Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
dn-compiled-module.jar

Overview

General Information

Sample name:dn-compiled-module.jar
Analysis ID:1483411
MD5:9baedc9c520816e671957a4a7a1e354b
SHA1:b8ece17002aeb8fda221f9732cd1ff6a721497be
SHA256:2f0f3e5fac55119cf67ea7950ee7dbbe2c5982986de51baccffc76c97f701585
Tags:116-203-8-165jar
Infos:

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Exploit detected, runtime environment starts unknown processes
Contains functionality to query CPU information (cpuid)
Creates a process in suspended mode (likely to inject code)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Uses cacls to modify the permissions of files
Uses code obfuscation techniques (call, push, ret)

Classification

Process Tree

  • System is w10x64
  • 7za.exe (PID: 7404 cmdline: 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\dn-compiled-module.jar" MD5: 77E556CDFDC5C592F5C46DB4127C6F4C)
    • conhost.exe (PID: 7412 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • java.exe (PID: 7460 cmdline: java.exe -jar "C:\Users\user\Desktop\dn-compiled-module.jar" MD5: 9DAA53BAB2ECB33DC0D9CA51552701FA)
    • conhost.exe (PID: 7468 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • icacls.exe (PID: 7564 cmdline: C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M MD5: 2E49585E4E08565F52090B144062F97E)
      • conhost.exe (PID: 7572 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: dn-compiled-module.jarReversingLabs: Detection: 15%
Source: dn-compiled-module.jarVirustotal: Detection: 14%Perma Link

Software Vulnerabilities

barindex
Exploit detected, runtime environment starts unknown processes
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\System32\conhost.exe
Source: MainForm.phb.0.drString found in binary or memory: http://77.91.77.145/?v=3&event=
Source: java.exe, 00000002.00000002.1654417055.0000000004A00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://bugreport.sun.com/bugreport/
Source: java.exe, 00000002.00000002.1654417055.0000000004A00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://java.oracle.com/
Source: AbstractFactory.phb.0.dr, MainForm.fxml.0.drString found in binary or memory: http://javafx.com/fxml/1
Source: AbstractFactory.phb.0.dr, MainForm.fxml.0.drString found in binary or memory: http://javafx.com/javafx/8
Source: jURL.phb.0.drString found in binary or memory: http://site.com/
Source: java.exe, 00000002.00000002.1655535445.000000001513F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.oracle.com/technetwork/java/javase/documentation/index.html
Source: jURL.phb.0.drString found in binary or memory: https://github.com/TsSaltan/DevelNext-jURL/releases/latest
Source: classification engineClassification label: mal52.expl.winJAR@7/174@0/0
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7412:120:WilError_03
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeMutant created: NULL
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7572:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7468:120:WilError_03
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeFile created: C:\Users\user\AppData\Local\Temp\hsperfdata_userJump to behavior
Source: C:\Windows\System32\7za.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: dn-compiled-module.jarReversingLabs: Detection: 15%
Source: dn-compiled-module.jarVirustotal: Detection: 14%
Source: unknownProcess created: C:\Windows\System32\7za.exe 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\dn-compiled-module.jar"
Source: C:\Windows\System32\7za.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknownProcess created: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exe java.exe -jar "C:\Users\user\Desktop\dn-compiled-module.jar"
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
Source: C:\Windows\SysWOW64\icacls.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)MJump to behavior
Source: C:\Windows\System32\7za.exeSection loaded: 7z.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: version.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\icacls.exeSection loaded: ntmarta.dllJump to behavior
Source: dn-compiled-module.jarStatic file information: File size 1062389 > 1048576
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 2_2_0291A21B push ecx; ret 2_2_0291A225
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 2_2_0291A20A push ecx; ret 2_2_0291A21A
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 2_2_0291B3B7 push 00000000h; mov dword ptr [esp], esp2_2_0291B3DD
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 2_2_0291BB67 push 00000000h; mov dword ptr [esp], esp2_2_0291BB8D
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 2_2_0291B947 push 00000000h; mov dword ptr [esp], esp2_2_0291B96D
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 2_2_0291C477 push 00000000h; mov dword ptr [esp], esp2_2_0291C49D
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: java.exe, 00000002.00000003.1650939668.0000000014EF4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: com/sun/corba/se/impl/util/SUNVMCID.classPK
Source: java.exe, 00000002.00000003.1650939668.0000000014EF4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: &com/sun/corba/se/impl/util/SUNVMCID.classPK
Source: java.exe, 00000002.00000002.1653868583.0000000000F64000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: [Ljava/lang/VirtualMachineError;
Source: java.exe, 00000002.00000003.1650939668.0000000014EF4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: org/omg/CORBA/OMGVMCID.classPK
Source: java.exe, 00000002.00000002.1653868583.0000000000F64000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: cjava/lang/VirtualMachineError
Source: java.exe, 00000002.00000002.1653868583.0000000000F3B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllPJ
Source: java.exe, 00000002.00000003.1650939668.0000000014EF4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: java/lang/VirtualMachineError.classPK
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeMemory protected: page read and write | page guardJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)MJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 2_2_029103C0 cpuid 2_2_029103C0
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\bin\client\jvm.dll VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Users\user\AppData\Local\Temp\hsperfdata_user\7460 VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\lib\resources.jar VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\lib\jsse.jar VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\lib\charsets.jar VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\lib\meta-index VolumeInformationJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Exploitation for Client Execution		1
Services File Permissions Weakness		1
Services File Permissions Weakness		1
Services File Permissions Weakness		OS Credential Dumping1
Security Software Discovery		Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Side-Loading		11
Process Injection		1
Disable or Modify Tools		LSASS Memory21
System Information Discovery		Remote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
DLL Side-Loading		11
Process Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveSteganographyAutomated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
DLL Side-Loading		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Obfuscated Files or Information		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1483411 Sample: dn-compiled-module.jar Startdate: 27/07/2024 Architecture: WINDOWS Score: 52 19 Multi AV Scanner detection for submitted file 2->19 21 Exploit detected, runtime environment starts unknown processes 2->21 7 java.exe 9 2->7         started        9 7za.exe 244 2->9         started        process3 process4 11 icacls.exe 1 7->11         started        13 conhost.exe 7->13         started        15 conhost.exe 9->15         started        process5 17 conhost.exe 11->17         started       

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
dn-compiled-module.jar16%ReversingLabsByteCode-JAVA.Trojan.Generic
dn-compiled-module.jar15%VirustotalBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://java.oracle.com/0%URL Reputationsafe
http://bugreport.sun.com/bugreport/0%URL Reputationsafe
http://www.oracle.com/technetwork/java/javase/documentation/index.html0%Avira URL Cloudsafe
http://site.com/0%Avira URL Cloudsafe
https://github.com/TsSaltan/DevelNext-jURL/releases/latest0%Avira URL Cloudsafe
http://javafx.com/fxml/10%Avira URL Cloudsafe
http://77.91.77.145/?v=3&event=0%Avira URL Cloudsafe
http://javafx.com/javafx/80%Avira URL Cloudsafe
http://77.91.77.145/?v=3&event=2%VirustotalBrowse
http://javafx.com/fxml/10%VirustotalBrowse
https://github.com/TsSaltan/DevelNext-jURL/releases/latest0%VirustotalBrowse
http://site.com/0%VirustotalBrowse
http://javafx.com/javafx/80%VirustotalBrowse
http://www.oracle.com/technetwork/java/javase/documentation/index.html0%VirustotalBrowse

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
http://77.91.77.145/?v=3&event=MainForm.phb.0.drfalse
  • 2%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown
http://java.oracle.com/java.exe, 00000002.00000002.1654417055.0000000004A00000.00000004.00000800.00020000.00000000.sdmpfalse
  • URL Reputation: safe
unknown
http://javafx.com/fxml/1AbstractFactory.phb.0.dr, MainForm.fxml.0.drfalse
  • 0%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown
http://site.com/jURL.phb.0.drfalse
  • 0%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown
https://github.com/TsSaltan/DevelNext-jURL/releases/latestjURL.phb.0.drfalse
  • 0%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown
http://www.oracle.com/technetwork/java/javase/documentation/index.htmljava.exe, 00000002.00000002.1655535445.000000001513F000.00000004.00000020.00020000.00000000.sdmpfalse
  • 0%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown
http://bugreport.sun.com/bugreport/java.exe, 00000002.00000002.1654417055.0000000004A00000.00000004.00000800.00020000.00000000.sdmpfalse
  • URL Reputation: safe
unknown
http://javafx.com/javafx/8AbstractFactory.phb.0.dr, MainForm.fxml.0.drfalse
  • 0%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown

World Map of Contacted IPs

No contacted IP infos

General Information

Joe Sandbox version:40.0.0 Tourmaline
Analysis ID:1483411
Start date and time:2024-07-27 11:30:36 +02:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 2m 11s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultwindowsfilecookbook.jbs
Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run name:Without Tracing
Number of analysed new started processes analysed:6
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:0
Technologies:
  • HCA enabled
  • EGA enabled
  • AMSI enabled
Analysis Mode:default
Analysis stop reason:Timeout
Sample name:dn-compiled-module.jar
Detection:MAL
Classification:mal52.expl.winJAR@7/174@0/0
EGA Information:Failed
HCA Information:
  • Successful, ratio: 100%
  • Number of executed functions: 7
  • Number of non-executed functions: 1
Cookbook Comments:
  • Found application associated with file extension: .jar
  • Stop behavior analysis, all processes terminated

Warnings

  • Execution Graph export aborted for target java.exe, PID 7460 because it is empty
  • Not all processes where analyzed, report is missing behavior information
  • Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASNs

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\ProgramData\Oracle\Java\.oracle_jre_usage\b5820291038aa69c.timestamp

Download File
Process:C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):52
Entropy (8bit):4.820162073702298
Encrypted:false
SSDEEP:3:oFj4I5vpm4USF2y:oJ5bFX
MD5:3743E33FC046BC45E88D00F321CBB591
SHA1:F93265FF340F851E26755DC4D05F647CBBB26048
SHA-256:40AC6B1D9F0FC30748808723687F38C13831FB175A96E0F4BE5E8FEFC6C9C4AE
SHA-512:9F1F637925F8BA24ABBD1C586DD856A9929968958B5A9D998031F7BC2C3E4608E5CD481F75BE43F6D04F4A9BE93298A63A884BA00D67E337B66DA876A0B7F1DB
Malicious:false
Reputation:low
Preview:C:\Program Files (x86)\Java\jre-1.8..1722072685021..

C:\Users\user\AppData\Local\Temp\hsperfdata_user\7460

Download File
Process:C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exe
File Type:data
Category:dropped
Size (bytes):65536
Entropy (8bit):1.2585358987884008
Encrypted:false
SSDEEP:96:2y4rb2z8GthzE5+Z6rSI28In17T8HG1bowbV:2yMA8Gt1E5+Z6HIZQHGd7
MD5:B5ED337D55684DDBE47CF573CD012E23
SHA1:AF33F4505CAB666210DA2B9A2FA4845D0FC986A7
SHA-256:F7CB72FC702CDCE7940D91D675E4E9E09C6B3BAE50EB85E63D038BFF6678E7D9
SHA-512:7019C9613B8C7C0AC6E1F53B8374E2442465298B4E86D77A916954ADFC7114A02867DFACF45F616073F50C4D0A856C74548AD45E6398176841DD6FF0EE60FBDF
Malicious:false
Reputation:low
Preview:.........9........+..... .......8...........J...0...sun.rt._sync_Inflations.............8...........J...0...sun.rt._sync_Deflations.............@...........J...8...sun.rt._sync_ContendedLockAttempts..........8...........J...0...sun.rt._sync_FutileWakeups..........0...........J...(...sun.rt._sync_Parks..........@...........J...8...sun.rt._sync_EmptyNotifications.............8...........J...0...sun.rt._sync_Notifications..........8...........J...0...sun.rt._sync_SlowEnter..............8...........J...0...sun.rt._sync_SlowExit...............8...........J...0...sun.rt._sync_SlowNotify.............8...........J...0...sun.rt._sync_SlowNotifyAll..........8...........J...0...sun.rt._sync_FailedSpins............@...........J...8...sun.rt._sync_SuccessfulSpins................8...........J...0...sun.rt._sync_PrivateA...............8...........J...0...sun.rt._sync_PrivateB...............@...........J...8...sun.rt._sync_MonInCirculation...............8...........J...0...sun.rt._sync_MonScavenged...

C:\jar\.data\img\5314-windows_102509.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):7267
Entropy (8bit):7.404044958117031
Encrypted:false
SSDEEP:192:HXrUVeopjNdQMIFYngBdnOkchu0RZ9N/cDe5Jz:7UVeopvDBnIdnXcvHN/cDaJz
MD5:FCF0A3C2EFD5AAD406AB595DA537BC49
SHA1:4063283EF9507C9B1C0EF07711E6688F527288D9
SHA-256:8CE2532FCD60CAD54CC44C8262BEB94D2FD2C0A61301501F9597A639D33B72A2
SHA-512:BF7CD3DFE3CEB98A7B568FD250292A48C1D802C84D61E0E7EF74ACA5F9CB2AF733EC13D5BF20DE58E9310A7B71DB30A37C01E0D9FD558164E04C14573E9A738F
Malicious:false
Reputation:low
Preview:.PNG........IHDR..............x.....*IDATx....\.}.....3.]q...;Hc[.....8.Y#M......$...pZ$.J/{Q....&E..B....\.hb.qbGV.X.DQ.........,C........j..%..H..>..`.4.....w.9..D........................................................................................................................................X..1.%s.>...[..X....V..........n..V~.^h}-".......+{..._i.?.Z9..a..W......\..b}..[.r........|4.....>..D..p......,+.~..+.y.>7...+;1....V...."..R^m..h..c.5...(.".R...l....by.4...;B...3....a..K..Z/...n\........n....Ek.;...D..... .3..U...,.].c8..4.Ox.....E...z,......k..9Z.?s....N....9.[X..vo1.....V'"..l.b8.x.f.........".Y..A^..G..S.{...|gck'.W.Yl.z..W*../F.X.._oGd...I...N..p(EQ....xlk......o....v+..Bg....,E..;WZ....,../.G.pi..7k7/...."._...........?~j..7...x.....N.......o,.v"....z...ED.<Z.....~....W...!...39+..{..W..T*...N.........W.Vw...`>..A..vF.|...W.....cI...@.>a.....B....0..;..b.W..T_....wb<+...]9"+.4F..E>{...#.....Y.s.Y.?......*..6.....6..

C:\jar\.data\img\Computer_PC_Monitor_1906.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced
Category:dropped
Size (bytes):1741
Entropy (8bit):7.1245084734242905
Encrypted:false
SSDEEP:24:dwowe3u3Hr9akapIToRsyiGrkEqiTeOH+ovF8Vw9XB4KEHm:Czt3wi7yiHiT5+ovFlwa
MD5:0367C4443A1036C1DE70226E366EE2F3
SHA1:CC93787047DCBC9E00CB0A59FFD9512EF2878121
SHA-256:628F3DCBB067E45B192A4FE39F363415E98BC3F5BF35DC8056285A177F134C15
SHA-512:CF01FE37181A049793E5CAA4A477E007F40DAD6796890B71398A3591F8A2DD62CF4AB1AC9B3CA7B3E5094F18C18909EAA15E21C345678ED8FBB53E7F0E8A0580
Malicious:false
Reputation:low
Preview:.PNG........IHDR...............?1....sBIT.....O.....pHYs..........+.....pIDATx....o.g...g.....lb....!..T.... ZB.......Gn..8./....Qq........BA..P%@...hS.Ih.$...Cj.V.*....u.8_..{g...i.....z]..]....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D.t=...=.|......Qx.nn.....?..n..e.M......={~....).._.t.{/mt=.d.{...b........rz.h........i^......G/oJbV,../.g..)..F./.1..o..z.j...7+.L.!..|....|^.......M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....].P.)eq6&..R....G.5...GF..~.T.SPkv....`.k....... ...&....h. ...&....h. ...&....h.......'..INo...y..........]O........cm|niz'.-m....y..V..).W...:..u.....4w ..M)._.Z.....$.}...'.r........+.....w.<.....@4..M.D....@4..M.D...\......as\.m..E....8l...i......

C:\jar\.data\img\Icon.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):51039
Entropy (8bit):7.987191041711094
Encrypted:false
SSDEEP:1536:4kghS05oAgOLr6xGvxZM0rwkRHw71yllt:4kMSood4r6Qvx1xHAyH
MD5:5403E64B682EB778EB4354C415E5B4EC
SHA1:48E462A36B4EE7C2B85C8717DD55D092D3822CFC
SHA-256:B97B0A5739AAC7C4BB28B949F5865F1E4AF391A954FCCCEB9A3AA19AF94C5528
SHA-512:8558A388E1DC8FFB61648C4D0F41272586BB2DA580C35EDAED76943F0DF35581E87F9700542A8F8EC492DE999317BE40E864740B1D144E3830F6EC1C6D0351F4
Malicious:false
Reputation:low
Preview:.PNG........IHDR.............\r.f... cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........o.d....IDATx..w.\Wy..]k.=..2..wY..na.J..L....7.B..$...!$.4J.M.!.@..L..[.U.fu.#...].z..3sfN.e[.........W}.......................................'..n..<?....n.F.4.a.!).a..RJ...!.*Z..Z(.JZk[).\....(..>..q..\..FGG.i..R!....MZ...R!D@k.........b.....!..[).hoo.`0..C..g._.p...4....R..a..1M.l...,K...M.l.kYV.e..n.....a....7m..:..{....p...]]]!.47.......@......T..Gk.....T......Z;Z....]..R.....O>..v...0.v....Aww.....7..........i.W7r..h...y~c.+2....t:....W.X1122r.......p.O.T*%.........Z...z9.t..6}.{..hkk%....F......8.....Sk..R^.N.{...x:.>z......"........L&........Sz...(.0...........e..U...`Y........<x...z.C..Q.T.-.MPJ=.x...=z..g{,...@..`A.R)..f....I)W+...r|...c\s.5\.q#..c.e,]...K.bY.:=.u...d..<....s.=<..S.].f.w..%K.......8..D"o6..eYj.....7MS..U....'.c[..|>...Z).=......<Ok.......~......&..l+..e.^s.............`.n.0..Lz.a.T*.?.......\W*..)...?.Kk...8.

C:\jar\.data\img\PuTTY_icon_128px.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 128 x 128, 8-bit colormap, non-interlaced
Category:dropped
Size (bytes):1700
Entropy (8bit):7.290120902029946
Encrypted:false
SSDEEP:24:uvk7WAK43+ue0JQg75sDmp8122vR013EYmPrs4HnptBE1k5EVQMEgOLTt8haJoOe:lCT8rsKpgBZPrKi5EzgVWpuJEh1
MD5:B7A49C508EC1ED05A6EC3BA9DC8FBBAD
SHA1:C69123D25128F85D572EE884100E9DE1D9194CD8
SHA-256:A13C77468119F1D07B6B2145E4339B8ED46D63662951FDE316AB14D45BE5E9F0
SHA-512:58F5FBE37926D03FB76F4D1481DE19F0FC6CA60A5AA6239B774ADA6CEB90C8EC03E865725E75A74A6AD08BA39203E1AA25250762D67D1F212CBFF796C20B8A67
Malicious:false
Reputation:low
Preview:.PNG........IHDR.....................gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....PLTE.................y..z..{..|..x..w..v..u..t..s..r..q..p..o..n..m..}.................................................................................................................................................................................b.......tRNS.@..f....bKGD..h.Q....IDATx..gW.0..+.$.R.mCRL&..E..at.EK...5.W........._.p8~.]9......(...P%....zN.*....W+ .W* .W) .W( .W' .W)...B.-...V..[K...gC.@.X*....fX.;..X....y..h............g..C.@.@.\..Vk..a.j..J..=.7..v....N5....*.....*(...9.O..3o.S`...v.",P.M....0l.f.....`..e.t.lnF..b.7.]..F......!?4`-.9`....."0...7......d..........}..~..f>....a|bj.H..K...0.,@|.7.,(....!v....A..u..]....*....W.............#....|:..4.lo..utp.....h..#...k..;;..p.h.I..".....S........Q.... .t.C......F.G...x.......O..~.y.Q`o.;=!1~g..s..........F...^.?.v).xl../.w.....!...^oF...........OI..y.`0G......{...o....:.._....T...&.D.........N 0..9

C:\jar\.data\img\T678V.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 190 x 190, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):6979
Entropy (8bit):7.948132057719689
Encrypted:false
SSDEEP:192:pMQ1sZLDh+Xa5lRJYEQCq8EvCNWVRsIetQGWfRK:iQ2IXwlRJYLvlqNKRsBWfo
MD5:E09F1CD46C82261915E1694F29DC3E4A
SHA1:358109EF1A4FB18B5F860FAE49E57E8CC650EF73
SHA-256:DB4BEA64619D897C3C1B0F183D0C58A1BB191820B26A09F141EF5F126F9135F9
SHA-512:0F8E8286F5AF4C593F2B7AD0D4EF1493230A1590D3E4E763E05B6A3322F1AC1E5B20D104712528B1826D49F1A2DD07A57BE128AAC3328750F45F31601B3BA4BC
Malicious:false
Reputation:low
Preview:.PNG........IHDR..............t......pHYs...........~.....IDATx..y|....VUKj.j.l....../.0..$.b.qX..@.;..2$...cf>Ify.......K.....LB..` ,..16`.m..}.d...Ru...]..7-.].......{..W..=u..<a..vUd.pey.-!g...5...2...h@.kN......M............m....x+..s=.\.LXV9........s5z..T.pL..D...F<.q..^lm..K...0..d.Ht.$l.E....4z>..pR. 5....m9..g..hA...Y..dM..."........*...7./....b(..G...q.*/.t.1...iY......w.....~...a ....j.V..........=...iYNYdx.m..D ..;...!..B'......Oz^*....K.....z.....(.g....{<...h..l)xV....b.6x^...}..e;DF._....B.c...!.(@k.\l.....yn.O.............B..7.7....!.(}Wee.3.o.O+..o..o.........B........B.W..U...I..h.;..W....a..>.t.. S.3....YD.H..Y..5u.x.k...I.o.Ny.v..............!5C....Z).$o8./-.......w2...:].!{d,..U^Q.#..X..:....G.,..../'._.......).qp...;_.cG{.)|!$55..h.[-...c......Z..:..y.cY.c.".e.....B..c..`(.l!DH:.A)..c..Q..B...V..~Jf.....<.S.....x.Q..Q..m.FV...Mh..8....QI\{F.....a.-GXs......~ ..c\........w.....C._.jN9.<.Jd...1..Jk.....u...yH..)S.^...".

