4) 99.96%
  • Generic Win/DOS Executable (2004/3) 0.02%
  • DOS Executable Generic (2002/1) 0.02%
  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:simaris-suite-installer.exe
File size:79'156'408 bytes
MD5:283c02361ea45d1c7db39c334b94b503
SHA1:722037a9c26b269cd3c1b7988a43c887bdf757f2
SHA256:2fb1fd57fda10c661806f8fa38bf303bb5c20a01d5a2ed1cc2be53aa7b7ae62a
SHA512:84fabfd1c58c1619a731aa0a8431f75b7246461824e0efdba9792d2767c47257837e8f9be46750fc842f281aa8fc2cba9da5b02b3a0993834d3918617a7d7377
SSDEEP:1572864:QhR5Vz+K+I1AbG1uETeBsWZc0HhRO3zYxF9A8:QhReK31AmBKHDODp8
TLSH:02083310A855AEF2EAE75B7181C0D72C00ADEE304F609B92C6FA77ED233DE1D6745690
File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf..sV..Pf..V`..Pf.Rich.Pf.........................PE..L......\.................h...8...@.

File Icon

Icon Hash:6896babbb3b2cc30

Static PE Info

General

Entrypoint:0x40338f
Entrypoint Section:.text
Digitally signed:true
Imagebase:0x400000
Subsystem:windows gui
Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Time Stamp:0x5C157F86 [Sat Dec 15 22:26:14 2018 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:4
OS Version Minor:0
File Version Major:4
File Version Minor:0
Subsystem Version Major:4
Subsystem Version Minor:0
Import Hash:b34f154ec913d2d2c435cbd644e91687

Authenticode Signature

Signature Valid:true
Signature Issuer:CN=QuoVadis Code Signing CA G1, O=QuoVadis Limited, C=BM
Signature Validation Error:The operation completed successfully
Error Number:0
Not Before, Not After
  • 10/09/2020 11:20:03 10/09/2023 11:30:00
Subject Chain
  • CN=Siemens AG, O=Siemens AG, L=Muenchen, S=Bayern, C=DE
Version:3
Thumbprint MD5:A699905DFA7B78DFDA9842B3BDD40661
Thumbprint SHA-1:2539592D995F97774727D78139DD971A38457BA8
Thumbprint SHA-256:9563D1CDBDA1E7F86FDD53588E2B5F24387196150DF64666FC78721AF85A1412
Serial:0FAB6C64B551473DC2F6EE0BE07F0763A09D171A
Instruction
sub esp, 000002D4h
push ebx
push esi
push edi
push 00000020h
pop edi
xor ebx, ebx
push 00008001h
mov dword ptr [esp+14h], ebx
mov dword ptr [esp+10h], 0040A2E0h
mov dword ptr [esp+1Ch], ebx
call dword ptr [004080A8h]
call dword ptr [004080A4h]
and eax, BFFFFFFFh
cmp ax, 00000006h
mov dword ptr [0047AEECh], eax
je 00007F602109AF13h
push ebx
call 00007F602109E1C5h
cmp eax, ebx
je 00007F602109AF09h
push 00000C00h
call eax
mov esi, 004082B0h
push esi
call 00007F602109E13Fh
push esi
call dword ptr [00408150h]
lea esi, dword ptr [esi+eax+01h]
cmp byte ptr [esi], 00000000h
jne 00007F602109AEECh
push 0000000Ah
call 00007F602109E198h
push 00000008h
call 00007F602109E191h
push 00000006h
mov dword ptr [0047AEE4h], eax
call 00007F602109E185h
cmp eax, ebx
je 00007F602109AF11h
push 0000001Eh
call eax
test eax, eax
je 00007F602109AF09h
or byte ptr [0047AEEFh], 00000040h
push ebp
call dword ptr [00408044h]
push ebx
call dword ptr [004082A0h]
mov dword ptr [0047AFB8h], eax
push ebx
lea eax, dword ptr [esp+34h]
push 000002B4h
push eax
push ebx
push 00440208h
call dword ptr [00408188h]
push 0040A2C8h
Programming Language:
  • [EXP] VC++ 6.0 SP5 build 8804
NameVirtual AddressVirtual Size Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
IMAGE_DIRECTORY_ENTRY_IMPORT0x86100xa0.rdata
IMAGE_DIRECTORY_ENTRY_RESOURCE0x19f0000x44228.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
IMAGE_DIRECTORY_ENTRY_SECURITY0x4b797200x3d98
IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
IMAGE_DIRECTORY_ENTRY_TLS0x00x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
IMAGE_DIRECTORY_ENTRY_IAT0x80000x2b0.rdata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