C:\jar\.data\img\exe.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 128 x 128, 8-bit colormap, non-interlaced
Category:dropped
Size (bytes):1343
Entropy (8bit):7.4946293335021235
Encrypted:false
SSDEEP:24:uFMXF4Jl9kIYntx7ogdILFMchOEZrS27Srl8bOksu0L2z6EMVlN:510knPJILFM+OEZuSbOsGE4N
MD5:122DD692647F3DB60D1EB46105740336
SHA1:F10CC559FC7E65AC553E2A9DEAA135B976950EF7
SHA-256:1BFB565E014C406A992668260D404552D33A1AC1CE5A24AA5675F7FF46D92113
SHA-512:C95832AF3407172EBBA93D0BB7EABA3A8C1F75FBC1A3BB027396445B0551A62D79F7AAA88D9F0620A6D15D00DA08ED10A52D12B7778240298C5BF2F647750E05
Malicious:false
Reputation:low
Preview:.PNG........IHDR.................... cHRM..z&..............u0...`..:....p..Q<...5PLTE.......................................................................}......................................................~..~..~..}..}..|..|..{..{..{..z..z..z..y..y..x.2..1..0../.....-..,..+..*..)..(..'..&..%..$..#.."..!.................................}..z....y.....x................|........|........9)....tRNS.~ p..n....bKGDf,..%....tIME....."........IDATx..iW.@....w....`..]... ......6.G.._0MK.2..7.I.0O...>.w&..Z(X,...b.X,..C...p...s.....p..3v.9u:...D...2..(NL..QB..R.#..>.G^...C..)...(3g.1....8...J....../....*...KKW..Z.^o4....4....v{......:...{...}.....>z..../^.z.....J.?..*...Tk....fk...mS'`....T!......{...(.. ...I..+....!....0?.@.....`~....!...._C...y.............@..7p.1.....ZA....!.W.tB.k..Y+..0.V.|.......8...8v,..k.@.....`~R.>v..C...c.!.7.............v..!......P........`..?6....`~......b~b.G..!.........^.l......]...b~.........`.......`~R........8v.....SDf.s.......

C:\jar\.data\img\favicon.jpg

Download File
Process:C:\Windows\System32\7za.exe
File Type:MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Category:dropped
Size (bytes):15086
Entropy (8bit):5.498658788956263
Encrypted:false
SSDEEP:384:jt2ecCH8I6NtsowmbiphwAG2qHgtMXst0o:B2lbdKPXGZ8t0o
MD5:AFB47AB69591AB1E78C07E1CE5163E66
SHA1:0BC6651A6D8CBF9BF81E8B8C64EF1E2FB7F3AF17
SHA-256:3B7794524228EA56CB62C63E29C182DFC01DEC2F6F3AF1A17947248C00AB615B
SHA-512:956F82B47108933ECE4F91CE1107C48F159FCF396F77DC48F4220032CCF9D110680E87ACC80868827692D528F26D3C721436F367047FE935C0BC27910A804927
Malicious:false
Preview:......00.... ..%..6... .... ......%........ .h....6..(...0...`..... ......$......................................................................................J...J..-J..XJ...J...J...J...J...J...J...J..tJ..JJ..!J...............................................................................................................................J...J..6J..}J...I...G...D...A...?...>...>...?...A...D...G...I...J...J..fJ..#J...........................................................................................................J...J..OJ...I...D...<...4.......+...)...)...(...(...)...*...+.../...6...>...E...I...J...J..3J...........................................................................................J...J..=J...H...@...4...,...(...'...(...(...(...(...(...(...(...(...(...(...'...(...-...6...B...I...J...J.. ................................................................................J...J...I...B...3...*...'...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...+...6.

C:\jar\.data\img\lightning_icon_155196.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):15351
Entropy (8bit):7.817955934478813
Encrypted:false
SSDEEP:384:q99Usj1bQlh8yQd4hWu2kVVIHiUYR7//ld6XD5:qfUMyh8yQdmWu2kVSHivRqXt
MD5:24DE0F7DEDADC3D9E21D3590BEB7399D
SHA1:BA703C4F4D6314B2AB3A92A629AAB3AB1B9D6C46
SHA-256:72018E20413BA7AD9645F9D4F581B0EF4793BF27F3FAFBFCB7253261C7B5A64D
SHA-512:9D492A534303013754E6F3576BDEA25B116960846B65331A040529A36E6E114ABD7600FC5D6D615354A549FBF717151E1C42095D8EA0BC6E18591B3030DF623F
Malicious:false
Preview:.PNG........IHDR..............x....;.IDATx...{.T....w.U}.[.}.....HDg4J......&...l&..=.....$..[.s.y...#.As...D3.$.......k&..3.jC..M.}..nk...#L...Z]U.|?.&..m..o.....y....X.... ......!....b......b... ......!....b......b... ......!....b......b... ......!....b......b... ......!....b......Jh..A3...T__.I...'......y^R...dYVADv....^.2e....^.....y....5kVc......}..%"R........-.L~}xx...1(...bm.......yc..D$.....gY..........Aq8..K.W..q.......4.\)...dX..-.....HSS... .... v.........".. .....P(<...C..G....=<<..p....u].[...?===.v.....b#.H.)..?..F.. ..1.]r.%.uww;.-x'.. .jjj.......Z.. nl.......x+..D^&..W(.....@.1.2.q....[1. .V.^]322.5..j..qf..'.J...?a.@....?.ID...@.r..............4c............q]...;.+....../..?.(.......8..+...L&3odd.ya...8...U.P..vG.q.#.r..m.....1....`.@..R...1.iw.xw..-mmmm..;..D...."...@p9....#.......p..y..;....yK.........o.n.pd......w........Ed.v..#.<o.vC.1. .zzz.B.p.v...5i..... ......u....P4..<..R......v\.U..@I...W..z.D.c......$.{.7];".8..j]]].....v.

C:\jar\.data\img\photo_2024-02-29_19-36-11.jpg

Download File
Process:C:\Windows\System32\7za.exe
File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 883x883, components 1
Category:dropped
Size (bytes):29841
Entropy (8bit):7.698031697995659
Encrypted:false
SSDEEP:768:tAfAdqiCl5KIpv+aHZXQCq6tszlPg4Cjsm+kQ9VGO9dq6EjFFKOs1EoJqSF:8OClwI9HFFtglPgedGSdq6EjfnqJp
MD5:64943CD0BD055379E48F85677CD5D89F
SHA1:36169F7B4D4EB575853343E398487665E64EB338
SHA-256:7E3A37BEA32E13917DA0DD87ABB413A2369226ED4F5B655B00CBBA5D2074FDB2
SHA-512:387CC455B6833759E329C874409B403C9C64485E3A9CB1DE7A0D0DD846BFFC6F378AB7DABEEDD5932CD1B9C8418B5D62ECF5FA1FD838757A6E02532BB54FD600
Malicious:false
Preview:......JFIF.....H.H.....C.......................................................................s.s..".................................................n+..x^G...p.rv{......IL.............(........<.yaH..................%6].8...........UTP/........(.........../<......v._`.........o......Jo.g.........._........A..@.........W.......'ZFh......*...........4'|........*...................`..........xhnp......}.>@.......&.........e..........z.~......K...........L........|`.........Z......A.O.........._.......>G............@.....>p..................w...........ik.....c.............W...8.]p..........;..V...y............(......._.....K..........gS...#.y....,-..@.......$rJ.".......j....$.*...s0...9=.$.I$..A.........*......J....R.... ..$rI....a. ..u....~)....-.....| .....G$..=.@...........8.......R.Gq..&.6G.}...y.D.=.....-....K4e.............@._...2.R....h....1S..ekP......wv..C......m.....6.96t....+L....@..U.......@..a........*....ooz...S....=.?..O...ol{.....s....A.f.H..{z.....5

C:\jar\.data\img\photo_2024-03-03_12-40-06.jpg

Download File
Process:C:\Windows\System32\7za.exe
File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, components 3
Category:dropped
Size (bytes):18334
Entropy (8bit):7.968875354966066
Encrypted:false
SSDEEP:384:ISRvATyV0gK0wIrw+8M5nSVtc/3ev6ye037wwtXlc5hdk8:RFiIGknSFCyLBXlAdP
MD5:883AF471F631AE7AD92E0B7A65922312
SHA1:4354F9BEEB116509DBE272087E021DCF5C09592A
SHA-256:B9D753A693F5D3DD3588AC374A73A925223B7FE77251E253A183E83B01490F64
SHA-512:ADBCF9B5FE46E3AA0672CCBDE85B581C82F501AC16BB3DE501A077EF9473D3BAA1B6A2950A8711C684E6AF46EF82058E1CD46088CDD260BD8F48D019F4871B08
Malicious:false
Preview:......JFIF.....`.`.....C....................................................................C............................................................................".........................................X............................!1AQa.."2BRq#3..br........$C.....%4D.....FSTUs.....6Vc.....................................4..........................!1A"Qa....2q...3B..#.$br............?....Y....=....P+.o...u.l.s..].4s...0......9:.i.C^.....:...=U*..<|.`..5+..v.]. Z.+..Q..........?...y. .....z.Z1S.;.@t..V.T..>8M!.9Y$6;..}..t..=.T.....4^..P#....7.'?H.S.N.c.O.....i.m.t!y)%+.....Le...Cb.7.<....m.G<$x`...].!.`h.*......,..Z..S....8...(..%..h....;.......a.........uN.@..I.Nb.*....;.*U.......T......HM'T.j.[. ...*....C.DWa. !.=.x......1.2..mi....b.....'Z......o....H.U...<.!:...l.*.l../X....f.O.U/FFn....Q...(.............d.I.=..4...sU6s..:..MZ.#.....S.O....n.v....Mi.2....o.....uSI...u..} .....w.ht8@o]F....T..hev..|........s...U..'..rU.f...u.M...7!.JtZ.s

C:\jar\.data\img\photo_2024-03-04_18-39-39.jpg

Download File
Process:C:\Windows\System32\7za.exe
File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1000x1000, components 3
Category:dropped
Size (bytes):58506
Entropy (8bit):7.8951205036140895
Encrypted:false
SSDEEP:1536:PBO2tFva0DxnRp6/GI5QA/a0v5G+cH3yakQNxjM:PBh9ampZLev5G+bCNxQ
MD5:A67FF506E7E30D74CB3D67C0315FAC95
SHA1:8E413F458E5A0327B774DC700DF2584FD3D1DD21
SHA-256:00628A85D4F44A0B2B40A3D22FB6A5BBB3CFAFF0F7EED6321EBE76597D030073
SHA-512:2AD613FEC9EC699401B569F832DC707B84BBFB08E30418B44AF8CD9257F41F660378817B5083716814CEC55A89017BF8900B886736EB82E244145F3CB95FBF45
Malicious:false
Preview:......JFIF.....H.H.....(ICC_PROFILE...............mntrRGB XYZ ............acsp.......................................-....................................................desc.......trXYZ...d....gXYZ...x....bXYZ........rTRC.......(gTRC.......(bTRC.......(wtpt........cprt.......<mluc............enUS...X.....s.R.G.B................................................................................XYZ ......o...8.....XYZ ......b.........XYZ ......$.........para..........ff......Y.......[........XYZ ...............-mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6...C....................................................................C............................................................................"....................................................................................@..,e.X.....DQ.R.,.Q.W.7C@TE@E......(Y`......e....A.T\.K,T.Q...B.4..............5..A@K.L..*........L.%..n6\..RP.2..E. ....R..E,P.. .1J.."....U.V...................9..y!...2...e\.b..-J..c

C:\jar\.data\img\trophy_jewelry_winner_win_treasure_gift_blue_diamond_game_icon_262398.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):78827
Entropy (8bit):7.958337767791073
Encrypted:false
SSDEEP:1536:V+02zxVFq0XHRPp3GU73CWRbq/vDPlVY3xeTmnLb8QjWGdZwKPUSrd:Vl2vFqEHRPp2U73nb2563mm39WmZwKb
MD5:DAE4183C19FEDD173AB93B03FD1833FB
SHA1:198AF1AF35AC5CA51708477A1E5E1F5A9DDD4C65
SHA-256:426C61EA5F19A1935C401F7352D616902458DBA44DCA5F30D0DE477CF8550F20
SHA-512:63BEA9647C286B1284ABEA088D8E84188A84F0D5D67A3B97D21FD411912A37A05C2AFFB8229EACCC3224C2F53C67B1875110AAA8716AFDE03FF36C442ADA80ED
Malicious:false
Preview:.PNG........IHDR..............x......IDATx..g`#...gf.,.l......R.N .BK.$.B.TRHH...M#..{_.CI..@.!=!t..[.]{w.lY]3s......uFV......9s,.<.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.{...b...........@;...>......B....H....pNL......e..m.... g..:F)...?..{. U.ys8.....p8.$...A.....v)..c.....p....pN........z.y ...!...).....S*.rO..Y..5x...n..........~...sb..l8......"./.iZ.....V[0.y.....p.?\..p...i..!...B...f....>]...p8......,..z........B...p.....|..g.....'O...;(........W.rrG....~N...8.......>.......=........r?/..Y|.,..G;..._@..,...G...Z.nH. ...~......p..\..p4....2..a...] W....1...i..f3I......p.....p4...y=...}6...am...o-...@.......r.-..x...~~...x.....HK]].H...f.|....qv{3$......6.a.. v.c.7.Nq[.}.ptO....,..Y..a....(..=...*..q6...B.hj..h..J.R.#...r..I.r[[C..^....8.......|..&..j.....FPU..fE.....T"..h......]P.4.........[]...p8..W.8...

C:\jar\.inc\jurl.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):113500
Entropy (8bit):6.173466348380044
Encrypted:false
SSDEEP:3072:lysIloYDjglXj8GdGqSPZcClgVPCZqKz31bxAbFPcDTF:8rEXd1nCVEPM
MD5:7E6987AC1E5D15EA89C2E58DCA530C86
SHA1:21AF1CD19786B9D1BF0DD50F8B3E25693D232568
SHA-256:512A842FB8F6E93CA9FBB0F5959A5D7325D7D0FA0C33BC14901678DB6C89DD5B
SHA-512:CCA90894EC6B02DD0FB0C3AE655A6928B139557C223B8DD56E3D3259F374CE983618C76C9C6C0EB53F97EB54CA1D482D92D5420C2F938DF9F48D7A3E8361BD30
Malicious:false
Preview:..J..3S........u..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\.inc\jurl.php...-.-$php_module_maea04cd81f8945849f25ff1ea7b4688f............Unknown.......................curl_init...3.3$php_module_maea04cd81f8945849f25ff1ea7b4688f_func0............................C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\.inc\jurl.php.......................url...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\.inc\jurl.php..........NULL.......b.......2.s..3$php_module_maea04cd81f8945849f25ff1ea7b4688f_func0......php/runtime/lang/BaseObject......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\.inc\jurl.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[L

C:\jar\.packages\app.pkg

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text
Category:dropped
Size (bytes):74
Entropy (8bit):4.111367136356229
Encrypted:false
SSDEEP:3:3kaX3VTIKmkPmDjmolFp:0aHVEKT0jflj
MD5:FF51C1DE5FD505614D35C638851E7714
SHA1:C3FDD132912E54960E348820202AAF58DFD551C0
SHA-256:FE06FF97DB144044D8F825AC9F2EAF3C92CA470691CDCAFD203CC726CC485B45
SHA-512:D2E88CA5E75F8C0D1455A91311979601C28B78A4DCEDBD29022B0C6213020CA311D6CE1C7D5700ED1398001B503856983F56A9B3890B9380CD475750D50E0FC1
Malicious:false
Preview:[classes].app\forms\MainForm.app\modules\AppModule.app\modules\MainModule.

C:\jar\.packages\httpclient.pkg

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):143
Entropy (8bit):4.273001500578649
Encrypted:false
SSDEEP:3:3yHQLENRVyFRovHZNRV6uHZNRV+9O4INRVcSZ2XKNRVjen:CwkfH98uH949Yu4XE
MD5:382775992447817E2371490B7C83C518
SHA1:E09691678F15414184CB4D2DECA9A4E8CD5F83EC
SHA-256:BBA2F9DABAA926EEFF51C9F4A84EB66BF1CB618782E4784C9424549E38AFDC30
SHA-512:C6D857155D6B6899F323615F1964AEFD4CD7137CE42AB3F08971958684D8A6CC32007C6CF2083B83D7A9C3A3E66000707C15D7BDE0221859530A3EE72BE2E568
Malicious:false
Preview:[classes]..bundle\http\HttpAsyncResponse..bundle\http\HttpChecker..bundle\http\HttpClient..bundle\http\HttpDownloader..bundle\http\HttpResponse

C:\jar\.packages\jurl.pkg

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):146
Entropy (8bit):4.51616781556568
Encrypted:false
SSDEEP:3:3yHQLEPiK8PiKcKBMNo4LBWPiKb2XKPiKyGwNo4LBWPiKHovnZ8An:CwbKfKc1fLB1KbmKyFfLB1KHovn3n
MD5:19609145DFD3765AEC5E1540F3BFC95A
SHA1:FB8CB04250418DC7E17014AE724215DFBDE5011D
SHA-256:85369D9B879F076921532D2E73FC63C1A712D6812B7C7EC2BDA2C02DDFA78407
SHA-512:5683766D7875E7254D18AE909E9F275200EF0C2AADEE71BC3283E2A74844ADC4E69BFC2F514ED43638D6AB4D4270084DEBC0838DEB808186F49F00143C25BDCA
Malicious:false
Preview:[classes]..bundle\jurl\jURL..bundle\jurl\jURLAbortException..bundle\jurl\jURLDownloader..bundle\jurl\jURLException..bundle\jurl\jURLFile..cURLFile

C:\jar\.system\application.conf

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):211
Entropy (8bit):5.072561563738107
Encrypted:false
SSDEEP:6:S4bOamX7V53/R9yNFak1M3W8bFSR2uNSy8uyoAEn:FwLXbJ53WwSR9Ay8uDn
MD5:3F703D789F803B33657D3E3CD9132C03
SHA1:DCD1FBF463CACFE4497246EB0E91EA315018E0C3
SHA-256:43D7C6698D58CF6895D2D575C30F7D156CA17FE68C12C04C87A02C95258CBE4A
SHA-512:1549D95BC849C981F854736DD6D1E8A6CB21741B7435D014B09C46B09A73791E1B703F13EB5F85FE46071F63816850F4891FACF3A4DCDACCA080741795AEC5A1
Malicious:false
Preview:# MAIN CONFIGURATION....app.name = 215..app.uuid = 6ccf8f8e-fb00-441b-a0f5-f3bc2fa6619b..app.version = 1....# APP..app.namespace = app..app.mainForm = MainForm..app.showMainForm = 1....app.fx.splash.autoHide = 0

C:\jar\.theme\style.fx.css

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text
Category:dropped
Size (bytes):76
Entropy (8bit):4.776237099865107
Encrypted:false
SSDEEP:3:UuTyAFSFSMcX20vhp9YXdL5:Uu0FS5OXdt
MD5:0F8A8BD7A94BA296BF8CCF7BEC06B537
SHA1:3052786977903E6CECF3F0A0B198B882BBD800F6
SHA-256:A0BC4CC14B7993BF7F55EFBDE33C0FC50AF02A1648078ECD53554A8749D394CD
SHA-512:A204A9896135269EC2888AE618F0CF2370CE890E309961380496E990B6F7846AA6A7B6039164AF9502B39BC100BC8BFEDBF29F4EB409573567C1B563262AA533
Malicious:false
Preview:/* JavaFX CSS Style with -fx- prefix */...progressBar{.-fx-accent: orange;.}

C:\jar\App.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):6364
Entropy (8bit):5.5312088632006375
Encrypted:false
SSDEEP:96:/i3eQO2lM8WyG9JLND9DWvvEvFlvGfE/EPCKmeeQO2lM+FSIWGC4MloO:24pWvClussaKmGFS7GCplP
MD5:53A8E939B6EA6C9EC5A4F5970D7AC6E0
SHA1:E131128D7FC33E3EA54F0CBAF2A2D12E50A1880A
SHA-256:68D53EA8E7C0652CA87B6FE9F54DFB4E739CC7C5C213506F85C8BF4DDA79BA61
SHA-512:2D0E5D76E4F470DB3B3E466B80C5147825F124645F3798F0DD64F08C439B53D92ECDF282FC9B585FE1EE60107FF390FA0C421C59ACF5E747459B038C64F1825B
Malicious:false
Preview:..J..3S...........1952586485~583...-.-$php_module_me9d72238bb304573b76729af633eb323............Unknown.................................App...4.4$php_module_me9d72238bb304573b76729af633eb323_class0...........Unknown.....................................................pid......pid$0...........Unknown.........................................name......name$1...........Unknown.........................................version......version$2...........Unknown.........................................shutdown......shutdown$3...........Unknown.........................................later......later$4.... ......Unknown.......................callback.... ...#..Unknown...................................2....4$php_module_me9d72238bb304573b76729af633eb323_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_MET

C:\jar\Async.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3807
Entropy (8bit):5.526613414311405
Encrypted:false
SSDEEP:96:ikheQO2lMwlQ2ueQO2lM+FSIWGC4MloO:hrldWFS7GCplP
MD5:1EAC6FD6D1A57F8D7B2E0748126EB611
SHA1:263AE6445897CF040EEB8F102B28C5CF97410521
SHA-256:956CB4908715D9C3967354FAF7AD3F0F47C00339F87C2396BF5CB54A3EE1C857
SHA-512:77C6EB7B5E707CF0B6BD04F6C8D73AE8959D913D01D297DF5226BF970F3A3A79678FD9B11CC98D9F58691691865E56C06EB3D9A40098F64DB815352063907563
Malicious:false
Preview:..J..3S...........-1597522967~110...-.-$php_module_mf7a9698eccda48abab9243fa675da7f7............Unknown.................................Async...4.4$php_module_mf7a9698eccda48abab9243fa675da7f7_class0...........Unknown......facade\Async.........................../.......2.N..4$php_module_mf7a9698eccda48abab9243fa675da7f7_class0.....4$php_module_mbbb25fa0d2194eb8a731a53639f667d0_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...Async......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.............~this..6L$php_module_mf7a9698eccda48abab9243f

C:\jar\Dialog.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8151
Entropy (8bit):5.498564833952723
Encrypted:false
SSDEEP:96:G0lftygdmIMgVeQO2lMR1CD29yC95l+8WGNoeQO2lM+FSIWGC4MloO:G0/yLDyNC/lYG+FS7GCplP
MD5:3EE3F2EB284F752CE16144FEED25A7A2
SHA1:4ADDAA7B4EA9CED6178582FC7B671724A5883628
SHA-256:6B1EDE17A9D343D882D9650B16D4882ACB478960B65EC5E8674FA7956D37494D
SHA-512:50AA689C0CB660E2D9A871B6B50A940E12F6BA881BEB181FDBACC800AD75B55B4B92531BC1C1C26EBBD9693F77C3E5708791087C034C76873A73C672255DBCEE
Malicious:false
Preview:..J..3S...........1825166875~1421...-.-$php_module_m491e563eb6214e3b8091ca41a4cecc38............Unknown.................................Dialog...4.4$php_module_m491e563eb6214e3b8091ca41a4cecc38_class0...........Unknown.....................>.@param string $text.@param string $type..@return null|string................................show......show$0...........Unknown.......................text...........Unknown...............................type........ ..Unknown......INFORMATION.............7.@param $text.@param string $type..@return null|string................................message......message$1...........Unknown.......................text...........Unknown...............................type........#..Unknown......INFORMATION.............7.@param $text.@param string $type..@return null|string................................alert......alert$2....'......Unknown.......................text....'......Unknown...............................type....'...!..Unknown......INFORMATION............

C:\jar\Files.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):11534
Entropy (8bit):5.330279408567682
Encrypted:false
SSDEEP:192:dOW6MCiai2yV2v3FcB/j4lipTmyIUSCMFS7GCplP:dOW6ri25v3FK4s03Cp
MD5:01554C74D6A4B2574B9D1AA0AE26F7D3
SHA1:55AE91AFFC0BF9B303D118E1B66DE3939C45EC87
SHA-256:F876007CA8FAC52BF20DE95A93DFF1F46C17CCE761C1BDA5F8F33B702A4C0BAE
SHA-512:A62456F26B7DCE7E21E0CF8044B68FD7C38ECFE7A0666386E90BDD096ECA4A7FA327344EDDC594CA20CB43258FA694C1907A60ACD0E54A62509BDFB885556907
Malicious:false
Preview:..J..3S...........1469378100~1664...-.-$php_module_mb9eb6f0491574385bfe2aa93849c1653............Unknown.................................Files...4.4$php_module_mb9eb6f0491574385bfe2aa93849c1653_class0...........Unknown.....................................................exists......exists$0...........Unknown.......................path...........Unknown.................................................isFile......isFile$1...........Unknown.......................path...........Unknown.................................................isDir......isDir$2...........Unknown.......................path...........Unknown.................................................isDirectory......isDirectory$3...........Unknown.......................path........ ..Unknown.................................................isHidden......isHidden$4.... ......Unknown.......................path.... ......Unknown.................................................delete......delete$5....%......Unknown....................

C:\jar\JPHP-INFO\sdk\php\desktop\HotKeyManager.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):5440
Entropy (8bit):5.35835745942878
Encrypted:false
SSDEEP:96:0MU4lSQweQO2lM6WejM7L2lmNdyZH/GeQO2lM+FSIWGC4MloO:0MU4lSQAxjM7L2l4FS7GCplP
MD5:905CDE7551519BF2C57DF46DEF748E2D
SHA1:50D29F058B227A0D3C8F9825926401A4AACD7214
SHA-256:4EFA26ED014E91378871C1C1DAAAB0B126E536C551DC2FAB6152BB41D72D2F83
SHA-512:F2E2FE6FB7A51B75697D61BB4869B32AD1E4A3AC8F0C6CE6320D66D137F1F7D5DB9DFD0BBDECAEFC22EFDD85F84A1C4A7D659826660779B823F8E7B8AD8EE310
Malicious:false
Preview:..J..3S...........-1655202432~628...-.-$php_module_md392cb56a19f43ffa7a5b08900c471c5............Unknown.................................php\desktop\HotKeyManager...4.4$php_module_md392cb56a19f43ffa7a5b08900c471c5_class0...........Unknown.....................................................__construct......__construct$0...........Unknown........./.@param string $keys.@param callable $callback................................register......register$1...........Unknown.......................keys...........Unknown...............................callback........-..Unknown.................3.@param string $mediaKey.@param callable $callback................................registerMedia......registerMedia$2...........Unknown.......................mediaKey........"..Unknown...............................callback........6..Unknown...................Reset all hotkeys.................................reset......reset$3.... ......Unknown...........Stop all hotkeys.................................__destr

C:\jar\JPHP-INF\.bootstrap

Download File
Process:C:\Windows\System32\7za.exe
File Type:PHP script, ASCII text, with CRLF, LF line terminators
Category:dropped
Size (bytes):414
Entropy (8bit):5.119704460438733
Encrypted:false
SSDEEP:6:Wacb3KXW2aeqvI3KXWplXGqaeuI3NAaBfy4ybaW4jSsFa53TaGEmHEULSHMlmHEF:Wacb3Q33lXC8eGy4yNkgTHxEUEEGUD
MD5:14DBAC85D577C5877DDA4D674C7C85B7
SHA1:5D368F52CE37B289A0C0760D77037B43425600FE
SHA-256:D1886A6EB5BB3071066825AB0FF9FCCB3923207C93BB9070C4B7E6868DAA57A9
SHA-512:BDA9BE2CF3E99905210F51679E06B994D63A5D0A519A2AA664E9D3F40B1CFB25AC3119F691FF7DBAF9A2988406C506A9EE730149ED79B46C2CBF272D7203958B
Malicious:false
Preview:<?php....// Generated.....use php\framework\FrameworkPackageLoader;..use php\gui\framework\Application;........$packageLoader = new FrameworkPackageLoader();..$packageLoader->register();....$app = new Application();..include 'res://.inc/jurl.phb'; ..$app->loadModules(array (. 0 => 'app\modules\AppModule',.));.$app->addStyle('/jfoenix-custom.fx.css');.$app->addStyle('/.theme/style.fx.css');..$app->launch();....

C:\jar\JPHP-INF\launcher.conf

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):105
Entropy (8bit):5.02536537588204
Encrypted:false
SSDEEP:3:S4bmkqq8aqLENYFXtvr9KRWxEVdLSNKo8VNZX1twG:S4bOaqLEKF9zhEmdEjLwG
MD5:EFEE9D810E3D8F7642B41C3B326580B7
SHA1:150D05C0E659AD6E0B97425400C6CBE516236C43
SHA-256:151459B17C9EB02B9EF907E67AA469316E28F1A0645F19531DBDE57EB7548C51
SHA-512:D3437CCBF35172CCD8ECD97D986F40FCC95C913842F09DD4117EB49BA461D964748C60E8624C7F27A43771169A5700CDC47FE8DACF070F33B06BFDCF1A3A2B68
Malicious:false
Preview:# MAIN CONFIGURATION....bootstrap.file = res://JPHP-INF/.bootstrap....fx.splash=..fx.splash.alwaysOnTop=0

C:\jar\META-INF\MANIFEST.MF

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):104
Entropy (8bit):4.8611088928700505
Encrypted:false
SSDEEP:3:ZLCAWIzBEYtKEi8H38UpLVPdNsRgmMgX84oa:1KItJtf9H3FpLVQwuoa
MD5:BACD5CABC168C0128332BD1185748EF8
SHA1:C77D1E915087F38E50D78AB4615A38E4D2436FF5
SHA-256:9AEF17310B353E8DA0DF9551A57DB36098F8C33C0B3D1F72D3DD0E1E7A364082
SHA-512:2412DFE0BD86BF619368A16B9E2AF31083BAA4DD0B96AF56BA9FD9849EF816D9E9758F5EECBFFFE9EB47852F09E6E8FDA6119472B69B80227546889CDDF27589
Malicious:false
Preview:Manifest-Version: 1.0..Ant-Version: Apache Ant 1.9.7..Created-By: 1.8.0_101-b13 (Oracle Corporation)....

C:\jar\action\ActionsSupport.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2789
Entropy (8bit):5.393250878408153
Encrypted:false
SSDEEP:48:8FR1EzsYRN+C5C/W0P/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgF:8FRMzfgW0SeQO2lM+FSIWGC4MloO
MD5:CEFBCC80ED3155B0A742E979C174F3D6
SHA1:4A8E21AF4FDCAF228FB08BFB06F3E55105BB4127
SHA-256:91B076FB7F8004B42802A206DD6D89315BB4EFA3EB153C243A9A5B90AE469E51
SHA-512:3D439B2981ABEC0CD7B5041718D4C2F978DA16B4AECD35B5276ADAD72722883D0092ECB14F786640415B5ADBB83AC5BDFA49AB4F125AC47728CDDD8F9FA1F1B5
Malicious:false
Preview:..J..3S...........-197641532~572...-.-$php_module_m464c397cd9b74b32b59e26671898583b............Unknown.................................action\ActionsSupport...4.4$php_module_m464c397cd9b74b32b59e26671898583b_class0...........Unknown.....................*.@param string $name.@return AbstractForm................................form......form$0...........Unknown.......................name...........Unknown...................@return AbstractForm................................getContextForm......getContextForm$1...........Unknown...........@return mixed................................getContextFormName......getContextFormName$2...........Unknown...........@param ...$args.@return mixed................................data......data$3....!......Unknown.......................args....!......Unknown...........................................2.]..-$php_module_m464c397cd9b74b32b59e26671898583b......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$M

C:\jar\action\ActionsSupportTrait.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8880
Entropy (8bit):5.705101000634182
Encrypted:false
SSDEEP:192:qTxLCYFyBqslXPuke6Ulsi4mivW6jbuXFS7GCplP:QeuZouCUmNFICp
MD5:2FE1671F8DE9951E30C0236CD6B20336
SHA1:38A2ABF552EEF640E5BCAE457202C71CC07E7E36
SHA-256:40B3B3531923B29F92B582CB5EA4A79002B153208C2605F5116D85A098ADC5C9
SHA-512:BC2E8CE368D14C595FAF8B217E841A9D24441F3500234345F2B18F4495D60850F099BD207A6A34F9E9A87EEFAC2F9A7AC7B5D4C5D37C48C461819EFD414A012C
Malicious:false
Preview:..J..3S...........696768756~971...-.-$php_module_m69718cbb7e34487f9f53447a05e0a0b1............Unknown.................................action\ActionsSupportTrait...4.4$php_module_m69718cbb7e34487f9f53447a05e0a0b1_class0...........Unknown.....................................................form......form$0...........Unknown.......................name...........Unknown...................@return AbstractForm................................getContextForm......getContextForm$1...........Unknown...........@return string................................getContextFormName......getContextFormName$2...........Unknown.........@.@param ...$args.@return mixed.@throws IllegalArgumentException................................data......data$3...."......Unknown.......................args...."......Unknown...................................2.(..4$php_module_m69718cbb7e34487f9f53447a05e0a0b1_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...

C:\jar\action\Animation.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):45192
Entropy (8bit):5.766877069891498
Encrypted:false
SSDEEP:768:AkyNP2tSc4GltLyCQhVj50XZKm2DErwvnq3QoxQUzvcp:AkyNOtSc4GltmthV10pd4voBx58
MD5:19EA5030F5E901F4BE97855CC178DDBB
SHA1:3D48B88AD8890F18A17228105D032D6F6715FA14
SHA-256:9B5F2DE1506397A54C6D5444F46164682C1D695B97DED76A31809C69F2110BEB
SHA-512:8C60E3D140C4FBA0A21C74BD0AF19EDAB1FAECAE98AE91A1DEBCE67B5FB2234E66CF202253292FB3E70F419C433CCF5BFCEF8C78CF4855FF4ABACEEE0CE45B84
Malicious:false
Preview:..J..3S...........-1025429230~7343...-.-$php_module_mdce0c1da868547588a243595308a55ad............Unknown...........6.6$php_module_mdce0c1da868547588a243595308a55ad_closure0..................................__invoke......__invoke....*......Unknown...................}.......2.y..6$php_module_mdce0c1da868547588a243595308a55ad_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\action\Collision.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8510
Entropy (8bit):5.830559107559839
Encrypted:false
SSDEEP:192:faPeZwge2eJqKJrqCcGHslmN+Hys6LzVageFS7GCplP:famqge22qKNqddgcHys6LzVagyCp
MD5:B3669C24C893E3804559DD0B63C1766F
SHA1:527D6102FAB1D831F19658DC04951E546ECCCBA4
SHA-256:9B127FDAEEF47270752B04EA911F5A0146CC01896A8DE96981A87A62BE6D0A83
SHA-512:9E7E1D4A3DED5680388C5A7EA3B586467397AE3F0D3DBD38A9319DDDED6A904A11245FE431BF10E020B27BF374973A84EF52EAA8884585093796CE9134B7910C
Malicious:false
Preview:..J..3S...........-780471~1406...-.-$php_module_mf69b0b438fa34421b155f04774bb34ff............Unknown.................................action\Collision...4.4$php_module_mf69b0b438fa34421b155f04774bb34ff_class0...........Unknown.......................--RU--....... ...... .. ....... .......................: Collision::bounce($this->object, $event->normal)..@param $object.@param array $normal [x, y].@param float|int $bounciness................................bounce......bounce$0...........Unknown.......................object...........Unknown...............................normal........*..Unknown...............................bounciness........3..Unknown....?......................................2.*..4$php_module_mf69b0b438fa34421b155f04774bb34ff_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/i

C:\jar\action\Element.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):37158
Entropy (8bit):5.8435338123140115
Encrypted:false
SSDEEP:384:L8ljMATewya3+JO7nifKfW/Od2ialm4Q4tNVjs4R8KPMyODtisZCp:eAAP3yynO6WGdB8cQVRR8M+tissp
MD5:2361EF02870024C1F2F72B4940FD4096
SHA1:BF649C3EDA616A93EAD0CB4FBEE1980B55B71A33
SHA-256:ABAD47EC6429E0D7BBB77C26EAA8E4FECBA6BA610CCC7E78B58652DF7D5D14EC
SHA-512:EC10FCAF513A2B88DE1A4C8A5D34CAE83AC8012EFBCD4C5B7C5CB31F669E237DA9317E005EA5C29B68497AD1C864C83C8C3409ED56ABD324308FFF8AB7206171
Malicious:false
Preview:..J..3S...........-818342899~7953...-.-$php_module_mffee698667dc46e78bacfecb915649bf............Unknown...........6.6$php_module_mffee698667dc46e78bacfecb915649bf_closure0..................................__invoke......__invoke........'..Unknown...................i.......2.~..6$php_module_mffee698667dc46e78bacfecb915649bf_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\action\Geometry.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10092
Entropy (8bit):5.826839909820305
Encrypted:false
SSDEEP:192:xJSVM1gtWxHY80SaqA+lX7bL6LwK7r10qPU3fqgbrSFS7GCplP:fd1ggYN+d7v6LwKn1hPcfqgbyCp
MD5:59FBE35E9F93852922D65EDB3A859F34
SHA1:71B8DDB762BFF20760C89C9166224A0BE9AF5B72
SHA-256:61AD0C6AFF8E1E816C9B65CB2AB30C632766C1CB7BA3F93B79A7E4F8CED389EF
SHA-512:632508A5CE14B1374AF42A9920C6ADF5892B50353D6B5E5C1ABF5F5B9C6006053EADD7C7146C3CFA0DB7B85F9DD70080BACE403D194F0C762ABFA7D0FE0C2E28
Malicious:false
Preview:..J..3S...........1447647274~2139...-.-$php_module_m613f800f0ae54ee99ef9dac1ed990cb2............Unknown.................................action\Geometry...4.4$php_module_m613f800f0ae54ee99ef9dac1ed990cb2_class0...........Unknown...................../.@param $what.@param $x.@param $y.@return bool................................hasPoint......hasPoint$0...........Unknown.......................what...........Unknown...............................x........$..Unknown...............................y........(..Unknown.................H.@param object $one.@param object $two.@param string $type.@return bool................................intersect......intersect$1....(......Unknown.......................one....(......Unknown...............................two....(...$..Unknown...............................type....(...*..Unknown......RECTANGLE.......................`.......2.X..4$php_module_m613f800f0ae54ee99ef9dac1ed990cb2_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$T

C:\jar\action\Media.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):9625
Entropy (8bit):5.604251777252505
Encrypted:false
SSDEEP:192:OwlG/qsWkIET1qzklvNtvbOJwsFS7GCplP:OwlGikBT1sk/JbOJCp
MD5:465799F869D068FF4ADB7979C209598F
SHA1:0157EE08C3D00EE9FE5BDD6A2D8D6B7D3DE95559
SHA-256:4B45D5C5C6BB169283BCA5DF50F23FACA834FD06D2D00790ADD303B83E96A437
SHA-512:813C6CF60741599304E973FD48D263E819B0D00BDC6CCE4E1923DAE82F227A09A49CF5D70247A3917D00A6F6996B23C404FE655373084F48CAE591A81082FA4C
Malicious:false
Preview:..J..3S...........1010633375~1447...-.-$php_module_ma8bbc8d301b447f4a8b15f3ef97b132c............Unknown.................................action\Media...4.4$php_module_ma8bbc8d301b447f4a8b15f3ef97b132c_class0...........Unknown.......................players...........Unknown......................9.@param $id.@return MediaPlayerScript.@throws \Exception................................fetchPlayer......fetchPlayer$0...........Unknown.......................id........*..Unknown.................................................open......open$1....*......Unknown.......................file....*......Unknown...............................autoPlay....*... ..Unknown...........true.......................id....*...2..Unknown......general.............................................isStatus......isStatus$2....1......Unknown.......................status....1......Unknown...............................id....1...&..Unknown......general.............................................stop......stop$3....8......

C:\jar\action\Score.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):11012
Entropy (8bit):5.607292736689728
Encrypted:false
SSDEEP:192:PBaUWILIq7ZSej/uYcXczlUoqdLQLT9pbDwNMzFS7GCplP:PBaALIqkejlAWaasMZCp
MD5:DB59E265DB173A84A5B84872C45CD6AD
SHA1:A0C9EA2E321154362B6B2D6089A3BEB9FE688B0A
SHA-256:E44AED19F0FFCFFF4E86C45D3B8DDC728B679308602CA5B68EF6B6492F7E23EF
SHA-512:03031CC5729AC878712034AFA8B4D1DFAF7BC1A9A914CBDEE999AC2FA8D9E191D545B32A0EDA2700126BB95BC53AEA03FA78F1D032C41D5516174624C04C4486
Malicious:false
Preview:..J..3S...........811864815~2504...-.-$php_module_m799df3cac5d64165b13ba0b0530f482a............Unknown.................................action\Score...4.4$php_module_m799df3cac5d64165b13ba0b0530f482a_class0...........Unknown.......................values...........Unknown........................handlers...........Unknown......................#.@param string $name.@param $value................................set......set$0...........Unknown.......................name...........Unknown...............................value...........Unknown................. .@param $name.@param int $value................................inc......inc$1...........Unknown.......................name...........Unknown...............................value...........Unknown...........................@param $name.@return int................................get......get$2....7......Unknown.......................name....7......Unknown.................s.Event variants: beforeChange and afterChange...@param string $event.@

C:\jar\app\forms\MainForm.behaviour

Download File
Process:C:\Windows\System32\7za.exe
File Type:XML 1.0 document, ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):225
Entropy (8bit):4.938986678053181
Encrypted:false
SSDEEP:6:TMVBd6OjlPpaE923Sk3ZIzAqvVcn+yEbZpy:TMHdtbay293uzlWGbby
MD5:5836F64641DB79EBD850041D6E4E8DD2
SHA1:DF1A7BAC5ED91139FFDE30AC8F73C078BAEE5AC8
SHA-256:945ABA411FDD0A018BF9B59BC3051E1F0D692CF95FBE4D4341EBDD3008E80004
SHA-512:C7AC84DF29C8B90B05B828390264BCDB46B603F37700E3F322DCEA8592445156C4D2AB3099063D359167E48ECDAC1AE59EC90EE8BAED0B8DB0790484484F7B32
Malicious:false
Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>..<behaviours>.. <target id="">.. <behaviour animated="1" opacity="0.7" opacityEnabled="" type="behaviour\custom\DraggingFormBehaviour"/>.. </target>..</behaviours>..

C:\jar\app\forms\MainForm.conf

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):172
Entropy (8bit):5.07865681053541
Encrypted:false
SSDEEP:3:uG0XJVg2KjovWXxi9/ZuQiYXBgDKwWcFCF4KYl8XovqJAw5KY4GQYyWXIwJS1twr:R0XJy2KjovQxiCA6MICVXpJAJgJSbw7v
MD5:9437FD7904DE1B2EF5E2FEAB89F6A415
SHA1:44E4D17D44E88B24013FEF361D1C3BAA08AF571A
SHA-256:3E9D5069CA51B86954799EDED9E9CF3F62272A648CE77C4B651564D0E00A25FE
SHA-512:48DE279E30D1A7FB7F1CA95948D7619D8C6958624BEA71701A73079C7C4BBC501CEC0EAB0D5BF39E663D0B91744BB82834560B4A4F711D0E8EBF9F5E24C1F8B0
Malicious:false
Preview:#Fri Jul 26 01:46:03 MSK 2024..form.style=WIDGET..modules=MainModule..form.backgroundColor=\#00000000..form.title=Installer..title=MainForm..form.icon=..form.alwaysOnTop=..

C:\jar\app\forms\MainForm.fxml

Download File
Process:C:\Windows\System32\7za.exe
File Type:XML 1.0 document, ASCII text, with very long lines (883), with CRLF line terminators
Category:dropped
Size (bytes):971
Entropy (8bit):4.994566372307358
Encrypted:false
SSDEEP:12:TMHdtLelXsoG2oMgoUrRpZgEyp8JRodWQVodWM6odWMG+CyodW4fE7tYw0KeMld+:2dtSbvSFlGUjEdwGBMldjgSAubq6+uU
MD5:18DB7E55DBC22B77DBDF48C2C6E6ED9A
SHA1:05B1F02372C39E8AE90D71A2CEF262AD3C839F8B
SHA-256:3F8519790F2CAADB19AD5AFA8D9A06B47130F6604EFAE3E128187F12F6FF4872
SHA-512:6BE68F34E4E355E603375BAB0D303A500666BC1ADB84F379E2C3EE9B4B9BB7A7FD31C2B859F60F21E1C52C2C3EAD1541E3A891CCD8DBD63C9138199DE4FC7F30
Malicious:false
Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>..<?import javafx.scene.*?><?import javafx.collections.*?><?import javafx.scene.layout.*?><?import javafx.scene.control.*?><?import javafx.scene.text.*?><?import javafx.scene.image.*?><?import javafx.scene.shape.*?><?import javafx.scene.paint.*?><?import javafx.scene.web.*?><?import javafx.geometry.*?><?import java.lang.*?><?import org.develnext.jphp.ext.javafx.classes.data.*?><?import org.develnext.jphp.ext.javafx.support.*?><?import org.develnext.jphp.ext.javafx.support.control.*?><?import org.develnext.jphp.ext.game.support.*?><AnchorPane xmlns="http://javafx.com/javafx/8" xmlns:fx="http://javafx.com/fxml/1" AnchorPane.bottomAnchor="0" AnchorPane.leftAnchor="0" AnchorPane.rightAnchor="0" AnchorPane.topAnchor="0" focusTraversable="false" id="" maxHeight="-Infinity" maxWidth="-Infinity" minHeight="-Infinity" minWidth="-Infinity" prefHeight="1" prefWidth="1" styleClass="">.. <children/>..</AnchorPane>..

C:\jar\app\forms\MainForm.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):18248
Entropy (8bit):5.9944808666665415
Encrypted:false
SSDEEP:192:t8qPs6vWzN8gDIXy9sDHloQxEeLCxiMxmCHdw+FMt+M6o0xEpek8QFSXliX:FofDIiGjCQpCt5Hdw+FO+MF0CsMX
MD5:907878034715394AAA870D7251BB66E9
SHA1:CB968C41368C0B861FA12B1607F7A4B6E2E1D4AB
SHA-256:397B64D18825EBC78DDDA962FB334B61BA5E243695E5E38A46F2899394E0CF3B
SHA-512:72C12528A9714806F845C43DE110242590F5CC58E35DB7DCC2043B812F44F67A1F180B136E27C0B20D342B8652D8D6F5972E4E6667817980096DE067F977690D
Malicious:false
Preview:..J..3S........Z.gC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\forms\MainForm.php...-.-$php_module_me05a26984bfe4fea96e37d9d88e47145............Unknown.................................app\forms\MainForm...4.4$php_module_me05a26984bfe4fea96e37d9d88e47145_class0..........gC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\forms\MainForm.php......php\gui\framework\AbstractForm.................FILE1URL......=http://{domain}/auto/7869fe697b38eacd367fdb01cf539f58/217.exe.................FILE2URL........................ISZIP.......................FILENAMEINZIP.......pythonw.exe.................EVENT_SRV.......77.91.77.145...........2.....................................event......event$40....$.....gC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\forms\MainForm.php.......................event....$.....gC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\ap

C:\jar\app\modules\AppModule.behaviour

Download File
Process:C:\Windows\System32\7za.exe
File Type:XML 1.0 document, ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):71
Entropy (8bit):4.84828757029471
Encrypted:false
SSDEEP:3:vFWWMNHU8LdgCaOELA/dPvgby:TMVBd6OjlP3
MD5:065EB700D6ABBAE8DFB94ED8A04A7F6D
SHA1:5E82C39FD2B3785BF8807EE44E866876930B434E
SHA-256:0AA6FFE914BE673CE0E83043AD1ECA2DAB692DD22233A20C40DBB639BC6B9753
SHA-512:D5CA1B52F14C6107E17D341C2B34886130CCF541AE8F22DBD6E19E34EEDDE979BBFA70C3E8228E7C60510240C2AB81E5EA4BD6E3B03795DE8687B43866EA4692
Malicious:false
Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>..<behaviours/>..