Sections

NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
.text0x10000x66270x6800False0.6646259014423077data6.450282348506287IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rdata0x80000x14a20x1600False0.4405184659090909data5.025178929113415IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data0xa0000x70ff80x600False0.5182291666666666data4.037117731448378IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.ndata0x7b0000x1240000x0False0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rsrc0x19f0000x442280x44400False0.07486979166666667data4.345753667083271IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
NameRVASizeTypeLanguageCountryZLIB Complexity
RT_ICON0x19f4a80x42028Device independent bitmap graphic, 256 x 512 x 32, image size 270336EnglishUnited States0.06960307127851584
RT_DIALOG0x1e14d00x202dataEnglishUnited States0.4085603112840467
RT_DIALOG0x1e16d80xf8dataEnglishUnited States0.6290322580645161
RT_DIALOG0x1e17d00xeedataEnglishUnited States0.6260504201680672
RT_DIALOG0x1e18c00x1fadataEnglishUnited States0.40118577075098816
RT_DIALOG0x1e1ac00xf0dataEnglishUnited States0.6666666666666666
RT_DIALOG0x1e1bb00xe6dataEnglishUnited States0.6565217391304348
RT_DIALOG0x1e1c980x1eedataEnglishUnited States0.38866396761133604
RT_DIALOG0x1e1e880xe4dataEnglishUnited States0.6447368421052632
RT_DIALOG0x1e1f700xdadataEnglishUnited States0.6422018348623854
RT_DIALOG0x1e20500x1eedataEnglishUnited States0.3866396761133603
RT_DIALOG0x1e22400xe4dataEnglishUnited States0.6359649122807017
RT_DIALOG0x1e23280xdadataEnglishUnited States0.6376146788990825
RT_DIALOG0x1e24080x1f2dataEnglishUnited States0.39759036144578314
RT_DIALOG0x1e26000xe8dataEnglishUnited States0.6508620689655172
RT_DIALOG0x1e26e80xdedataEnglishUnited States0.6486486486486487
RT_DIALOG0x1e27c80x202dataEnglishUnited States0.42217898832684825
RT_DIALOG0x1e29d00xf8dataEnglishUnited States0.6653225806451613
RT_DIALOG0x1e2ac80xeedataEnglishUnited States0.6512605042016807
RT_GROUP_ICON0x1e2bb80x14dataEnglishUnited States1.1
RT_VERSION0x1e2bd00x228dataEnglishUnited States0.4945652173913043
RT_MANIFEST0x1e2df80x42eXML 1.0 document, ASCII text, with very long lines (1070), with no line terminatorsEnglishUnited States0.5158878504672897
DLLImport
KERNEL32.dllSetEnvironmentVariableW, SetFileAttributesW, Sleep, GetTickCount, GetFileSize, GetModuleFileNameW, GetCurrentProcess, CopyFileW, SetCurrentDirectoryW, GetFileAttributesW, GetWindowsDirectoryW, GetTempPathW, GetCommandLineW, GetVersion, SetErrorMode, lstrlenW, lstrcpynW, GetDiskFreeSpaceW, ExitProcess, GetShortPathNameW, CreateThread, GetLastError, CreateDirectoryW, CreateProcessW, RemoveDirectoryW, lstrcmpiA, CreateFileW, GetTempFileNameW, WriteFile, lstrcpyA, MoveFileExW, lstrcatW, GetSystemDirectoryW, GetProcAddress, GetModuleHandleA, GetExitCodeProcess, WaitForSingleObject, lstrcmpiW, MoveFileW, GetFullPathNameW, SetFileTime, SearchPathW, CompareFileTime, lstrcmpW, CloseHandle, ExpandEnvironmentStringsW, GlobalFree, GlobalLock, GlobalUnlock, GlobalAlloc, FindFirstFileW, FindNextFileW, DeleteFileW, SetFilePointer, ReadFile, FindClose, lstrlenA, MulDiv, MultiByteToWideChar, WideCharToMultiByte, GetPrivateProfileStringW, WritePrivateProfileStringW, FreeLibrary, LoadLibraryExW, GetModuleHandleW
USER32.dllGetSystemMenu, SetClassLongW, EnableMenuItem, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongW, SetCursor, LoadCursorW, CheckDlgButton, GetMessagePos, LoadBitmapW, CallWindowProcW, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, ScreenToClient, GetWindowRect, GetDlgItem, GetSystemMetrics, SetDlgItemTextW, GetDlgItemTextW, MessageBoxIndirectW, CharPrevW, CharNextA, wsprintfA, DispatchMessageW, PeekMessageW, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, DrawTextW, EndDialog, RegisterClassW, SystemParametersInfoW, CreateWindowExW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, GetDC, SetTimer, SetWindowTextW, LoadImageW, SetForegroundWindow, ShowWindow, IsWindow, SetWindowLongW, FindWindowExW, TrackPopupMenu, AppendMenuW, CreatePopupMenu, EndPaint, CreateDialogParamW, SendMessageTimeoutW, wsprintfW, PostQuitMessage
GDI32.dllSelectObject, SetBkMode, CreateFontIndirectW, SetTextColor, DeleteObject, GetDeviceCaps, CreateBrushIndirect, SetBkColor
SHELL32.dllSHGetSpecialFolderLocation, ShellExecuteExW, SHGetPathFromIDListW, SHBrowseForFolderW, SHGetFileInfoW, SHFileOperationW
ADVAPI32.dllAdjustTokenPrivileges, RegCreateKeyExW, RegOpenKeyExW, SetFileSecurityW, OpenProcessToken, LookupPrivilegeValueW, RegEnumValueW, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegSetValueExW, RegQueryValueExW, RegEnumKeyW
COMCTL32.dllImageList_Create, ImageList_AddMasked, ImageList_Destroy
ole32.dllOleUninitialize, OleInitialize, CoTaskMemFree, CoCreateInstance

Possible Origin

Language of compilation systemCountry where language is spokenMap
EnglishUnited States