C:\jar\app\modules\AppModule.module

Download File
Process:C:\Windows\System32\7za.exe
File Type:JSON data
Category:dropped
Size (bytes):37
Entropy (8bit):3.9182523518230763
Encrypted:false
SSDEEP:3:AdHqVVGM4A:oHLM4A
MD5:9E70AC7620528D210AFA6504AB803EBC
SHA1:08D2238872ADB577BCA8DCC6B842717F89F205EA
SHA-256:DCD302E368DE2B59DDFCD771A86B408140475183F90BD1991C10C6249ED66BCC
SHA-512:8841B0FAA17425529BD5407E2907C9D11BBBA7C4BCE86A70C60901152B448404D7E4B2B8B2263C1E1334F0F039BE4AB1C6A561FA2379886F89D092A3FD170C36
Malicious:false
Preview:{. "props": [],. "components": [].}

C:\jar\app\modules\AppModule.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4331
Entropy (8bit):5.698921986003144
Encrypted:false
SSDEEP:96:WeQO2lMjAxHlqOAceQO2lMYFS8Hcl/eq+X:DOliWFSXliX
MD5:F33B99593F213424D98B103F065B71DC
SHA1:F5A328FF0DDBE7F5E37FFC8769768369F41056DF
SHA-256:216A327FBEC8C7D43AD78FD4EB585E33898CD05B3870E974D7F1362E1FB72EB4
SHA-512:816AA0CDCBDAF1010C72E3849DE2181564F1DFADD7AA1EBE26A8A3A02EC237FEDB2BCF4CE12411D1F3211E87728E6064E6C9B1D48A5DF025D2EC2AD9A0EBA9FA
Malicious:false
Preview:..J..3S........].jC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\AppModule.php...-.-$php_module_m9fa6eceaafc54d46a55fc33d3769b375............Unknown.................................app\modules\AppModule...4.4$php_module_m9fa6eceaafc54d46a55fc33d3769b375_class0..........jC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\AppModule.php... . php\gui\framework\AbstractModule...........".......................2.Q..4$php_module_m9fa6eceaafc54d46a55fc33d3769b375_class0.....4$php_module_ma0f1eb4554c3456ea546773d56da28e3_class0.....jC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\AppModule.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_

C:\jar\app\modules\MainModule.behaviour

Download File
Process:C:\Windows\System32\7za.exe
File Type:XML 1.0 document, ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):71
Entropy (8bit):4.84828757029471
Encrypted:false
SSDEEP:3:vFWWMNHU8LdgCaOELA/dPvgby:TMVBd6OjlP3
MD5:065EB700D6ABBAE8DFB94ED8A04A7F6D
SHA1:5E82C39FD2B3785BF8807EE44E866876930B434E
SHA-256:0AA6FFE914BE673CE0E83043AD1ECA2DAB692DD22233A20C40DBB639BC6B9753
SHA-512:D5CA1B52F14C6107E17D341C2B34886130CCF541AE8F22DBD6E19E34EEDDE979BBFA70C3E8228E7C60510240C2AB81E5EA4BD6E3B03795DE8687B43866EA4692
Malicious:false
Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>..<behaviours/>..

C:\jar\app\modules\MainModule.module

Download File
Process:C:\Windows\System32\7za.exe
File Type:JSON data
Category:dropped
Size (bytes):230
Entropy (8bit):3.8634189835114756
Encrypted:false
SSDEEP:3:AdHqVVGsHFzM9XHOFFF7c8f0pbTyhXivFF/F/HfeX+hF//3Xc/F+ig/FAjt9DCFy:oHLsHiNO/q7zwkig/uj2FIEZm8c
MD5:6994CE449E8C55CA58E7D1C565D638DC
SHA1:7920F2DDD259B644AE0A14D71D29AC9FF1C18198
SHA-256:68206D108E9796EC288482222914FCA453D1CF8BC4E6FF7E7438931574B07E48
SHA-512:6F7CEE28153ACA36C7252B8E0ACE03DE99A807CB09A5B32346569AE8EADD945B16E496BCE025E79892E340D69511F271E6128469240881307D927F783C1E70AB
Malicious:false
Preview:{. "props": [],. "components": {. "timer": {. "type": "script\\TimerScript",. "x": 96,. "y": 64,. "props": {. "interval": 500,. "repeatable": "1",. "autoStart": "1". }. }. }.}

C:\jar\app\modules\MainModule.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4966
Entropy (8bit):5.703322331362476
Encrypted:false
SSDEEP:96:6CeQO2lMEAcU+lKOwURLyeQO2lMYFS8Hcl/eq+X:6xcU+lsFSXliX
MD5:D7057AEC75864CF89C4BBD161601DAA7
SHA1:A8284EA562DB7309C6D5CD023B55F87A67B8A739
SHA-256:A1D28E5A1CEE0764AFA8ED99C9916D4E7242B2EB20E7334D4227657647115325
SHA-512:B694B098924155EA21362F31372CA6FEC4B6762DFB2714B5BB08CBB4B8549890EB94AEA32C2DDCC8F6513C59365EB13F33ABD9442B3DCF1FF0E9712E7E342CF8
Malicious:false
Preview:..J..3S........^.kC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\MainModule.php...-.-$php_module_m8a63c54d4b5c44189588d51cbc1aa865............Unknown.................................app\modules\MainModule...4.4$php_module_m8a63c54d4b5c44189588d51cbc1aa865_class0..........kC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\MainModule.php... . php\gui\framework\AbstractModule...........#.......@event timer.action................................doTimerAction......doTimerAction$34..........kC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\MainModule.php..............php\gui\framework\ScriptEvent...........e........'.kC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\MainModule.php..........null...........................2.X..4$php_module_m8a63c54d4b5c44189588d51cbc1aa865_class0.....4$php_module_ma0f1eb4554c3456ea54677

C:\jar\behaviour\SetTextBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2539
Entropy (8bit):5.402281129064088
Encrypted:false
SSDEEP:48:Gkt5pkQcUlx/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgj2dR+iGN:Gkt5pkQcUl4eQO2lM+FSIWGC4MloO
MD5:F4A8CEC8E4B39171298695F2087C2E9F
SHA1:BE69AF463144CB5A4E0F1E87F2C54664DE4DD3F9
SHA-256:BAD2B2DA4A004571CF798681B6F66C83E4AC2B4B6C8B2FF08627862557331434
SHA-512:FEDF373F000230A968B9DA7E2A8368398D415F15CF2A3AC11F3BAE9E3439DBD353A2FC22BE0B982B876846B46A583C908A477A55EF00FD8EB27E6C3691767EF1
Malicious:false
Preview:..J..3S...........770522286~224...-.-$php_module_mf43cc9e1a2e74008b2f3fb3b4cf1f8b1............Unknown.................................behaviour\SetTextBehaviour...4.4$php_module_mf43cc9e1a2e74008b2f3fb3b4cf1f8b1_class0...........Unknown.....................................................setTextBehaviour......setTextBehaviour$0...........Unknown.......................text...........Unknown.................................................appendTextBehaviour......appendTextBehaviour$1...........Unknown.......................text........!..Unknown...........................................2.]..-$php_module_mf43cc9e1a2e74008b2f3fb3b4cf1f8b1......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallC

C:\jar\behaviour\StreamLoadableBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2619
Entropy (8bit):5.432574416015854
Encrypted:false
SSDEEP:48:MEb0ZByf/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgj2dR+iGKNQb:Mq0ZByCeQO2lM+FSIWGC4MloO
MD5:AED18AE5B7C5EFE480B3C183C4D99684
SHA1:1848C84E7F8DBBAEB45C6E40B2A464A0BFAF123C
SHA-256:BEA75B7E84CB2302DA76860DAD585BE874B1B251BCA8F8A385E33739A8582200
SHA-512:8BE5258E176CCEF1BEFA57577754351969EDCD7C3A6A424D2695724B43433E73CE3EB7797DCF63854F34D56907F24E428CCFD04F823D9F30BCEF9CAD20019F73
Malicious:false
Preview:..J..3S...........1691550020~364...-.-$php_module_mb3f615d579944dfd90f43f5e2ef99dd6............Unknown..............................!.!behaviour\StreamLoadableBehaviour...4.4$php_module_mb3f615d579944dfd90f43f5e2ef99dd6_class0...........Unknown.......................@param $path.@return mixed................................loadContentForObject......loadContentForObject$0...........Unknown.......................path........"..Unknown...................@param $content.@return mixed................................applyContentToObject......applyContentToObject$1...........Unknown.......................content........"..Unknown...........................................2.]..-$php_module_mb3f615d579944dfd90f43f5e2ef99dd6......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cac

C:\jar\behaviour\custom\AutoDestroyBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17721
Entropy (8bit):5.6813684240127165
Encrypted:false
SSDEEP:192:8BtRMdl2Ap+l+h81C4lhQwcnZ+5clxkbqUf/lnsyy0pA6lvNV5FS7GCplP:AeQl+GC4nQFnZ4c3kbqUS2G6dNVvCp
MD5:81874DBE7393F1A1D5FE7D5DEB771E5D
SHA1:6449B1150733551A2AE7CF4128138D62C260F298
SHA-256:BB1ED7BFA4B432EAAEC19820CF1A3FB3755CE841137A61E7F8144BA8975604E2
SHA-512:53F0C0AFDDE608E4F2A3EA8D0A27F50A38801AB6017A1006BBA3E560269F442FA770640C168D707A8149208A8ACFBD48F171F7509FC89CA23268A6CFA55AF95D
Malicious:false
Preview:..J..3S...........384798901~1660...-.-$php_module_m2a90cae523a3430e815551545ca67881............Unknown...........6.6$php_module_m2a90cae523a3430e815551545ca67881_closure0..................................__invoke......__invoke....3......Unknown...........................2.x..6$php_module_m2a90cae523a3430e815551545ca67881_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\behaviour\custom\BlinkAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):20078
Entropy (8bit):5.700454308793994
Encrypted:false
SSDEEP:384:tBnZ4D/T1GoPMTV7sTmXMTFo2LlmoP4kCp:tBiTxxSX8Hmvdp
MD5:A25D6A306714900EDB4480DB958A74F3
SHA1:37DE3920D886459954546858F850CB3E9E76B8A7
SHA-256:C19A6283EF148F022B0B7535CF43871C76B07B6E7142EF872B50A642830C42C7
SHA-512:3253729853FE6D69AEB83BEBFE8E13833D77B92D0894D1C4CA8F03C6C4E4AC9E6FF6BF61E3F4C1841FF1C29867C40E78559A75FAE097FE7A28CBA89DCD3F6D97
Malicious:false
Preview:..J..3S...........461626809~2255...-.-$php_module_mdc7e99d8662a42778317d09dfc4c83fd............Unknown...........6.6$php_module_mdc7e99d8662a42778317d09dfc4c83fd_closure0..................................__invoke......__invoke........(..Unknown..............php\gui\framework\ScriptEvent...........e........>..Unknown..............................php\gui\framework\ScriptEvent...........e........>..Unknown...................*.......2....6$php_module_mdc7e99d8662a42778317d09dfc4c83fd_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/

C:\jar\behaviour\custom\BloomEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7248
Entropy (8bit):5.576046027778552
Encrypted:false
SSDEEP:96:PfS8adD6OAeQO2lMINiGYyJANr/N7NSeelcuFAfpOBGkI/3jM6eQO2lM+FSIWGCb:PtgeC68/elcdnkI/3jMCFS7GCplP
MD5:7F89807F7EBEC9AAAEA62A85D2567567
SHA1:AB131D6DC15D6CFC70DE2E9D9F628E16A297CEAB
SHA-256:D3396E66628C074A2CAAB2301C3286C3A24BCE7644AA7A0E36970875D3472472
SHA-512:AAEED7FEBAF7945FCA359201D67F6CE46227C39319B4CE6287998E4C1BA358635CB55D116FFEE154FCCC6CADE3BD4404E4FBE881A8291F76A228042A5B88DA44
Malicious:false
Preview:..J..3S...........131463114~1092...-.-$php_module_m15b15b2897514746915f2cfb6662526f............Unknown..............................%.%behaviour\custom\BloomEffectBehaviour...4.4$php_module_m15b15b2897514746915f2cfb6662526f_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._threshold...........Unknown.....?.333333.......!.......@return UXEffect................................makeEffect......makeEffect$28...........Unknown.........................................updateEffect......updateEffect$29...........Unknown..............php\gui\effect\UXEffect...........effect........#..Unknown...................@return float................................getThreshold......getThreshold$30....*......Unknown...........@param float $threshold................................setThreshold......setThreshold$31....2......Unknown.......................threshold....2...!..Unknown.............................bloomEffect......................getCode......getCo

C:\jar\behaviour\custom\CameraSnapBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):15896
Entropy (8bit):5.741798054497393
Encrypted:false
SSDEEP:192:I5mjcniZELDzHMbldwZ6fwwPWM0xlTFc6v6VM5MtFRkgB8KboGRrrjlFmXDFS7Gu:ILnyYHkjwMcM0xBFuGAd3T9nWCp
MD5:4F50CEB822BFA8CC2AD8C0404F7A5735
SHA1:92DF27639207980630277B9B979E8739909D86F5
SHA-256:3E67453E64E73DA980BE5BF0941DDFB4A6535378A6CF773847A16F6D689F44DE
SHA-512:E073A680F71B0DF30FCE13D28BE9EA4B1B9B37F9E4FE03675FD515064DF087FF84B3A24562014F7A3A020F41D169B84EE306C26969984826811CE991BD9EC21F
Malicious:false
Preview:..J..3S...........-402763334~2224...-.-$php_module_mb625f43185bf48abb42b2c2de7dee272............Unknown...........6.6$php_module_mb625f43185bf48abb42b2c2de7dee272_closure0..................................__invoke......__invoke....3...1..Unknown..............php\gui\event\UXEvent...........e....3...C..Unknown..............................php\gui\event\UXEvent...........e....3...C..Unknown...........................2....6$php_module_mb625f43185bf48abb42b2c2de7dee272_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Env

C:\jar\behaviour\custom\CameraTargetBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):11567
Entropy (8bit):5.772810024533214
Encrypted:false
SSDEEP:192:kcnFxdBtaPlD0B51A7m/o8KlQ8llWCFS7GCplP:JnFDuPWB1o3heWCp
MD5:DDA3CFC78C127A70C6F634119E30F87B
SHA1:DAF0268C26E8DE76EDF0616E976314356AE37A1F
SHA-256:4CA730E49FDF90957E2AF0BFAC0B55BC602D1F30F51ADB105FC05769EC455A1D
SHA-512:7C5CFFEA101271024178C2B2ABD65C1393F0E61A940F1723503E215399A3FB7D7C193665C90C414DF32A35EC7F8F6FBF0EAC05EF6E9F2C17DBBDA935148C719E
Malicious:false
Preview:..J..3S...........1932227983~2124...-.-$php_module_mde52a7a5ecd8430e96356820cb5eceaa............Unknown...........6.6$php_module_mde52a7a5ecd8430e96356820cb5eceaa_closure0..................................__invoke......__invoke...........Unknown...........................2....6$php_module_mde52a7a5ecd8430e96356820cb5eceaa_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\behaviour\custom\ChatterAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):19464
Entropy (8bit):5.702602242728411
Encrypted:false
SSDEEP:384:EH55lcc0xdEalNhxSIdFnZ1s4+c1wPOZUc+qS8fYNa84oJcIGaC0Cp:EH5/cdxdEoNhxSIdFXs43wGZB88fYNlc
MD5:B58788CE720C1BB77B5780B2E162529B
SHA1:8EE37BE84FA85A77CC901617F1B360AF58E8A129
SHA-256:5EC2350503DAAD2AE13E73F6AF18B9F3A978D6126CFB3248F6DFDBFD357C1CC8
SHA-512:B2DD834012DD0AD53195798A0EDB61677255D8E8829A232E1E6419B69121DEBAD09B4F2A7C43E35896D7F867A003B7627567E9DFF88BB3F7DBD8485B63C6ABC8
Malicious:false
Preview:..J..3S...........1607963886~2388...-.-$php_module_m7d4fe15527d24e5caa7b14bb2fd7a3c7............Unknown...........6.6$php_module_m7d4fe15527d24e5caa7b14bb2fd7a3c7_closure0..................................__invoke......__invoke....7...-..Unknown.......................old....7...7..Unknown...............................new....7...=..Unknown.......................................old....7...7..Unknown...............................new....7...=..Unknown...................3.......2....6$php_module_m7d4fe15527d24e5caa7b14bb2fd7a3c7_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime

C:\jar\behaviour\custom\ColorAdjustEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10118
Entropy (8bit):5.487630056177569
Encrypted:false
SSDEEP:192:SEEM7Q1+6UT5KlUHEdMxL6h90AFS7GCplP:lQgKers0sCp
MD5:47C659D24B136DB129E97F3715313062
SHA1:434379E0E2F5A4EC63CDE23A04F56DCC4E02B485
SHA-256:369D90ADB47F52E7E2E13F346EA6FA95CA4F900361D01D3315C7A697A08AE26F
SHA-512:F720CD94A1066A445E7A4EB052050EF78EA6A0C61D208DE6B5103B2446E26166C856E5202DFEB7D531CE3243FF471104B93DC9314B019E08EAF6D99708A7F8B2
Malicious:false
Preview:..J..3S...........-1175805947~2252...-.-$php_module_m140bd83314fc4f1482533825302f2364............Unknown..............................+.+behaviour\custom\ColorAdjustEffectBehaviour...4.4$php_module_m140bd83314fc4f1482533825302f2364_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._brightness...........Unknown............................_contrast...........Unknown............................_hue.... ......Unknown............................_saturation....%......Unknown....................'.......@return UXEffect................................makeEffect......makeEffect$28....*......Unknown.........................................updateEffect......updateEffect$29..../......Unknown..............php\gui\effect\UXEffect...........effect..../...#..Unknown...................@return float................................getBrightness......getBrightness$30....=......Unknown...........@param float $brightness................................setBrig

C:\jar\behaviour\custom\CursorBindBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):18814
Entropy (8bit):5.7385951094898795
Encrypted:false
SSDEEP:192:oeTcnPJMtWOlA434EKdUOmqY1wF8lWKP3dajZ05EZoQIt60BvJyuIOm9lVtqwSvf:anPrOJoEKJ88KKZ0YX0/RI9V8P7mCp
MD5:43E82AB301F4388066D2A03E23532854
SHA1:5D42557BFD5DB4F7796AF2E7947A61FE5A051983
SHA-256:1908C7AA1E29BA35A38A9D912E4022FD14D82F4C8E80254B6E38372D9310B217
SHA-512:9B84ED75942A49AA698E8B975F9B0CCBB30C81AFE7CBBD858DA9A94165E68BC48E2B1F3B5B1D97B2C67DF94AEEEC013D3464AF6BF630B100D8DE98943E78D782
Malicious:false
Preview:..J..3S...........812702639~3215...-.-$php_module_mebf7677b57ef4494a0e5fa45a9e2e32a............Unknown...........6.6$php_module_mebf7677b57ef4494a0e5fa45a9e2e32a_closure0..................................__invoke......__invoke....E......Unknown..............php\gui\event\UXMouseEvent...........e....E......Unknown..............................php\gui\event\UXMouseEvent...........e....E......Unknown...........................2....6$php_module_mebf7677b57ef4494a0e5fa45a9e2e32a_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtim

C:\jar\behaviour\custom\DraggingBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):23492
Entropy (8bit):5.791290147940229
Encrypted:false
SSDEEP:384:LnyGXY5HZZban7tmzXmbOAG+DnOie24OvkZYq5+Cp:LXo5HnW7kz2bOA3Dp/8n5vp
MD5:7BCB7E9983F9C05389A2F8307A2AEE92
SHA1:4E0EFDBEF099738A281029D40F1837197C1575C9
SHA-256:6E04B02EFA5D904592FA7C484C22968DBFF3AA91830EE9B667D3C31FD6D0C862
SHA-512:3435231378BB7579BD0F9D65F9B3C558D985C27C52A88C7803ABB20DFE564E344D3838C770DE630C14BD006F00BDA17822BA7759FEF9F701EF82ED86B74079A5
Malicious:false
Preview:..J..3S...........-937171549~3966...-.-$php_module_m6bd23e012dfa4dcea063cf3c7dee8871............Unknown...........6.6$php_module_m6bd23e012dfa4dcea063cf3c7dee8871_closure0..................................__invoke......__invoke....?...%..Unknown..............php\gui\event\UXMouseEvent...........e....?...<..Unknown..............................php\gui\event\UXMouseEvent...........e....?...<..Unknown...................{.......2....6$php_module_m6bd23e012dfa4dcea063cf3c7dee8871_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runti

C:\jar\behaviour\custom\DraggingFormBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):20471
Entropy (8bit):5.738296173627399
Encrypted:false
SSDEEP:192:FmicniZB++OHeblxfGsdflssimaMluc9LQcnOiLV63lQqxUISZ5T98/btKGeaVt8:Sny8xH65KMEcvnOicKpZ6b0atsRxWCp
MD5:FFE08C53472FF7D3ABE6940E602742A4
SHA1:237588D81185E7A513F1AD6CC9DA3A24CB8A1133
SHA-256:C638D15415EDCD78AE9F40A7FDF4DCB0697FFFAEA355B095A3424B4C85CDEC09
SHA-512:1C8D72D173AF7FF64C638C76969E02318129D0C0760C6AB06A0DD239F5C99A94E9EEA7F98CB526008B178102C541EC131E5B6BD744E2DA8A10D4517DFC87FAD2
Malicious:false
Preview:..J..3S...........-214346298~2526...-.-$php_module_m888b69aa2cf64b83ac8e94ccf4c5f4be............Unknown...........6.6$php_module_m888b69aa2cf64b83ac8e94ccf4c5f4be_closure0..................................__invoke......__invoke..../...%..Unknown..............php\gui\event\UXMouseEvent...........e..../...<..Unknown..............................php\gui\event\UXMouseEvent...........e..../...<..Unknown...................H.......2....6$php_module_m888b69aa2cf64b83ac8e94ccf4c5f4be_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runti

C:\jar\behaviour\custom\DropShadowEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10959
Entropy (8bit):5.471745289059796
Encrypted:false
SSDEEP:192:+fUaPWXb2gDkt0lMxlu5kAxjFS7GCplP:+fUA2qDKoqkAxpCp
MD5:EB5B2BBAB3F1078CC4E93078AF9B9692
SHA1:C22D3F543323C733316C3C23874EC4369AC4E8F5
SHA-256:5AADFF6BB051207206EB6DDDE5CB4EC94A156EF7023FF411BE08E781BFEA9F53
SHA-512:80038DCBD363783EA2B74759F3600814B5E7A3B882DDF08227034BF2F5D667DA01C243135D7130EE507C7DE507C1EFC4CBE7B1C609B06D8E67BE84FA81A95628
Malicious:false
Preview:..J..3S...........-370531614~2388...-.-$php_module_m930e1c0358174297825d7a7896edb715............Unknown..............................*.*behaviour\custom\DropShadowEffectBehaviour...4.4$php_module_m930e1c0358174297825d7a7896edb715_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._radius...........Unknown............................_offsetX...........Unknown............................_offsetY...........Unknown............................_spread...........Unknown............................_color...."......Unknown.......#b3b3b3.......).......@return UXEffect................................makeEffect......makeEffect$28....'......Unknown.........................................updateEffect......updateEffect$29....,......Unknown..............php\gui\effect\UXEffect...........effect....,...#..Unknown...................@return int................................getRadius......getRadius$30....;......Unknown...........@param int $radius.........

C:\jar\behaviour\custom\EscapeShutdownBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):13208
Entropy (8bit):5.7094021399103445
Encrypted:false
SSDEEP:192:DPDhEcn3ReBWlTYDyOzptlHPpmjcn3RzflrpEs3is5VjbnaHqFlgR9FS7GCplP:5pn3RMWCdtloIn3RzfNisTaHGcDCp
MD5:8460C3B9A6DBB2D2BA5BA4BAE6936FBE
SHA1:3E40812A6D051816F5A9D66B50537EBD71D0648B
SHA-256:C6C19583196E45EC5B74F650D90FAF21D905EB02ABE266AAAAD60A1EDA7F7C17
SHA-512:D631A5923EE4760F2A118FA5EE94B9F4A90F0C07533F187311AA68C0EC9C2A6941A76211C8E157D81C566000A0A8CC99337D38EFF366F30C94521507483009F6
Malicious:false
Preview:..J..3S...........-1075559626~1382...-.-$php_module_mb7f51268bb62468480c0799d1da41c81............Unknown...........6.6$php_module_mb7f51268bb62468480c0799d1da41c81_closure0..................................__invoke......__invoke........!..Unknown..............php\gui\event\UXKeyEvent...........e........6..Unknown..............................php\gui\event\UXKeyEvent...........e........6..Unknown...................z.......2....6$php_module_mb7f51268bb62468480c0799d1da41c81_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/

C:\jar\behaviour\custom\FadeAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17893
Entropy (8bit):5.667719576787362
Encrypted:false
SSDEEP:192:i/AtGraglg0/Etr9hHl0zKu/AtGsglUoPGdsojxLK1VxTi3lpiWub8FS7GCplP:sA49OiEldAAgyVsotLzzy8Cp
MD5:B5586E985AA2C413A277897F38C89369
SHA1:CDD20257AA75D2F04C27D2EFE95E07F5BFE8FDF6
SHA-256:2E02162D78CC06348ED1A9EC1F5903FD81000C8C4E119A572559C0D306373A88
SHA-512:BA5EC5F976CE0E0C2A90CC1DB11FC02D3448BF2A2DA75A749CB1218A8DD013E1EEED7DB1676C64B095EBDA608BFA345C364D4397BB7F9EF84D3214D738757211
Malicious:false
Preview:..J..3S...........1598607469~1966...-.-$php_module_mc06ad3ea7b44434683dad35ed07a431c............Unknown...........6.6$php_module_mc06ad3ea7b44434683dad35ed07a431c_closure0..................................__invoke......__invoke....7...Z..Unknown...................9.......2.p..6$php_module_mc06ad3ea7b44434683dad35ed07a431c_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\behaviour\custom\GameEntityBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):32949
Entropy (8bit):5.837651376550435
Encrypted:false
SSDEEP:384:O/sTZCEkRJZY2BYSqXg+sw0Y5KnUJtpsg2WbEeqDVMrxDnPCp:EIfknB9qQ+jsKtKg2beqDVMrRnqp
MD5:B381E93F1B7C75ABD714CBA343128796
SHA1:9F1B70E28DF54F73767C8E8F9A45F62C59BE68F0
SHA-256:1EC102B40700BB02145CF76AC1EBDFD41C5535373EFC9FFE6BAAE49B5E271233
SHA-512:12413C7A0FE238E248771A2A595A43867A29942BE54403A7485F7E60E8F7D9CE105EAAD71E243FB55FB7773E2F9AC4923D7FCF38ED6970AEB240521F22476754
Malicious:false
Preview:..J..3S...........1794272642~7427...-.-$php_module_ma50282f93ebd4bc1937e15698cfbac6a............Unknown...........6.6$php_module_ma50282f93ebd4bc1937e15698cfbac6a_closure0..................................__invoke......__invoke....X...4..Unknown...........................2.m..6$php_module_ma50282f93ebd4bc1937e15698cfbac6a_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\behaviour\custom\GameSceneBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):23760
Entropy (8bit):5.812719299330482
Encrypted:false
SSDEEP:384:60qzTRzicfY3uphupotJZnrkTX0QP8Ehy1PAhuYCp:604TBib3xKJRkL06G1PTp
MD5:A6F8EEFBA1249371F823B021DBFF3746
SHA1:9D053969757F0412392BAC348F1A4E875652A436
SHA-256:13045164FE119CA982A25818476C9BCF95DFAF0AF0ED94AF6B8ADCE45A9DF610
SHA-512:C062447510012FDCAAF2A611237253B918299EA27EA73535EDCB96A4E43A51FF3C2A8B732068C3F1576285FE58406FD548C728735DBC22DDDF8A7BDFD36F6F60
Malicious:false
Preview:..J..3S...........-1989929878~5857...-.-$php_module_m89c8257bb45d419e93e8d692f09a62d2............Unknown...........6.6$php_module_m89c8257bb45d419e93e8d692f09a62d2_closure0..................................__invoke......__invoke....X...$..Unknown.......................x....X......Unknown...............................y....X...2..Unknown.......................................x....X......Unknown...............................y....X...2..Unknown...........................2.y..6$php_module_m89c8257bb45d419e93e8d692f09a62d2_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke

C:\jar\behaviour\custom\GaussianBlurEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7241
Entropy (8bit):5.550224541617735
Encrypted:false
SSDEEP:96:UKuDaPt+AeQO2lMLNiGYOJANV/NpN2XRWlv9Nu1fINMk+/uOleQO2lM+FSIWGC4Y:CDCn2gaWlfgxk+/uOvFS7GCplP
MD5:500D6CFDE83043B9537588F5A5BFE7CC
SHA1:0CE6B78C1425E1E4FAFF47F75B9D1E200ED97337
SHA-256:C86507B2D2DF855D656870FFC1596D052C7E9D039F8969A92C5D8C67A9BC8BB9
SHA-512:A45FA0F606A107BC3820D4577D479C25E90A810A086262D10F1E8E41BF4DC4C28A6F7B4ACD4ACA69744E6AFA70D8382B81F139785C5AB5BDDEA54E55181E8DF2
Malicious:false
Preview:..J..3S...........1475220546~1092...-.-$php_module_me268330e85a04ce4aa96a86a09abe9d0............Unknown..............................,.,behaviour\custom\GaussianBlurEffectBehaviour...4.4$php_module_me268330e85a04ce4aa96a86a09abe9d0_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._radius...........Unknown....................!.......@return UXEffect................................makeEffect......makeEffect$28...........Unknown.........................................updateEffect......updateEffect$29...........Unknown..............php\gui\effect\UXEffect...........effect........#..Unknown...................@return int................................getRadius......getRadius$30....*......Unknown...........@param int $radius................................setRadius......setRadius$31....2......Unknown.......................radius....2......Unknown.............................blurEffect......................getCode......getCode$32....7......Un

C:\jar\behaviour\custom\GlowEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7199
Entropy (8bit):5.568112295659451
Encrypted:false
SSDEEP:96:xjn7fbQQ16AeQO2lMc4dNiGY2JANK/N3N2g2RWlv9NuVEINhk+/uOi2eQO2lM+F6:ljh+lveWlfANk+/uORFS7GCplP
MD5:098E1132F991FF9D8672BD243F1513B2
SHA1:5A85ACD11FDA3B1B695084C2BB4F29813BDC4E84
SHA-256:62F392D3B95A2DFF9E321CE5C9A7E4B3335B8B2358FA80B603B8BEA99929AF1F
SHA-512:E5B5E3F8BF5DE210DC71A9F4512AD6CE6BD27374C569E45D6BE6E79A71FAD332BAF7F5C17662BC5AE764D1EE7771ED1440DBBCDC1B42836C11823A88E95D2134
Malicious:false
Preview:..J..3S...........849850209~1080...-.-$php_module_m449aa436fb524332907d12235c89ff97............Unknown..............................$.$behaviour\custom\GlowEffectBehaviour...4.4$php_module_m449aa436fb524332907d12235c89ff97_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._level...........Unknown.....?.333333.......!.......@return UXEffect................................makeEffect......makeEffect$28...........Unknown.........................................updateEffect......updateEffect$29.... ......Unknown..............php\gui\effect\UXEffect...........effect.... ...#..Unknown...................@return float................................getLevel......getLevel$30....+......Unknown...........@param float $level................................setLevel......setLevel$31....3......Unknown.......................level....3......Unknown.............................glowEffect......................getCode......getCode$32....8......Unknown.......

C:\jar\behaviour\custom\GridMovementBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):25413
Entropy (8bit):5.784881807471266
Encrypted:false
SSDEEP:384:YYZdVoWBmYnmS58tUxexow6FuZ4U1ZTsoyViz1aAVopArI8zCp:tjoiFtameKw6FuSU1ZNzg22p
MD5:CA39F7CC9BF9FF6C7DBBE180F4AFAC9C
SHA1:FBC009FBFA172BF7B272E1443FB3FF6A4CCB57EA
SHA-256:83552C0F4024CB923F1EB4E74C32798ABC4B20F93B7EA13DE231CD79CAEF918F
SHA-512:262FD10CBD5BE78816328469173A1B6B62F29A1ACC473FBAF2AE0C8763D4459E6A15EDEEA7F5979CF1F3623A46A4CC608C14BF64327AE9B2C2697F8DF4F9C9F7
Malicious:false
Preview:..J..3S...........993695944~4558...-.-$php_module_mcbb58228c04945a49a34a9938e501ec3............Unknown...........6.6$php_module_mcbb58228c04945a49a34a9938e501ec3_closure0..................................__invoke......__invoke....F...!..Unknown...................R.......2.t..6$php_module_mcbb58228c04945a49a34a9938e501ec3_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\behaviour\custom\InnerShadowEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10045
Entropy (8bit):5.504087663937182
Encrypted:false
SSDEEP:192:3Sz8DNXB2gXw93UT5KlkHEvMSBiIeZFS7GCplP:3Sz65kCw9iKuSePCp
MD5:AA89BAF7C87CD22C4A12A280A30C47E3
SHA1:6428A7F06FF5E2F001D978D521963DAA976F23A2
SHA-256:1EFBE797F8DA11D7ECAA503BF797E8490B4FC8B11125840C2B439BB925F4DDAA
SHA-512:4F1196632E1AE0F4C051174EF7E20190BC28A2E8419AE2904B78D544F5EA16B14A87DBC6E624C52E36C9D8451B15EC74F34B4FA384918C7A135055083315CB59
Malicious:false
Preview:..J..3S...........-1268290970~2082...-.-$php_module_mad389f4e63754199835a0b9cbc1ffa5f............Unknown..............................+.+behaviour\custom\InnerShadowEffectBehaviour...4.4$php_module_mad389f4e63754199835a0b9cbc1ffa5f_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._radius...........Unknown............................_offsetX...........Unknown............................_offsetY...........Unknown............................_color...........Unknown.......black.......'.......@return UXEffect................................makeEffect......makeEffect$28....#......Unknown.........................................updateEffect......updateEffect$29....(......Unknown..............php\gui\effect\UXEffect...........effect....(...#..Unknown...................@return int................................getRadius......getRadius$30....6......Unknown...........@param int $radius................................setRadius......setRadius$31...

C:\jar\behaviour\custom\KeyInputRuleBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):16599
Entropy (8bit):5.7746284646188135
Encrypted:false
SSDEEP:192:O7rwgecAG1lc/fifuKSEU22PWtWMoluzpagmPVpo5Ljd/zc+Zllm+FS7GCplP:Ow5c/1WfM12W4bcz2ofzNZXPCp
MD5:CCBECAC8F88BCAFD4D10B07C70371123
SHA1:3B00A36FFFE3E1553391C0E3939B7D40C1B3DB45
SHA-256:9FFF42C149D4EF9ED0CC3AC84F1C702CBD45B2C946B26761F45C46EBBAADEC1B
SHA-512:91F0D91535CF23292DBF63EAE4E443370565755566E83D3BA1A5D5CAB8D062C913DC8250C70B1D13CDED95E8BFA75087E8FE35F63553449939C177CDD66CC230
Malicious:false
Preview:..J..3S...........-2124815524~3216...-.-$php_module_m2d5c63f46f064d8d9335ace3ff11e907............Unknown...........6.6$php_module_m2d5c63f46f064d8d9335ace3ff11e907_closure0..................................__invoke......__invoke....&...2..Unknown.......................old....&...<..Unknown...............................new....&...B..Unknown.......................................old....&...<..Unknown...............................new....&...B..Unknown...........................2....6$php_module_m2d5c63f46f064d8d9335ace3ff11e907_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtim

C:\jar\behaviour\custom\LightingEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10464
Entropy (8bit):5.500734122452568
Encrypted:false
SSDEEP:192:FhoJq32UT5KlUHEdMxL6h9wsFS7GCplP:BDKerswoCp
MD5:33AB3C4A86CCFD08CFF72BC96A2514CC
SHA1:A9910C07B6F2AF1472A800DF93E7F1C45505F679
SHA-256:5C53472990D1217D9ADD1FAE5C6061BE55378CA64BAB7D754E3D7AB53D7F96B3
SHA-512:FEB06C6DCC9A970E084F7EC1B7035F06EA580E76CA591FABE3DEAA5E3A1ADBE7AE779AE81036B94FA34BF5151FA0AD54C0EABF196E7A99098C3A161CD9ABA4F2
Malicious:false
Preview:..J..3S...........-1169576932~2553...-.-$php_module_m55745042efce44ee9547d3f4a7c9b092............Unknown..............................(.(behaviour\custom\LightingEffectBehaviour...4.4$php_module_m55745042efce44ee9547d3f4a7c9b092_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._diffuseConstant...........Unknown............................_specularConstant...........Unknown.....?.333333..............._specularExponent.... ......Unknown.....@4....................._surfaceScale....%......Unknown.....?..............'.......@return UXEffect................................makeEffect......makeEffect$28....*......Unknown.........................................updateEffect......updateEffect$29..../......Unknown..............php\gui\effect\UXEffect...........effect..../...#..Unknown...................@return float................................getDiffuseConstant......getDiffuseConstant$30....=......Unknown...........@param float $diffuseConstan

C:\jar\behaviour\custom\LimitedMovementBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):13257
Entropy (8bit):5.856628371609316
Encrypted:false
SSDEEP:192:lonxyNadYUuQpAhcrltbJ2Se/2JT1oq05p52KU67MCf1lRau+FS7GCplP:+nxy3OAhcrQ29u9ZU67xf1/a9Cp
MD5:F085B6AD090F9EA772F0EAC8D5348DD9
SHA1:13A53BFC2563608523BDEE9DD4A27613561A0AD8
SHA-256:EF2F4E88852F92428B29EBA9E8F1E9E0DDCC6716110CB46C7E36271412BBC7F3
SHA-512:0993081D074AD1A80A7903E8BD9C81CCE03BE41897D6363D0837238CA10697C226EA2070C7068DAC7465AF28408A4254C874CF6A6092FA1A1FB49C82E96AC345
Malicious:false
Preview:..J..3S...........-1623146549~2487...-.-$php_module_m0f2c658d893a46f6848314ec1d50b068............Unknown...........6.6$php_module_m0f2c658d893a46f6848314ec1d50b068_closure0..................................__invoke......__invoke...........Unknown...........................2.[..6$php_module_m0f2c658d893a46f6848314ec1d50b068_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\behaviour\custom\PulseAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):19423
Entropy (8bit):5.678606499486444
Encrypted:false
SSDEEP:384:CnZH2c91orXYKTxUaTqQqTO/wNKO4TRrN9Cp:CBbbHPi45cZ6p
MD5:37AB538D7CAD8B42B8149700B6FFC91E
SHA1:1CD214DC354EA49FB29211B35D70C9AE4F7766D6
SHA-256:4183FD5B2E291D61A259326E57145D83EC1FB171B1C13D226AA15C31BDF6742B
SHA-512:68BB33292262149E1E0D03DBC7EBDAFAC45ADA889452082DABD76F3D7C4FA53E3393F6A27DAC654122BD0FFFE448B6892673C042BF46B700B6A49A88A1EEE145
Malicious:false
Preview:..J..3S...........-626076543~1897...-.-$php_module_m7d2c17d195b24f80bfb08ea41b5c1622............Unknown...........6.6$php_module_m7d2c17d195b24f80bfb08ea41b5c1622_closure0..................................__invoke......__invoke....)...(..Unknown..............php\gui\framework\ScriptEvent...........e....)...>..Unknown..............................php\gui\framework\ScriptEvent...........e....)...>..Unknown...........................2....6$php_module_m7d2c17d195b24f80bfb08ea41b5c1622_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp

C:\jar\behaviour\custom\RandomMovementAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):26476
Entropy (8bit):5.836805216091016
Encrypted:false
SSDEEP:384:xH/nTTnNqIgM0G/5LFqZtfpCrZhurGMfkSyiirXmCp:Z/nHVThKtfpeZh4Gyj8rXXp
MD5:89BE017D47B68CE572BEC37863F27808
SHA1:B7AD8C94E00F1D0236307F0DE45E100A5BAB1A99
SHA-256:94DEA47D8267FBC208589549FB8118FD45D34DCAF07BA4E6B7729C42C72A1509
SHA-512:C80CD01BB5BE870957FE2EE142B0B4E4480DAC626D15F4522FD93E69F26A289D9F4B9AA06EDB65426F45844B095AEAB49EE90FAB6185F7679CDFD13E3F2E148A
Malicious:false
Preview:..J..3S...........-1245295193~6154...-.-$php_module_mf4ef646cef5b4715b0dc48e5750c48c1............Unknown...........6.6$php_module_mf4ef646cef5b4715b0dc48e5750c48c1_closure0..................................__invoke......__invoke....P...X..Unknown...................z.......2....6$php_module_mf4ef646cef5b4715b0dc48e5750c48c1_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\behaviour\custom\ReflectionEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):9275
Entropy (8bit):5.524239219717677
Encrypted:false
SSDEEP:192:3O3S+LKrctlCh24eW4uvU93e4gFS7GCplP:3ockCxgDVeBCp
MD5:F7FB75403085483BA5DA983A9E8B9DAD
SHA1:4DC5805615B96A8B1337B212791D996DCCA0C3CE
SHA-256:D3CFF0F1E3869213D8AE3BA71A0E18343BE4B0FFA61A34469CFFBCEFFC0215DD
SHA-512:29939FF6AC7BD0AC641C4023A86EF33CE736F160B0BEC1E801CCF755AF5293286320572907A43A1CA17F6EB336E29BFB0C65D1AD1CD904D8426ADDEACC2AB8FE
Malicious:false
Preview:..J..3S...........-148005674~1887...-.-$php_module_m3d83e3e97ad34440be45a325e959c296............Unknown..............................*.*behaviour\custom\ReflectionEffectBehaviour...4.4$php_module_m3d83e3e97ad34440be45a325e959c296_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._topOffset...........Unknown...................._topOpacity...........Unknown.....?......................_bottomOpacity...........Unknown....................%.......@return UXEffect................................makeEffect......makeEffect$28....%......Unknown.........................................updateEffect......updateEffect$29....*......Unknown..............php\gui\effect\UXEffect...........effect....*...#..Unknown...................@return float................................getTopOffset......getTopOffset$30....7......Unknown...........@param float $topOffset................................setTopOffset......setTopOffset$31....?......Unknown...............

C:\jar\behaviour\custom\RotateAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10580
Entropy (8bit):5.633083247700292
Encrypted:false
SSDEEP:192:2EcnZG8Il91lxqhvmW12AlxaFS7GCplP:ynZGxX1umW17qCp
MD5:DB4B4BB471ACF2ABDBFE66616DB511E8
SHA1:63F83A95D55D5414F24B7CCE7139AF8D499179A5
SHA-256:5D56BF7D22C5E38DF2EB685526572B2D6FA55326C2A70C545C73925BC3541D67
SHA-512:626009B298F7D129CB41FAA2B7B6FF3BC4CAE51B42B11146234F57D93FDEDD2C8935656B20A8A2F5AA617ACC6495D9D87C05797098E8D39F48631528A6712681
Malicious:false
Preview:..J..3S...........-1325586418~1004...-.-$php_module_me85cb39cbf4f48178d64efda8ed82f4a............Unknown...........6.6$php_module_me85cb39cbf4f48178d64efda8ed82f4a_closure0..................................__invoke......__invoke...........Unknown..............php\gui\framework\ScriptEvent...........e........-..Unknown..............................php\gui\framework\ScriptEvent...........e........-..Unknown...................%.......2....6$php_module_me85cb39cbf4f48178d64efda8ed82f4a_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lph

C:\jar\behaviour\custom\ScaleAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17953
Entropy (8bit):5.659169519352768
Encrypted:false
SSDEEP:192:p/AtGraglg4/EttsHl0zKp/AtGsglUtPqGojdLPP7CllfiS54MOxCUFS7GCplP:1A49OeEid1AgyEGoBL7CPfp4MOx1Cp
MD5:691395D48A217D299724AF61870237BF
SHA1:4E1E1FA02057DF85BFB7968EC7D5548D5D295FF4
SHA-256:64029003CDACD19ACEE3980D6BB1E82D7FE197C37F76B475FA52B2610DD5B7E5
SHA-512:6F7EBE7197453D0CC9195D8F150BC649894E8E0B581A51A93E9B4B30B8BFFFFD0E3D8A4E4858BE557DE9E1F546B9A6B6D972267CB5A026D8E219819A32B6BDB3
Malicious:false
Preview:..J..3S...........288168476~1962...-.-$php_module_mab99162baaf444bcb2e426af24d94d2f............Unknown...........6.6$php_module_mab99162baaf444bcb2e426af24d94d2f_closure0..................................__invoke......__invoke....7...Y..Unknown...................9.......2.p..6$php_module_mab99162baaf444bcb2e426af24d94d2f_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\behaviour\custom\SepiaToneEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7217
Entropy (8bit):5.556303509579501
Encrypted:false
SSDEEP:96:fz3fbQQDAeQO2lMSmONiGY2JANK/NlNKdWUAlcuFAI49m/M8eQO2lM+FSIWGC4MN:LKa+lwwUAlchm/MYFS7GCplP
MD5:CB9837B51B0A72F712AD751DC1216C55
SHA1:F0B9BE2A2DA09817C61918B9612CD1EC896C7096
SHA-256:11721B4A125F1F0EFC6756C8417BD847511A7945C88468139F95BB834E7F7E6A
SHA-512:B653F0578C6440DCCFA35E98751F9DDA626CECFA26C54F6940081ADF807B1719513A28E4DE9699D1437D99BB480894C0C519E78F2633A184A144061B2D87DFA0
Malicious:false
Preview:..J..3S...........1148608488~1107...-.-$php_module_m38a66dcdb78742c7b77cd5ebd419b8b5............Unknown..............................).)behaviour\custom\SepiaToneEffectBehaviour...4.4$php_module_m38a66dcdb78742c7b77cd5ebd419b8b5_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour...................level...........Unknown.....?..............!.......@return UXEffect................................makeEffect......makeEffect$28...........Unknown.........................................updateEffect......updateEffect$29.... ......Unknown..............php\gui\effect\UXEffect...........effect.... ...#..Unknown...................@return float................................getLevel......getLevel$30....+......Unknown...........@param float $level................................setLevel......setLevel$31....3......Unknown.......................level....3......Unknown.............................sepiaToneEffect......................getCode......getCode$32....8......Unkn

C:\jar\behaviour\custom\VibrationAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):26529
Entropy (8bit):5.654523250627717
Encrypted:false
SSDEEP:384:f/MTgPbTpNwozbAsaT4d5HmlYtb51WKMPACp:nDbT4ozb1L5kYtbDcZp
MD5:6C011A01C2ABCA92877B3444D20332B1
SHA1:B4B3AA8B9652275940A3AD04D32E662E77070983
SHA-256:7FC07284CB3CC036C846CF1591C6E1854604D5F4601F362BD6CC5E82374649CC
SHA-512:D8821899F5F1E8F93BF2AED73603597286EA8EEC916AD67893B72331B133F6757472204EAB93B047E1CF4EBA61B9C3F22FF5AE8A489E64EE210D7B3A9B69CD8A
Malicious:false
Preview:..J..3S...........-1226741605~1994...-.-$php_module_mbc9f92f2814143978938cf67d9c6640d............Unknown...........6.6$php_module_mbc9f92f2814143978938cf67d9c6640d_closure0..................................__invoke......__invoke....0...?..Unknown...........................2.m..6$php_module_mbc9f92f2814143978938cf67d9c6640d_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\behaviour\custom\WatchMakerBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10984
Entropy (8bit):5.697107841615777
Encrypted:false
SSDEEP:192:vn8fl2j8ielfR/cBgDV5AY1XqPZQlbX+FS7GCplP:fNj8iekBoVqxBQxCCp
MD5:1E647D4787CF796CC1B674A876444864
SHA1:19C65B84BB6339C312DEC7ED61173F912C7A8C88
SHA-256:69A242B7F1585F427928B88841567DCF1B74690F6EFF0863DCD72BFFB7453193
SHA-512:6C707A5B99E4F33D72827E65AF32D17E58A1FBA348D07958F5DC62C39133CDE1F7B6F505E24496A401E1723627124708C22E09894B04B5416CA2FA0FD1F77426
Malicious:false
Preview:..J..3S...........1501497343~1313...-.-$php_module_md0017fdc123f450f9f9bbdf7bc23f64f............Unknown...........6.6$php_module_md0017fdc123f450f9f9bbdf7bc23f64f_closure0..................................__invoke......__invoke....$......Unknown..............php\gui\framework\ScriptEvent...........e....$...)..Unknown..........null......................php\gui\framework\ScriptEvent...........e....$...)..Unknown..........null...................2....6$php_module_md0017fdc123f450f9f9bbdf7bc23f64f_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<i

C:\jar\behaviour\custom\WidgetFormBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):31807
Entropy (8bit):5.824055430648909
Encrypted:false
SSDEEP:384:Bg1NjDhsinDzTxHs0nDzShSF1JrQASVJ20/364YV/bAab36DCp:iNpsiDfFs0DWh0J+J20/369V/cabK2p
MD5:4941DFA19CB774CBF35417115FB01C3C
SHA1:7C06AD91277D4DED1D12B96D8EDF7DAFD0B3C235
SHA-256:9A7B407BCC4CA6B5E682CF7E37255EA95EE714D17A2CE1E88A4095E068FA3801
SHA-512:292360432C52D103CB3761D7945F5EC76F2977140EF13DCD2C6259B2893A47CB712BB5E45BBC5771A12F90EFF72090AF7EE21F952B11B1FE966FE50DE3848E0A
Malicious:false
Preview:..J..3S...........-1954239182~5223...-.-$php_module_m5f8eeee7bf254569a7fef11cbf7c437a............Unknown...........6.6$php_module_m5f8eeee7bf254569a7fef11cbf7c437a_closure0..................................__invoke......__invoke....7...#..Unknown...........................2....6$php_module_m5f8eeee7bf254569a7fef11cbf7c437a_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\behaviour\custom\WrapScreenBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):16148
Entropy (8bit):5.766508966611101
Encrypted:false
SSDEEP:384:evkiwuiNWaKA+BsF0hCUCY91aDdQa6RCp:fixiNgfBizk91czhp
MD5:2957BDFE93AC535FDC1262DF70D452FC
SHA1:298FFB4C741D9B16B1FC8A651ABAD52DF331F436
SHA-256:D711E5961E4A03AD1C5CBCC55132AC7B82EEC70C092B44195A606A50EE3CD278
SHA-512:93EDC63E89DAF74B4EBE463FC3547FBF10A622998AA789434E8170AF447FBD4BBB65A6700A02D3B81162124BB06B84753054C2A1B4D660207A2B0A788E960894
Malicious:false
Preview:..J..3S...........-491706443~2362...-.-$php_module_m4d83e12d684446469acc3d33d55de928............Unknown...........6.6$php_module_m4d83e12d684446469acc3d33d55de928_closure0..................................__invoke......__invoke....,......Unknown...........................2.k..6$php_module_m4d83e12d684446469acc3d33d55de928_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\bundle\http\HttpAsyncResponse.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10399
Entropy (8bit):5.843659614131945
Encrypted:false
SSDEEP:96:LLqbQHsHwWFHhd0uhcaeQO2lMOFAmbJX/NXVD1N7BfNPacZEkE9yuMLlfOwqBPfS:esmb9rxMilgBPfhXNwADgTMplqFSXliX
MD5:2D469BD26F7DA4A26C9B2C8D7C2C17C5
SHA1:BCE6878416C91DBF383716F2946D4093F2BF4B70
SHA-256:0505B3C7F056C14C3AE41A3CCDA302DAEA900333B198FB93DAD3D12AB12FB5E6
SHA-512:5675BCB87C528BE16091088B7DE5058D4105A1AAF1052EC9447221D79FBDC61E479A070D499D158C67F88F18E0DD8F6991DCA285E4452191E2C369DC37C4676B
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpAsyncResponse.php...-.-$php_module_mdc1675fc5e954f97b7566c133e1ba0ab............Unknown.................................bundle\http\HttpAsyncResponse...4.4$php_module_mdc1675fc5e954f97b7566c133e1ba0ab_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpAsyncResponse.php.......................onSuccess...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpAsyncResponse.php....................onError...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpAsyncResponse.php....................onDone...........C:\Users\...

C:\jar\bundle\http\HttpChecker.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):20690
Entropy (8bit):5.8699844467430395
Encrypted:false
SSDEEP:192:EnuJhIr35AlYwpFlkm4kBVK9/QVOlhByKs4ykAnaqPgldhe0Hiq/MzsbFSXliX:5JhI2PCkKsYdAnapt3HiqeMX
MD5:2D5204416CA42299F0EF396B7347843B
SHA1:26CA78E68B224845427C7AD7297EE8733A4B8BF2
SHA-256:5FA5874908CCAB618802490CCC76056E484D2C5B23C9FC078B07AF6EB69A7A67
SHA-512:5D7E901B41FBE6B187F5C0160F0B5783A1BD2B92F29712F16D4F06483895006EE5E39CBC9E6625F923A2D6A3737B67F53A9E948A0932CCDE3D40A8E24117A7DA
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpChecker.php...-.-$php_module_m4fa62a42cc7e4d87b93734449ae6f3b9............Unknown...........6.6$php_module_m4fa62a42cc7e4d87b93734449ae6f3b9_closure0..................................__invoke......__invoke....L...-..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpChecker.php..............bundle\http\HttpResponse...........response....L...D..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpChecker.php..............................bundle\http\HttpResponse...........response....L...D..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpChecker.php.

C:\jar\bundle\http\HttpClient.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):81653
Entropy (8bit):6.0499733469943
Encrypted:false
SSDEEP:1536:fMh/eML0mVPZcQfZvmtpPOGQqYJ1PFt7JWM2xOAFs:fM1VL0YPqQftmtpP/Xa5jUM2xOAFs
MD5:502F9B066E8601FF380C037FB7CEAF3A
SHA1:393677DB0C45930418A1A940E1E66A7D11BF4CB1
SHA-256:992ECDDBEEE85D222CAD9CD52BC508B39BD8A1C405E93919A0313015FAC57122
SHA-512:9B9B89197C69EABAA87E78E2715EA84DE82F1051806F5809B5E2AC02001A73A65170A78F6E74A89128BC2BE7D844F043D8CAFF2EC03BD38991677C9C5CEB9734
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpClient.php...-.-$php_module_m20ad3eed1c9c48ffac811d2d2ffc89a5............Unknown...........6.6$php_module_m20ad3eed1c9c48ffac811d2d2ffc89a5_closure0..................................__invoke......__invoke...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpClient.php...........................2.p..6$php_module_m20ad3eed1c9c48ffac811d2d2ffc89a5_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpClient.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionC

C:\jar\bundle\http\HttpDownloader.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):97316
Entropy (8bit):6.005667045144977
Encrypted:false
SSDEEP:1536:BupymkZXwex3lxGxz/WzpgxPM/pvBvF+VzQmxjs:BupymkZAex3lx4z/WzpgxPMRv1oJLjs
MD5:30BE8F6479AFD88F4FAD5E1B22A1C3E9
SHA1:77C39FC8678EA152ECA69192F3AB96874054A54F
SHA-256:7F5D79F0AD3B12502624738E8BE8ABB9B45F5C3EAC733EB39F3D21C961E520BD
SHA-512:70B059A218584A5552C6F680D53CAE3EE123F5D9088A114AD2B75EE38F1B43EAE7A4E8DD0DC39F68B20CF3AA28D1C74422E006710B355776B0E6B97329F81767
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpDownloader.php...-.-$php_module_mcc866a377c224d0096ec8aa823cf6d61............Unknown...........6.6$php_module_mcc866a377c224d0096ec8aa823cf6d61_closure0..................................__invoke......__invoke...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpDownloader.php...........................2....6$php_module_mcc866a377c224d0096ec8aa823cf6d61_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpDownloader.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cac

C:\jar\bundle\http\HttpResponse.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):22558
Entropy (8bit):5.913984875507058
Encrypted:false
SSDEEP:384:xglnE+c2XsHN1cT9Kv9xcx938x3k59fAo/r5X/KxjnCIftQMX:qS1ca9yYOmnl2s
MD5:8C58F34762684706AB5EB68F7730B4C2
SHA1:199CF554E9FD1F5CC5CF6B39F094419E28CD48CA
SHA-256:513E6617CA8A8AD9BAE63813DE2A4145FDF4B17496209AAD59687B673AFA04F1
SHA-512:22987201C791583177F3C7B87865059C7D7846B1E23F4E7D466F859D7487D2106053462D670414F7505CA4F70E97B35A0DA060C01C150EE18A1FB14CE94EC7F2
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpResponse.php...-.-$php_module_mcff89caf7bb6424698c882161731262e............Unknown.................................bundle\http\HttpResponse...4.4$php_module_mcff89caf7bb6424698c882161731262e_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpResponse.php.......................body...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpResponse.php....................responseCode...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpResponse.php............................statusMessage...........C:\Users\........

C:\jar\bundle\jurl\jURL.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):138187
Entropy (8bit):6.244578678441567
Encrypted:false
SSDEEP:1536:SmKPTTWkLQyQVJYij4ggWIBTsBhf48jEG6YlQG8/expvzgWV+pQos:SmKbTWkQyQVJ/jQWSsXjE3Yw/enzdbos
MD5:A9E9FF3AD4138923058FB14F0D54D1C7
SHA1:DE12BB254BA536EB5B74C97C4375150FEC2227B2
SHA-256:A616311A005EF4DDBD2FDCCACB7E3F612946BA29C1AD8C431675E0BBFE9E010B
SHA-512:38898DE4EF130BE63E207EC110B69535B78AD4D8B47187397DD20782D0D43B93454CB5CF4216CBDE72A1C48C4691733D8BACC0F9048DBF797E38FEEFEAC7B6DE
Malicious:false
Preview:..J..3S........|..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURL.php...-.-$php_module_m2246d1b5a12f46e0befd571942fd5778............Unknown...........6.6$php_module_m2246d1b5a12f46e0befd571942fd5778_closure0..................................__invoke......__invoke........+..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURL.php...........................2.r..6$php_module_m2246d1b5a12f46e0befd571942fd5778_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURL.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cac

C:\jar\bundle\jurl\jURLAbortException.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4627
Entropy (8bit):5.708303211409949
Encrypted:false
SSDEEP:96:JrZKeQO2lM14zlBOTDOGhKeQO2lMYFS8Hcl/eq+X:1mlUDhqFSXliX
MD5:50546C7A19B8968DE919C7CFCD46F086
SHA1:1AF670EFBA94FB740D071C60317F9C59AE25E7B6
SHA-256:7CA88C50309FB018C1AD64C9499DE42253A46467C1937C4360E12CA8E16F66C7
SHA-512:716928A14CF479B61D7D4911BEF6768A64E617BECC94B0B189202B2DFFFDD5899DCE2C2D2C0D1A520756F797CC532F12CE9015506A10F386962F78634751EDAB
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLAbortException.php...-.-$php_module_m6cd5bc8232b348a6bbedc60468bc8fd0............Unknown.................................bundle\jurl\jURLAbortException...4.4$php_module_m6cd5bc8232b348a6bbedc60468bc8fd0_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLAbortException.php......Exception..........................Throwable.......l.......2.U..4$php_module_m6cd5bc8232b348a6bbedc60468bc8fd0_class0......php/runtime/lang/BaseException......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLAbortException.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/run

C:\jar\bundle\jurl\jURLDownloader.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):97969
Entropy (8bit):6.165709608805331
Encrypted:false
SSDEEP:1536:O3uKTHT830fWdWEcB7Wq1Bkoy9L5QOJWOR78TW+caZAtmmqbFf40Ob+:O37z830fWdDcBL1C1HJUnBSmmqhALb+
MD5:B632631E2FCE69BDB7FE0C3E88A9ECA1
SHA1:94FCBFE1C882F9C034C855AE93523C0D1C5E2025
SHA-256:A1B914B8227631E39B7C04A8B3D775F46DF1EE902D039D045C097BF9ED2D4018
SHA-512:40199184982BA2477BB9E16D236B0D40C312503D06CA0B1DC9A40921ED3E094A5146FE06C2092E8CE59A14D0F27D8B3DC079222082CDA135DBD681449C00D822
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLDownloader.php...-.-$php_module_m89e3125688494013a6c5e279295e964a............Unknown...........6.6$php_module_m89e3125688494013a6c5e279295e964a_closure0..................................__invoke......__invoke...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLDownloader.php.......................avaliable........%..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLDownloader.php.......................................avaliable........%..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLDownloader.php...........................2.}..6$php_module_m89e3125688494013a6c5e279295e964a_closure0

C:\jar\bundle\jurl\jURLException.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4597
Entropy (8bit):5.710700796982166
Encrypted:false
SSDEEP:96:LL2ueeQO2lMa4zlBOTDOGVeeQO2lMYFS8Hcl/eq+X:LgmlUDhKFSXliX
MD5:E7DD104CD4AF0762E6C11D0E20B25AC4
SHA1:9CAE78A3235CFB3E968D51B0E8A0D81E94902663
SHA-256:381804DC242D5659CB51E9BF220CF8D08476ED486C9146CAB26A29EA1917F043
SHA-512:5A832D1C9DA83DA04ADE7E5CB265F5CC99AB4D2F0F95077706BBB1646A0E8D4D27323A0C944D4EC29E5304A30F512767F5AAA29235B501909BA060D53AF60721
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLException.php...-.-$php_module_m3bc81d1cb0904ea2bcd6a3ef71707265............Unknown.................................bundle\jurl\jURLException...4.4$php_module_m3bc81d1cb0904ea2bcd6a3ef71707265_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLException.php......Exception..........................Throwable.......b.......2.U..4$php_module_m3bc81d1cb0904ea2bcd6a3ef71707265_class0......php/runtime/lang/BaseException......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLException.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/Fu

C:\jar\bundle\jurl\jURLFile.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):12613
Entropy (8bit):5.855959879596389
Encrypted:false
SSDEEP:192:wM5DSd7mszz/XVLyxhl3ngoeEKlaTOwNUrMYFSXliX:wM5Gd7XztGxhxngd7+U6MX
MD5:37FAC9DED39DB38060F6CBDD0CE64A53
SHA1:0352B362B5FD5F896CE1A3FF59AA48416D5F1726
SHA-256:D5AA2EBD34DAE252E92CFF9852A79ECFBC4484AFB88C15200C10433EE04B2E4F
SHA-512:3E99F1C5B8690384437B204BF146D37042F1E21C2016AEDDD43ECAD33AA30B5D47AB9E62909AE52EF876301411121EBB5D69557D32E3AD6721EDA25379FCABD5
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLFile.php...-.-$php_module_mb1b0708116f44e2384e2069d18678b09............Unknown.................................bundle\jurl\jURLFile...4.4$php_module_mb1b0708116f44e2384e2069d18678b09_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLFile.php.......................filename...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLFile.php....................mimetype...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLFile.php....................postname...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.

C:\jar\bundle\zip\ZipFileScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):66821
Entropy (8bit):5.94559879733781
Encrypted:false
SSDEEP:768:BPUlCk3Xcz2mColFcAi6XW+k0I2nxRm/QI8JxSp99tUs:BACk3XczvColF9JPIDQH6Es
MD5:D311401CB14D4C13D6C994034E8FF2BA
SHA1:A4962025ECAE2F254C9F35E2DF425D41A91F0EA9
SHA-256:31FD120BE3C31CF5DDC92BCEDB4F2E53931D514F0EFB7A0B7D33981693765F29
SHA-512:96855BF1214625C3EB7A82091D8DD09787BFBB596572AE1F40B9BF92919523AEDEF42873289AF57672552534E8A9AD6FEE1532C48BC362DF90EFA374BECB7D15
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.zip.ZipBundle\bundle\zip\ZipFileScript.php...-.-$php_module_m504340d1720f4863932da2ac3c1f6520............Unknown...........6.6$php_module_m504340d1720f4863932da2ac3c1f6520_closure0..................................__invoke......__invoke....v......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.zip.ZipBundle\bundle\zip\ZipFileScript.php...................Q.......2....6$php_module_m504340d1720f4863932da2ac3c1f6520_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.zip.ZipBundle\bundle\zip\ZipFileScript.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/

C:\jar\cURLFile.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4385
Entropy (8bit):5.732093510937827
Encrypted:false
SSDEEP:96:xlz9eQO2lMhAxHlqOg09eQO2lMYFS8Hcl/eq+X:cOlCgFSXliX
MD5:BF432F6DA4557F6E5F08E7AFE2667C91
SHA1:47D8BBB265DEB135D3ACBEF1634B9C7150A99AD8
SHA-256:61DFB2ECFA5AD6E73CD70CFEE9B96535905C12384C3D536C46E9751F54957727
SHA-512:5D418D3560AC79A286EBFE53919B92D3482125313849AB13723CA8A1738C670CFF5854ED7032A6A7F6A0887F73D78931B318A0FF2A5D6135DBF837F997DF881A
Malicious:false
Preview:..J..3S........t..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\cURLFile.php...-.-$php_module_m20209a0a52cc46e2a4affe288524c935............Unknown.................................cURLFile...4.4$php_module_m20209a0a52cc46e2a4affe288524c935_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\cURLFile.php......bundle\jurl\jURLFile...................................2.Q..4$php_module_m20209a0a52cc46e2a4affe288524c935_class0.....4$php_module_mb1b0708116f44e2384e2069d18678b09_class0......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\cURLFile.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime

C:\jar\facade\Async.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):11852
Entropy (8bit):5.639355612884658
Encrypted:false
SSDEEP:192:1PN/aqlSBwg+johARfliP9lc38yJmil9bbArklyA458tFS7GCplP:f4L6lCDXwF5cF5ECp
MD5:A16F01C69207F69607B7199272C4096D
SHA1:BA3D701571B11A0C0726A7F4BF858960FA81CD2A
SHA-256:0F325E896101DA8D93C5FFDBF516E02255E033C83F054FDE799C81092F802192
SHA-512:DA37F4BE3D9DA768E4BDC5F8650F59C05CAE86436197B75472845432B7BA89A50213628BABCF484A7D30AAA921BF1BDDFBEB730DA533764F9042E86AF5E636D2
Malicious:false
Preview:..J..3S...........-1720113844~653...-.-$php_module_mbbb25fa0d2194eb8a731a53639f667d0............Unknown...........6.6$php_module_mbbb25fa0d2194eb8a731a53639f667d0_closure0..................................__invoke......__invoke........ ..Unknown.......................value........*..Unknown.......................................value........*..Unknown...........................2.b..6$php_module_mbbb25fa0d2194eb8a731a53639f667d0_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/Class

C:\jar\facade\Json.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8464
Entropy (8bit):5.64912941986304
Encrypted:false
SSDEEP:96:6Qb9Ox4jeQO2lMUn1CD2EacDEuJ9NGNNiMNyrV4ydIA4oml2ca1Y3nv6m17DIzer:BGm1yGmbnZYomlxaa3v6mCFS7GCplP
MD5:C71155271804C875D6C5F5EC6CBB4AD5
SHA1:A6B47DBE9B0B696AB1714054061E97482F038F31
SHA-256:95FBD69A6CE050FC3A739B83E5DCE8F1EF6595ECC87FB958B95EFDED39840B25
SHA-512:095377ECA735801CC4D33E9CDB7E284B103A7CE1F20A793538496D2D79AED343257733C7FEDCC819B00058A6359ECEEB443912E6B07DF59E8132B6BB8250281B
Malicious:false
Preview:..J..3S...........-1314181324~1203...-.-$php_module_m23fa682652fb4c3ba852133b2e4ecf80............Unknown.................................facade\Json...4.4$php_module_m23fa682652fb4c3ba852133b2e4ecf80_class0...........Unknown.....................8.@param $data..@param bool $prettyPrint..@return string................................encode......encode$0...........Unknown.......................data...........Unknown...............................prettyPrint........"..Unknown...........true...........@param $string..@return mixed................................decode......decode$1...........Unknown.......................string...........Unknown...................@param $filename.@param $data................................toFile......toFile$2....(......Unknown.......................filename....(......Unknown...............................data....(...&..Unknown.................&.@param $filename..@return array|null................................fromFile......fromFile$3....2......Unknown...

C:\jar\jfoenix-custom.fx.css

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):1121
Entropy (8bit):4.764180065789272
Encrypted:false
SSDEEP:24:Y0o37beOjUOjwOj4NcfjQCZLTkcdpLnIy5ALlb:ubjUoj5jdaR
MD5:1F9181887037CEAFE289B6158C5145F7
SHA1:BD29320357FEC748EF118265B239272A12FA6BFD
SHA-256:6418D81B04692936670A8AABB8B891A367678E34945FD5BC99F5AF05BF306DBE
SHA-512:72DE3F01E3E5CF2DFF080DD8F424AF822BB2290C4A672B4EDD6B080752E6AF41F4C37BAA6B4447D58B12FA4CFDBE512B0773358E11F8054F7AA851C559BDDB42
Malicious:false
Preview:...jfx-button {.. /*-fx-background-color: white;*/..}.....jfx-password-field {.. -fx-focus-color: transparent;.. -fx-background-insets: 0;.. -fx-background-color: transparent;..}.....jfx-text-area > .scroll-pane {.. -fx-background-color: transparent;.. -fx-background-insets: 0, 0;.. -fx-padding: 0;..}.....jfx-text-area:focused > .scroll-pane {.. -fx-background-insets: 0, 0, 0;.. -fx-background-radius: 0, 0, 0;.. -fx-background-color: transparent;..}.......jfx-tab-pane {..}.....jfx-tab-pane .headers-region {.. -fx-background-color: #4059A9;..}.....jfx-tab-pane .tab-header-background {.. -fx-background-color: #4059A9;.. -fx-background-radius: 0;..}.....jfx-tab-pane .tab-header-area .jfx-rippler {.. -jfx-rippler-fill: white;..}.....jfx-tab-pane .tab-selected-line {.. -fx-background-color: #00e0cb;.. -fx-pref-height: 3;..}.....jfx-tab-pane .tab {.. -fx-cursor: hand;..}.....jfx-tab-pane .tab .tab-label {.. -fx-font-weight: normal;.. -

C:\jar\php\framework\FrameworkPackageLoader.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):9785
Entropy (8bit):5.83515050638542
Encrypted:false
SSDEEP:192:GR+yy5pK/yfNllJsmCySl7OknPaZiADFS7GCplP:WKLlJW5OmPBAJCp
MD5:6486E3F01A854E8C6898770873C9435F
SHA1:7819DCF287120A1336BB89567407790C887C1022
SHA-256:5A35DD922E8EFEBDA0CC549722C6A42693D13A24F20BDA3A2AD7E8C36C5677DB
SHA-512:0BF14385943615558208F924F1BA4A37F845F83F5B4351732A95C7A86C31AA954562AA1C08FB1D27B5608EF577B0179E8258B93CCD1DB4EAAC064575C47FF8C2
Malicious:false
Preview:..J..3S...........-942753492~2487...-.-$php_module_m6883e7dce8494c4780b1f1aa5bec640c............Unknown..............................$.$php\framework\FrameworkPackageLoader...4.4$php_module_m6883e7dce8494c4780b1f1aa5bec640c_class0...........Unknown......php\lang\PackageLoader.................................................makeFrom......makeFrom$0...........Unknown.......................fileOrStream........$..Unknown.................8.@param string $name.@return Package.@throws \Exception................................load......load$1....S......Unknown.......................name....S......Unknown...................................2.y..4$php_module_m6883e7dce8494c4780b1f1aa5bec640c_class0......php/runtime/ext/core/classes/WrapPackageLoader......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/Metho

C:\jar\php\framework\Logger.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):11577
Entropy (8bit):5.593576259556304
Encrypted:false
SSDEEP:192:J0Pqoi4qgdhLCAjFu9bpWlE7C6D6Iyhe3dooiSgVVOvvFSdHl:J0iH4qgdhL1E7WK7l/73dooiSgVVOvK
MD5:8A44BEA40158F607D7DDC966BA4206E0
SHA1:187F2BD373DDB5F803C13CE4B9EB0AF81DC05199
SHA-256:CCDE2AF33B5913AFF67E1597A3F03911EB9A8AC6AD29D394AB581230641BC560
SHA-512:323D04FF0CE26272EF5F0052FACB990C609ADC0EB1E93BA65D9C68B06FFEF001034530628B328712C804E71370AD57BAA1D97B60A0B1AC60B391835E250A6B21
Malicious:false
Preview:..J..3S...........-1331144051~2133...-.-$php_module_m557efd7b8bf44a4eb82bc67bbff037c0............Unknown.................................php\framework\Logger...4.4$php_module_m557efd7b8bf44a4eb82bc67bbff037c0_class0...........Unknown.....................LEVEL_ERROR..............................LEVEL_WARN..............................LEVEL_INFO............d.................LEVEL_DEBUG................................level...........Unknown....................showTime...........Unknown.....................@return int................................getLevel......getLevel$0...........Unknown...........@param int $level................................setLevel......setLevel$1....!......Unknown.......................level....!...$..Unknown...................@return boolean................................isShowTime......isShowTime$2....)......Unknown...........@param boolean $showTime................................setShowTime......setShowTime$3....1......Unknown.......................showTime.

C:\jar\php\gui\AbstractFormWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10424
Entropy (8bit):5.624256085406394
Encrypted:false
SSDEEP:192:MLmDN1Qt8ilqd4B3MIvpJBdDRRmKPlKrFS7GCplP:D2xgd4B3MKJBd3P0Cp
MD5:32776EBA128C83E0EB1E43E9FA5CCFAE
SHA1:6E2D79A895003E1DBD3A14CF3737B59428FD893F
SHA-256:F02CC7707BFC8630E040F43E99A01A81B2F8D942151F90060F326B553B89CBE8
SHA-512:854F38CE604F14D44AA7B89C0116C6B48BEBE3E3A44D1AD84540FE3FFBF3A38E3AE1457ACC3EAB8046EBCDC18ADCF3A80D2FBDB1E4B39A07EE92CF78AD873302
Malicious:false
Preview:..J..3S...........1170252201~990...-.-$php_module_mb7bcd7c6764e4c9db972f200455bc1c8............Unknown...........6.6$php_module_mb7bcd7c6764e4c9db972f200455bc1c8_closure0..................................__invoke......__invoke...........Unknown...................Y.......2....6$php_module_mb7bcd7c6764e4c9db972f200455bc1c8_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\php\gui\UXButtonWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3852
Entropy (8bit):5.558344490246981
Encrypted:false
SSDEEP:48:k/Hyn25L6EjoOa/AjsgjNKaeEFz+zgT67wqVhlGl0QQpcp/Hyn25L6EjoOa/Ajsr:HeQO2lM2lQWTeQO2lM+FSIWGC4MloO
MD5:3A137EAF9CE64078D3472237F8F9B900
SHA1:77D74B675B7C481E8EF354CE8C2DC6B4AF478C6B
SHA-256:BEC42C5037E366A737C96D7A3733FBEBDEB8323FE8D7CD8C352C9863BF799B65
SHA-512:2E73963C130D7D6DC56B2AC30AE7EDABBF181923CBCCD3CEADF065B6C847209965EA6BCF77B635E1241985DAAAA868910B2F33FFBF27C82A9CF7AFEB6054D912
Malicious:false
Preview:..J..3S...........96195728~156...-.-$php_module_m848d38750f8842e780b2d1df9a65801e............Unknown.................................php\gui\UXButtonWrapper...4.4$php_module_m848d38750f8842e780b2d1df9a65801e_class0...........Unknown......php\gui\UXLabeledWrapper...........................A.......2.N..4$php_module_m848d38750f8842e780b2d1df9a65801e_class0.....4$php_module_m0e2ff02941304f768cfc7a1d2d64a268_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXButtonWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.............

C:\jar\php\gui\UXCheckboxWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3859
Entropy (8bit):5.546223076599153
Encrypted:false
SSDEEP:96:LiWeQO2lMMtlQWgeQO2lM+FSIWGC4MloO:Pl9cFS7GCplP
MD5:1DB0D07BF89877A12EF16851D712F3B4
SHA1:32DFD41678CE8961C19E1DF098F586AC8139CC73
SHA-256:20217BD03AEBC4808EE258C942F0F95F56895652018AA7684C9EC7BEB84F5E08
SHA-512:9DFCE438C380E38E0A9F20AAF679D6101AA84EBA7C67637B5DEEC7631825DC06CBC6BCA96CC1CDEA826733B05B63BF272289F4E97171F8CDF9D93C8B8660A6A2
Malicious:false
Preview:..J..3S...........-1922299090~160...-.-$php_module_m5ade4b23e63a4642bf2aeddb57d2997b............Unknown.................................php\gui\UXCheckboxWrapper...4.4$php_module_m5ade4b23e63a4642bf2aeddb57d2997b_class0...........Unknown......php\gui\UXLabeledWrapper...........................C.......2.N..4$php_module_m5ade4b23e63a4642bf2aeddb57d2997b_class0.....4$php_module_m0e2ff02941304f768cfc7a1d2d64a268_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXCheckboxWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V......

C:\jar\php\gui\UXDatePickerWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):5980
Entropy (8bit):5.6503011452855265
Encrypted:false
SSDEEP:96:oKHplFeeQO2lMmT1CD2bQRJrNs6NhH/NteGlvG8+17seQO2lM+FSIWGC4MloO:8y6QRs2hl+VpIFS7GCplP
MD5:209C1022AE7E78DA120D8BAECD2098BD
SHA1:61DF02198EACB6E16D971E572FAAE90A73058B91
SHA-256:3A0F620C06825AB51F44626DF06CAB84B1D33B8837102A91953E6F1222C7B33F
SHA-512:514D55FE0DE10E237D6B1527C5B41914D1003EF690F1124AD988A649B6608C2DAA11AC894EE93FC37FC647D1EF973A7B30752D637756EC14507DF8CC6E782289
Malicious:false
Preview:..J..3S...........1829119534~436...-.-$php_module_m50f6eb7ace77472fac3141295117cb08............Unknown.................................php\gui\UXDatePickerWrapper...4.4$php_module_m50f6eb7ace77472fac3141295117cb08_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_m50f6eb7ace77472fac3141295117cb08_class0.....4$php_module_me34517919db84f2995e0d2e03779977b_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime

C:\jar\php\gui\UXFlatButtonWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3860
Entropy (8bit):5.546483404745375
Encrypted:false
SSDEEP:96:M8c9eQO2lMpqlQ28/eQO2lM+FSIWGC4MloO:ildCFS7GCplP
MD5:EAE7124449F4154E5F2F10EA1EDD3E01
SHA1:93DB4230ECEAF2F3EC4B681B9631360C1EEBEDB9
SHA-256:7AE986EE6691763B254066DE77D9678AC56EC2B6BC4844AB3EE80D5052495357
SHA-512:8E2B12C6689D18E3677E78EA9E15858E7F83708C5CBFDF5423F8757E04DC1E767A6A2B3E2E4C8ADA77A8664F9D4A034999D1B7520D0F65687F64AAEDC9B3ED2E
Malicious:false
Preview:..J..3S...........957692379~81...-.-$php_module_m5472cc3deba24fbeabb10639d6314f1e............Unknown.................................php\gui\UXFlatButtonWrapper...4.4$php_module_m5472cc3deba24fbeabb10639d6314f1e_class0...........Unknown......php\gui\UXLabeledWrapper...........................E.......2.N..4$php_module_m5472cc3deba24fbeabb10639d6314f1e_class0.....4$php_module_m0e2ff02941304f768cfc7a1d2d64a268_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXFlatButtonWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.....

C:\jar\php\gui\UXHyperlinkWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3859
Entropy (8bit):5.548232158833862
Encrypted:false
SSDEEP:48:FNHyn25L6EjoOa/AjsgjNKJeEFzqzgT67wqVhlGl0Q2cT/Hyn25L6EjoOa/AjsgQ:meQO2lMJlQ2xeQO2lM+FSIWGC4MloO
MD5:81D53F4D41A75552F3C7B6AE19E3B3FA
SHA1:28E1C66016572774204FC24EBCC9356CB6EE2E06
SHA-256:8505CCB7F6957D5BD0542D231BB98B6E66E9D2CED684477E8AEC5322D561F5F1
SHA-512:F0ADA02B15C775D61CFE2933BB37232FABCB9CE5C30803E0E9F77701CCC05D9E1CD0B0FA8D6AC47B87D524740E2151DDF7EC3DD29428DE25D39BFB5994EC4463
Malicious:false
Preview:..J..3S...........1817203090~80...-.-$php_module_ma951fd32e3014b10890bcd4dc700cc7c............Unknown.................................php\gui\UXHyperlinkWrapper...4.4$php_module_ma951fd32e3014b10890bcd4dc700cc7c_class0...........Unknown......php\gui\UXLabeledWrapper...........................D.......2.N..4$php_module_ma951fd32e3014b10890bcd4dc700cc7c_class0.....4$php_module_m0e2ff02941304f768cfc7a1d2d64a268_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXHyperlinkWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V......

C:\jar\php\gui\UXImageAreaWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8711
Entropy (8bit):5.878387245797188
Encrypted:false
SSDEEP:192:Fyap9W9NdQOml0+uCPRWOEye71p/jFS7GCplP:IapkNKqFZCp
MD5:094E8822A9AA0CA098647B07B8FA21C8
SHA1:4774372756F3D3EC7FC71E1086A9FB95CA3D0D02
SHA-256:4EF2D080F94C2BE6724DF0CF3881571DBB244658099A2243F7014D75BC50823C
SHA-512:9BA7BF289389B8EF2564ACEBFDC32A0592A1659730732F1660955411254C6753255CEAED1AF06C58D122D100A93339D33025DED512D15B2B3ADEF05CD3CEED26
Malicious:false
Preview:..J..3S...........2096321284~1233...-.-$php_module_mc76114557eed420ca6ad40d58315bfea............Unknown.................................php\gui\UXImageAreaWrapper...4.4$php_module_mc76114557eed420ca6ad40d58315bfea_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_mc76114557eed420ca6ad40d58315bfea_class0.....4$php_module_me34517919db84f2995e0d2e03779977b_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime

C:\jar\php\gui\UXImageViewWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):21976
Entropy (8bit):5.7544147883781385
Encrypted:false
SSDEEP:192:jn8x9c+Wl3kSBQSuEPylh4n8xJ4S/1lLkvuE3lxcgYyap9W9NdQJgRlaNniI2cKU:zacWSy7yyKaq8imarVapkNq8UkplCp
MD5:004CD0AD7ABB3C162AB9BD640D90317B
SHA1:110FFD0761B057B69BCBBE2BA6AC9ED6503177A4
SHA-256:E821DD1ED083877E9A6457A062BA96B9D2B66E32DB43504739717085DD8E75CF
SHA-512:19EA00D5F9E5C3E5DA3D85EDE664D03118DA19230A0F8C6489A25FD6E3741EC7D99D24BA8F3501158EB16821332F58BD82EA1AE642EDCA7C2828E0313F173B81
Malicious:false
Preview:..J..3S...........-1007225520~1472...-.-$php_module_m2393cd7ee43a481bb59d80fdd538825c............Unknown...........6.6$php_module_m2393cd7ee43a481bb59d80fdd538825c_closure0..................................__invoke......__invoke........)..Unknown...........................2....6$php_module_m2393cd7ee43a481bb59d80fdd538825c_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\php\gui\UXLabelExWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3852
Entropy (8bit):5.551203538169539
Encrypted:false
SSDEEP:96:oFJqneQO2lMNolQ2FheQO2lM+FSIWGC4MloO:oFJPoldFLFS7GCplP
MD5:21C9E55800C6221C6FC87EDC899772C5
SHA1:B4F9A10DAFA5E3997370EAE1DEF5D3DB4F112A9C
SHA-256:03916E8F2933A6F4FF974494B1A13A6F9F59ED532E9D8625439B7A17FF04CA4F
SHA-512:FC6B786805C01FC332BB7EAA48441DA0911797D041A0E4C3C9C3CEB59EDD247511D555821E7BE8D0AC7D069641A4501A75B11636B1587B33465ADE7B325D7B17
Malicious:false
Preview:..J..3S...........135578546~76...-.-$php_module_m1e458ca752144a8ab7332766141375c5............Unknown.................................php\gui\UXLabelExWrapper...4.4$php_module_m1e458ca752144a8ab7332766141375c5_class0...........Unknown......php\gui\UXLabelWrapper...........................B.......2.N..4$php_module_m1e458ca752144a8ab7332766141375c5_class0.....4$php_module_m98c7ceb7736b4c8aa37e995dfd4f860a_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXLabelExWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.............

C:\jar\php\gui\UXLabelWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3852
Entropy (8bit):5.547229781708692
Encrypted:false
SSDEEP:96:vb/beQO2lMDglQ2kpeQO2lM+FSIWGC4MloO:Xld8FS7GCplP
MD5:03D4410188DD99157FB991805F6509B3
SHA1:6A4B843FD19EA630672C508BC3FA3FBB17BB9C8F
SHA-256:EA14A59B983F56A0CDA682939E01F49E8E3B208BD9EC054E4309B439B463866F
SHA-512:4EB3D01F03E3A091ECAA0A160CD57E952EA6999D228C54050F83158EE9B9417B6CE6C8E0B9CAA851ABF9CDA2A9210AA9A5BB1A6C8DEE13D89CD54ADC1423FAB1
Malicious:false
Preview:..J..3S...........-1473722300~76...-.-$php_module_m98c7ceb7736b4c8aa37e995dfd4f860a............Unknown.................................php\gui\UXLabelWrapper...4.4$php_module_m98c7ceb7736b4c8aa37e995dfd4f860a_class0...........Unknown......php\gui\UXLabeledWrapper...........................@.......2.N..4$php_module_m98c7ceb7736b4c8aa37e995dfd4f860a_class0.....4$php_module_m0e2ff02941304f768cfc7a1d2d64a268_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXLabelWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.............

C:\jar\php\gui\UXLabeledWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7702
Entropy (8bit):5.756738324725284
Encrypted:false
SSDEEP:96:c+Lf1f1FeeQO2lMmTeDu7apJ9N7DboNiPE/NomN8QhelPyrPUlllOz3qebMemter:cmzyap5ff8lhBcllWqoMBFS7GCplP
MD5:D10EEFC5A4660825DAC19C1D86B66977
SHA1:9213AD28EB598ABAFA7FFD34107C5F84D778711D
SHA-256:5C097883AA6E937236171ECF6F3D68A46297B6B953356F4E412708937843914C
SHA-512:69EF14C739E6428BC5A83109915E4A7A5A639168EB5801EED38E359C985B8837AFA843F135C5DE39FF758C13811E1E6CAF69B8B0DE4D8751FC6FBD116EE839FB
Malicious:false
Preview:..J..3S...........1625070740~621...-.-$php_module_m0e2ff02941304f768cfc7a1d2d64a268............Unknown.................................php\gui\UXLabeledWrapper...4.4$php_module_m0e2ff02941304f768cfc7a1d2d64a268_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_m0e2ff02941304f768cfc7a1d2d64a268_class0.....4$php_module_me34517919db84f2995e0d2e03779977b_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/in

C:\jar\php\gui\UXListViewWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):5933
Entropy (8bit):5.650817522444727
Encrypted:false
SSDEEP:96:b5KFeeQO2lMY1CD2bQRJrNdZzcNw/NucGlvQ7o2MRireQO2lM+FSIWGC4MloO:5y6QRdNpalWonRixFS7GCplP
MD5:E58AD1F7D6B1E6A1E93811255382D811
SHA1:ED2184757BCCB33F244856EEFFCE55B4AC93FE5E
SHA-256:D7F9E369348D943E3353031F53A139614F8CE631B901F3CAF1A9C1A760207FE8
SHA-512:0A24FA6C11BDE10AE8E1094E89D33933655500E92E1D05AA692E3B9873E9585D0D18A0DC8B4EF62D69DC804F4DF8B0FCA4B5137E38DBCFAE26A9BD9F47D75D1E
Malicious:false
Preview:..J..3S...........-89148622~390...-.-$php_module_m33aad40c21b34d7889ff89204827e83d............Unknown.................................php\gui\UXListViewWrapper...4.4$php_module_m33aad40c21b34d7889ff89204827e83d_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_m33aad40c21b34d7889ff89204827e83d_class0.....4$php_module_me34517919db84f2995e0d2e03779977b_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/in

C:\jar\php\gui\UXMaterialDatePickerWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):6004
Entropy (8bit):5.649772833003571
Encrypted:false
SSDEEP:96:nkz0wjFeeQO2lM5h1CD2bQRJrNs6NhH/N8/vYPl7x+1lf1eQO2lM+FSIWGC4MloO:Yy6QRs2celI3XFS7GCplP
MD5:70F8CA3205BD2FE26A470A181C925193
SHA1:F650C08185C0D10E0CEB49FA6CAA15A0156E6835
SHA-256:FDDDCC88B6ADC1E2D4BD966BC61AF643F644DADAB6C86494624891F17CF2CFCC
SHA-512:712AFDCA781F37ED9F55436C4C15AD74561DECD6ED466FD0DA7CC01795898E6E153D00EF997F8E870F81F5071255903A79DFE1501CF0C2BB208451761D81CEB5
Malicious:false
Preview:..J..3S...........181846397~392...-.-$php_module_md43ff53b79174e4088e6cb4cf7e5ff68............Unknown..............................#.#php\gui\UXMaterialDatePickerWrapper...4.4$php_module_md43ff53b79174e4088e6cb4cf7e5ff68_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_md43ff53b79174e4088e6cb4cf7e5ff68_class0.....4$php_module_me34517919db84f2995e0d2e03779977b_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/

C:\jar\php\gui\UXMaterialTimePickerWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):6142
Entropy (8bit):5.666800421814613
Encrypted:false
SSDEEP:96:Ha0vAFeeQO2lM0s1CD2bQRJrNs6NhH/NwZy6wPGlbB+oBQx15zzeQO2lM+FSIWGu:Oy6QRs22ZaGlorZFS7GCplP
MD5:1B212F7CB75A96E13E85728F3AA6B07D
SHA1:FA21E1F255C3716BB4F009E748125FA652A26506
SHA-256:8BC95E27690BC7BBA907CDF8208672129A9B087161756045AC3C4345155258AF
SHA-512:A37A8BA69239C516250AD35C7E8C6BC441E0C2BCD90FC20A699CB81AC9B01EED9370667CB69CF3D677C1FF1041EF193E7FEC831AB09AF431D355E61CB34D1B5C
Malicious:false
Preview:..J..3S...........2126226965~454...-.-$php_module_me3bb416e051e4397b0d5138c102cb4be............Unknown..............................#.#php\gui\UXMaterialTimePickerWrapper...4.4$php_module_me3bb416e051e4397b0d5138c102cb4be_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_me3bb416e051e4397b0d5138c102cb4be_class0.....4$php_module_me34517919db84f2995e0d2e03779977b_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp

C:\jar\php\gui\UXNodeWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):69933
Entropy (8bit):5.844904012751772
Encrypted:false
SSDEEP:1536:VDy9uLfVgeQWWEX7gJUOnfkgTrkhMHg3Sn6111vLWK:VDy9uLfVgeQWWEX7gJUmfkgTrqMHg3qk
MD5:D3DE5FB2B9B60706983BEC67FE2649A7
SHA1:32EAF6440D76400DA3E1C0006547D11F8906BF5F
SHA-256:513A116C79EEFD3AD471C1EA2FDBAF7451889BCBCCE3A65B956EA14C855C394B
SHA-512:68D5AE252D3FE7353F351E6B31F490CE78F69C860CF8E112F256AB968F069595B4F22B8BD856E8CEBAADB5A50831CD76BB90B49DFF04296EE8F7252FF0F490A0
Malicious:false
Preview:..J..3S...........247136857~8928...-.-$php_module_me34517919db84f2995e0d2e03779977b............Unknown...........6.6$php_module_me34517919db84f2995e0d2e03779977b_closure0..................................__invoke......__invoke....[......Unknown...........................2.j..6$php_module_me34517919db84f2995e0d2e03779977b_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\php\gui\UXPaginationWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):12157
Entropy (8bit):5.664637124009154
Encrypted:false
SSDEEP:192:lIG7BsCBYBrblXaKypAjnFluWCvy3EN9qqlfh/FS7GCplP:lIG7MP9a1pmoWCv8EN9f/FCp
MD5:F85EA9E48B2810FF9924A324BD0D5FD6
SHA1:620EE5DF5BE71EA0E7212A784360651FB2D9BE8C
SHA-256:E67B8E1CBD5F0B7ECC09D03B1FD3D64EBADAF67B54785F73CE55D9BAF819D107
SHA-512:B17B4BBD8B2D1B89684F16E0C1A9FE9D19E1DD4A4850D29BFFC64D406D7EB3AE864EAF2C624CF339513DAC157CF60049DE61C98B00939057FAAFE36AB30A5B73
Malicious:false
Preview:..J..3S...........-1841328868~783...-.-$php_module_m30f9c0c5850b4fd9a2feb5523518a4cd............Unknown...........6.6$php_module_m30f9c0c5850b4fd9a2feb5523518a4cd_closure0..................................__invoke......__invoke...........Unknown...................+.......2.x..6$php_module_m30f9c0c5850b4fd9a2feb5523518a4cd_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\php\gui\UXScrollPaneWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17332
Entropy (8bit):5.700362835410494
Encrypted:false
SSDEEP:384:BPYxVQNr5cZ/RLojaiGjTzDXQRRQM899qNtVNhp9Cp:BPYkF5q/RUjaJjTzbaQM89kDrYp
MD5:F1786E7856433509CE5FCA72869B9A9A
SHA1:51EFCEEB4F052A35E54B08241A07A38DFA931AF1
SHA-256:9412AE24ED6E674979CC58D79DEA3A6DC0AAD597EC1C34E03829F5A3D306D4B8
SHA-512:A5B3A597DD750999F686E676073A68B696503733CE1B8D211CB47A8B4A5C1BBBC204C839E5B6F75C43305477F094EA3B67B03A22EE8B9EDA350145F3C7BD45A5
Malicious:false
Preview:..J..3S...........618239138~1193...-.-$php_module_me15e92dbd41d409ca75ae1719f896ef7............Unknown...........6.6$php_module_me15e92dbd41d409ca75ae1719f896ef7_closure0..................................__invoke......__invoke...........Unknown...................#.......2....6$php_module_me15e92dbd41d409ca75ae1719f896ef7_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\php\gui\UXTabPaneWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8856
Entropy (8bit):5.86502692525735
Encrypted:false
SSDEEP:192:64Vc4jy6QRJwoY23D7kFllbNPN7RFS7GCplP:5xXQR6oVnkvZLrCp
MD5:D53D2C5A3212A40A474F4BE3C510F908
SHA1:FE7207077BE2D6D6E3CC4C374C934E22678D0DE7
SHA-256:83541E6429D099B01524ADB922702C2D3BC529756E32F593B171863E91AB9AE4
SHA-512:A42DD89AA2152B304ADC1C5663D5BC2FDE977C2608BF4AC7E9E18540005C5D456F2C8C84262F7EBFECBEC14D11C019EB5AE112B557FC6D5205366BE2512EA046
Malicious:false
Preview:..J..3S...........-754547672~1701...-.-$php_module_m54c83a3810404fad895813d65d11517e............Unknown.................................php\gui\UXTabPaneWrapper...4.4$php_module_m54c83a3810404fad895813d65d11517e_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...........................2.......2.N..4$php_module_m54c83a3810404fad895813d65d11517e_class0.....4$php_module_me34517919db84f2995e0d2e03779977b_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/i

C:\jar\php\gui\UXTableViewWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):5992
Entropy (8bit):5.657953656811501
Encrypted:false
SSDEEP:96:I0xFeeQO2lMk1CD2bQRJrNs6NNe/exLKJ+vHbDltc+/cS6eQO2lM+FSIWGC4MloO:Sy6QRs+KGH/lH/c/FS7GCplP
MD5:5CC2D39C1DE76A6BD174451AEAFEA470
SHA1:013B74F2931BA69BD9FCB6E39068E1F00D1691EE
SHA-256:8CA8E9871356AEF50D65E07657E500C49CA77EAF7883CD7687DB6626B0AE617D
SHA-512:B39C5951DB73CF1AFCDD624FD5D140C1720BE55648162CC9CAA676A14495F0C6098BCA3CF2095ECF92D93731E464454DD3E00569AADDB2B7CD144EFBFAA9B5F6
Malicious:false
Preview:..J..3S...........1589161237~495...-.-$php_module_mc04815bbda7b498a9b7fbf8e4ddcbd03............Unknown.................................php\gui\UXTableViewWrapper...4.4$php_module_mc04815bbda7b498a9b7fbf8e4ddcbd03_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_mc04815bbda7b498a9b7fbf8e4ddcbd03_class0.....4$php_module_me34517919db84f2995e0d2e03779977b_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/

C:\jar\php\gui\UXTitledPaneWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3861
Entropy (8bit):5.551012133914068
Encrypted:false
SSDEEP:96:QaWeQO2lMHtlQ2OeQO2lM+FSIWGC4MloO:9ld2FS7GCplP
MD5:09B37B28BB376E4C846751F25D83EB20
SHA1:350D9BBD1A52985FC6CA6D20C66F3219D918862E
SHA-256:817F429E15CCC14C40375C2040E255E4DA80D5437DF4003A1CA7FE9448546D96
SHA-512:37371C88CBBAC158AAFE85A02871CB879C8A23B9E8BA0E8FF852774F77138A1B239F3483BFB942C78ACDB968F2B9C9A112D3D2789980DB62D3FBAFBA048B9BF2
Malicious:false
Preview:..J..3S...........1132070130~81...-.-$php_module_m040c68fb102f4e6980dc5bda532e4a5b............Unknown.................................php\gui\UXTitledPaneWrapper...4.4$php_module_m040c68fb102f4e6980dc5bda532e4a5b_class0...........Unknown......php\gui\UXLabeledWrapper...........................E.......2.N..4$php_module_m040c68fb102f4e6980dc5bda532e4a5b_class0.....4$php_module_m0e2ff02941304f768cfc7a1d2d64a268_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXTitledPaneWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V....

C:\jar\php\gui\UXToggleButtonWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3865
Entropy (8bit):5.559954963564282
Encrypted:false
SSDEEP:48:/dHyn25L6EjoOa/AjsgjNKUeEFzwzgT67wqVhlGl0Q2cV/Hyn25L6EjoOa/AjsgQ:UeQO2lMqlQ2veQO2lM+FSIWGC4MloO
MD5:B06DFCC64AB94689BAEEA3AF78694512
SHA1:3C7914AE8934B1DF51E097F3CDF697D004982A4F
SHA-256:0281185642474C2F983F726270EA5DD26A92A26B79E2F93A344DF79338073EDF
SHA-512:220B7C49DF374B66B1BFFFAC973201E0AC0CF04BCEBA9F1DE37DC956F9C1FB763DBE706ECF165725B1DEDCD53B0A545CC5D482C11904EBD8740C01364F26C511
Malicious:false
Preview:..J..3S...........-362880672~83...-.-$php_module_m2c5b52df66ac4bb3b29e70cb50d20381............Unknown.................................php\gui\UXToggleButtonWrapper...4.4$php_module_m2c5b52df66ac4bb3b29e70cb50d20381_class0...........Unknown......php\gui\UXLabeledWrapper...........................G.......2.N..4$php_module_m2c5b52df66ac4bb3b29e70cb50d20381_class0.....4$php_module_m0e2ff02941304f768cfc7a1d2d64a268_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXToggleButtonWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V

C:\jar\php\gui\UXWebViewWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):20299
Entropy (8bit):5.684869190480231
Encrypted:false
SSDEEP:192:2gfSnlBgX3sLmVN1QL8ilqXpIbTEmlScB5LiPLizEm6clFsoYy6QRsY3v5MlwNFK:XfSnygxgXpIlocbsoYXQRRMCa8Cp
MD5:F944A36E70BD258624E29B2550AAC146
SHA1:542390DB67B5DA0285E323838ABA9A47EF770BAE
SHA-256:D48559169C3B0435F56358EEF8AFE0B6D1C18764428EC5AB879CEFA26EEA47D0
SHA-512:E6759CE938BC6384A18AAEF9CF47BE8E975D1D99E8FB587CAB5BCB713461D3C5E8E345972FD5DDCA161B1AE1FE1B7F7518B8C2F705613AA29D683320092DCF04
Malicious:false
Preview:..J..3S...........-396388753~1407...-.-$php_module_mf2c687f49ce54ed2a29378477e5e8256............Unknown...........6.6$php_module_mf2c687f49ce54ed2a29378477e5e8256_closure0..................................__invoke......__invoke........#..Unknown...........................2....6$php_module_mf2c687f49ce54ed2a29378477e5e8256_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\php\gui\framework\AbstractFactory.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):29780
Entropy (8bit):5.941396290375574
Encrypted:false
SSDEEP:768:NDsID8MRTMfTwvpf61YSOSC/Q2nPI4Sp:NootRKIpsRyAV
MD5:822D0F04798ADDE616F51ACDB535F791
SHA1:FD70E88335BAD4E9CE83F9533AF9DE88F7E73279
SHA-256:77A5D0A46342FD14678B84D157F91DCC07E62B4F8A101A21CC7D753B5158CBDA
SHA-512:3A80CB18E2D24AAA87005AE22CB273B913A961EC719C2A7ED34FAF9F1BCF4BACA4CD3AE74F9D83D217F409C73ECC9F9A9E6AF55DF341D8F79077FA6F40E35577
Malicious:false
Preview:..J..3S...........-1081657529~8128...-.-$php_module_m5f29fd52114f4ecba68204ff02d4e0f1............Unknown...........6.6$php_module_m5f29fd52114f4ecba68204ff02d4e0f1_closure0..................................__invoke......__invoke........ ..Unknown..............php\io\Stream...........stream........1..Unknown..............................php\io\Stream...........stream........1..Unknown...........................2.a..6$php_module_m5f29fd52114f4ecba68204ff02d4e0f1_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environm

C:\jar\php\gui\framework\AbstractForm.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):93476
Entropy (8bit):5.955209842146596
Encrypted:false
SSDEEP:1536:62HenPVxR7tYrcpr9fet+D5y/w2Op9KlqrSBeuZce4mvBgIS:62H4NnZYCrpO+w/w2OOlqruz4mvBgIS
MD5:551619DC1E7FCBF3548307AE2EAD1978
SHA1:21F804F4DB21A7FDD45FDC10FFF8068B1449D895
SHA-256:0A56E85C4616268BFF68AC72CCF65AB619910042F9E24A6B4884B3AC66D45F54
SHA-512:040131269B368CD35A98F001853429B4EB4DB2ACB34B199D925A3DC27BC9E7CD917255772C71E3D469D86F5365AC4C1E7969641C404E0A75F9F707ACB33A153D
Malicious:false
Preview:..J..3S...........-1514365766~23238...-.-$php_module_mf4ce3612792d451f8b42944a228c353d............Unknown...........6.6$php_module_mf4ce3612792d451f8b42944a228c353d_closure0..................................__invoke......__invoke....p......Unknown...................>.......2....6$php_module_mf4ce3612792d451f8b42944a228c353d_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...L

C:\jar\php\gui\framework\AbstractFormArea.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):14262
Entropy (8bit):5.665602025070964
Encrypted:false
SSDEEP:384:5EgVYeuMJ9HUyx0rSuTxtzEqI2OUheCp:evMfLqr5d021p
MD5:8279FE62575404A68EED88096EE12650
SHA1:D1DE12AAB60AE099E2A806CFEB848EF1AFDE87AF
SHA-256:37EF5F2B3FA1BFA5C3E9C5CF15E59DD326F13BD64F2331BBCBFA050E078A2774
SHA-512:AEBF3B6BE1C6C9D5763D612FE6074C91B57E0400344772874E79ECC136D922FD4D157DE2D1F0E3D8771FE8258909E289BAD4B51C38D8D43F50034A46F7E86B2B
Malicious:false
Preview:..J..3S...........284623688~1797...-.-$php_module_m81cf0fb2a2ed4ebd911bff0216ebaddd............Unknown...........6.6$php_module_m81cf0fb2a2ed4ebd911bff0216ebaddd_closure0..................................__invoke......__invoke....0......Unknown..............php\gui\UXNode...........context....0...+..Unknown...............................id....0...5..Unknown..............................php\gui\UXNode...........context....0...+..Unknown...............................id....0...5..Unknown...........................2....6$php_module_m81cf0fb2a2ed4ebd911bff0216ebaddd_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCach

C:\jar\php\gui\framework\AbstractModule.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):25046
Entropy (8bit):5.81642277154155
Encrypted:false
SSDEEP:384:zkLJdGe/E2lpFB6iJRJWv2t+bNw6ung3H1O:zkNdEu/JRJWv2t+xkMO
MD5:5875D0058F56B757C8B91CF8B8D8323B
SHA1:1E6BDED7349B685AAFC252DF7808E6214672C0C8
SHA-256:D01D41290A343DEBB0D5858C26FE6DFE78F34D24EC82532114B7BBD162F67FDB
SHA-512:F78CC76E9F156FE411C5EC050658998AC5239E7428B020C23524C445FB0663E576839D3C42D5069A1162D56B8E380C06B5723F2978A301963E5D64E220E84D74
Malicious:false
Preview:..J..3S...........518022837~5899...-.-$php_module_ma0f1eb4554c3456ea546773d56da28e3............Unknown.............................. . php\gui\framework\AbstractModule...4.4$php_module_ma0f1eb4554c3456ea546773d56da28e3_class0...........Unknown... . php\gui\framework\AbstractScript...................__behaviourManager...........Unknown....................__scripts....#......Unknown........................__modules....(......Unknown........................singleton....-......Unknown.............".....M.AbstractModule constructor..@param bool $mock.@throws IllegalStateException................................__construct......__construct$14....4......Unknown.......................mock....4... ..Unknown...........false.........................................loadModule......loadModule$15....E......Unknown.........................................loadScript......loadScript$16....n......Unknown........... . php\gui\framework\AbstractScript...........script....n.../..Unknown....................

C:\jar\php\gui\framework\AbstractPrototype.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):5529
Entropy (8bit):5.52379809094315
Encrypted:false
SSDEEP:96:w0QhCi+xeQO2lMsSz1Iq4mJ6NgDpYkldVDPrc5eeQO2lM+FSIWGC4MloO:wKdsxHllfDPxFS7GCplP
MD5:B7B5DBC81E5A25C73F0EB95E7649130B
SHA1:214B9333B819BD4FB1994E3F2738EF2410A6A6CC
SHA-256:F23EDF76607661BB8B075D2807DDB6217F10DA01B93632A697DED5F662065F84
SHA-512:BE31CD9E3260D35A7ABEDB5CA3E00344874B2D2CE6ACEC4285560FD4C7E15923727B14C7EA946CC569DB65B01DB079FC9C0F5DAE41E230D587A6B17C954FD9F2
Malicious:false
Preview:..J..3S...........2075653332~439...-.-$php_module_m3a2c9331aca24cc8ac67803d7b9211e2............Unknown..............................#.#php\gui\framework\AbstractPrototype...4.4$php_module_m3a2c9331aca24cc8ac67803d7b9211e2_class0...........Unknown.......................@return mixed................................newInstance......newInstance$0...........Unknown.........................................makeInstance......makeInstance$1...........Unknown.........................................bindEvents......bindEvents$2...........Unknown.......................instance........+..Unknown...................................2....4$php_module_m3a2c9331aca24cc8ac67803d7b9211e2_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,L

C:\jar\php\gui\framework\AbstractScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):19982
Entropy (8bit):5.709625906185062
Encrypted:false
SSDEEP:384:M7WN2wfMcppu65LthizmdYP4jgmHnESXgOmJ3RfCp:0hTcCsphiydYP4jnHESXoJ4p
MD5:B0B6F87E309AE62E2A5E74972AEFBCE0
SHA1:747210933B69BD52590562A54034FB42B0A8AD55
SHA-256:7F12A9A094F792F8B5B1416E081DBDCF556118D8C91CD1531BA1A49BDB85DB77
SHA-512:16CBB9F3ADA4C58663B21BA0F1A45FB7378F048B80B6541BA21B522339B6E39E20DEDA48914E2C4D4F4895F2A628F19452F61AB374D0A23EEAD4B3F8E7255524
Malicious:false
Preview:..J..3S...........652534489~4185...-.-$php_module_m6e621041c2194665b0d597c6b8df05de............Unknown...........6.6$php_module_m6e621041c2194665b0d597c6b8df05de_closure0..................................__invoke......__invoke....O......Unknown...................P.......2.r..6$php_module_m6e621041c2194665b0d597c6b8df05de_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\php\gui\framework\Application.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):53541
Entropy (8bit):5.819627991593303
Encrypted:false
SSDEEP:768:vjRi64t4jgMpCyrzP3nb/pgKx3g5yPkabYEPey1DZVDPp:rRi64t4TCU3DpJOE8abl7p
MD5:6E2A14CA79C014A1C21C551700077CAA
SHA1:415B0EDED1A207AB3003743B037D30A7F9734733
SHA-256:57606939036DC94F9D80272736B1800A2EEFC3F2E0B752BA507F0A8A5021A39D
SHA-512:881CA7177D444E2D912F95216BDC3E4FC775BCDE8336717906C38E5CAF1AA4694674C5798BF0DF340238E5322B3C3A6DFEBF8166C8026F1E8AF1CE5A18249DEC
Malicious:false
Preview:..J..3S...........-1731484288~15583...-.-$php_module_md07ceb7fe0ae4d0fb666a34fd33168ef............Unknown...........6.6$php_module_md07ceb7fe0ae4d0fb666a34fd33168ef_closure0..................................__invoke......__invoke....\......Unknown...........................2....6$php_module_md07ceb7fe0ae4d0fb666a34fd33168ef_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...L

C:\jar\php\gui\framework\ApplicationTrait.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):6593
Entropy (8bit):5.569445821706808
Encrypted:false
SSDEEP:96:ikExWeQO2lMbV1CD2fKQJ6NGqDI4lWQwP1e7b67oeQO2lM+FSIWGC4MloO:mny5QqDlsy6AFS7GCplP
MD5:EA26373B9CAB7D3BD5E32C5A74AD017A
SHA1:08CFE1254FFEB2811D0F3C7BB5E52A190DE5ED6A
SHA-256:ADD1BD9A61B34855822B882DA92AF0F0D6A8232FA712D693E1A9671EE1663405
SHA-512:F5D71B2BD8585522E6AACC5881238981354106D3E4123B3EC6F9CACBA48003CF6FF63449AB7BE8F4F86F41296DA6DF0C0CBA5E3D61D0259D4C2F976939F6486E
Malicious:false
Preview:..J..3S...........1807178409~897...-.-$php_module_ma26d9588f9d141e2bbd3f0cb5b592cb8............Unknown.............................."."php\gui\framework\ApplicationTrait...4.4$php_module_ma26d9588f9d141e2bbd3f0cb5b592cb8_class0...........Unknown.....................X.@param string $name.@return AbstractFactory.@throws \php\lang\IllegalArgumentException................................factory......factory$0...........Unknown.......................name...........Unknown.................H.@return null|AbstractModule.@return-dynamic $package\modules\AppModule................................appModule......appModule$1...........Unknown.........L.@param string $name.@return AbstractForm.@return-dynamic $package\forms\$0................................form......form$2....#......Unknown.......................name....#......Unknown.................#.@param $name.@return AbstractForm................................originForm......originForm$3....,......Unknown.......................name....,......

C:\jar\php\gui\framework\DataUtils.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17645
Entropy (8bit):5.88115197290072
Encrypted:false
SSDEEP:192:RMsJ/pwBfBfd9wPHuesCNeh09Zl3sHpCC2ZMGx2PcQ0lkv6BsCCU0WBfFS7GCplP:RMsJ/pwBfJdtes6xccQ0+WdBlCp
MD5:7A3E268F7DB107DA988D15DC0A163C90
SHA1:CF5549718E79291B34A0AFA3CD81422A87B1B359
SHA-256:FCDDE4F05B642B8885D7B7E814D0D9DEE894A6B291421F3DDF52CE89DDFDA93D
SHA-512:E787550CD57579BA523A33E688D87E189687536C824A5F07632C97A89BB5F351E79E718820154FC952DF4026D2B3439954E777266BDCFD5385898DC26BC61511
Malicious:false
Preview:..J..3S...........-78606280~6403...-.-$php_module_mfc504dd4ec4e46e6912414de9da838a4............Unknown.................................php\gui\framework\DataUtils...4.4$php_module_mfc504dd4ec4e46e6912414de9da838a4_class0...........Unknown.....................................................__construct......__construct$0...........Unknown.........................................scanAll......scanAll$1...........Unknown..............php\gui\UXParent...........layout........,..Unknown...............................callback........>..Unknown.................O.@param UXParent $layout.@param callable $callback (array $data, UXNode $node)................................scan......scan$2....8......Unknown..............php\gui\UXParent...........layout....8...)..Unknown...............................callback....8...;..Unknown...................@param UXParent $parent................................cleanup......cleanup$3....U......Unknown..............php\gui\UXParent...........parent....U...,..Un

C:\jar\php\gui\framework\EventBinder.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):21841
Entropy (8bit):5.9118412005519225
Encrypted:false
SSDEEP:384:iMIBNAaCSkPxeUSLCZtnUOoIjI30Bw7qn/whsBmPGeiHorXfNZdLbvd7vzZdE/1b:iMIkaqx0oU1v0GqnIhsBm+e7DXc9Vp
MD5:C3C3DB61FC009C7FAC7B2714AFC7CE07
SHA1:E0D9D616E0AB3079B00A767F40A5C06123B16A22
SHA-256:4025FBFF9FB8E5DD4EC853471FE109AC850267190EF9F7CC15A377C9626D69DD
SHA-512:53086B9327FD3188C4C1BBAE13F6B5A95A47DDB626AFDDBC4AB47405A0CF02B495146E901B07E90489784C4ACD38D8DC9ED1702AA33127CF720CF755AF8BA997
Malicious:false
Preview:..J..3S...........1704592071~7179...-.-$php_module_mc909405bdf1c4b6890c3f2dffb4e29d0............Unknown.................................php\gui\framework\EventBinder...4.4$php_module_mc909405bdf1c4b6890c3f2dffb4e29d0_class0...........Unknown.......................context...........Unknown....................handler...."......Unknown....................binds....'......Unknown........................lookup....,......Unknown..................:.EventBinder constructor..@param $context.@param $handler................................__construct......__construct$0....3......Unknown.......................context....3... ..Unknown...............................handler....3...*..Unknown..........null...........@param callable|null $lookup................................setLookup......setLookup$1....>......Unknown.......................lookup....>......Unknown.................2.@return callable[].@throws IllegalStateException................................loadBinds......loadBinds$2....G......Unk

C:\jar\php\gui\framework\GUI.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):9908
Entropy (8bit):5.748223179661501
Encrypted:false
SSDEEP:192:0TDQ46KeCGO+f9TZoMXPsWVlBb3/+g5VwmmZ9FS7GCplP:0T0lKeDOs+u0WVrrXnMDCp
MD5:5F55DEC8C832907105F13149AD29AF4A
SHA1:D8AB0E230AC6A7960BAE33DEAA2DDF120E474E3B
SHA-256:302CB0773BE29AD868494926538076B0DF6EFEACFF982D0681924610C9217F13
SHA-512:F7D5AF2115AC009D7787E63F2F58F7E3571D5439CFD319FA17E33715FD332F7D716B13FCAA8B362EB459391D50E61C8180A0C2B8DAB87D5BBCB468848F1AACAA
Malicious:false
Preview:..J..3S...........-2111447365~2349...-.-$php_module_m3cfc55a49b9f4986ab7869529e022cb1............Unknown.................................php\gui\framework\GUI...4.4$php_module_m3cfc55a49b9f4986ab7869529e022cb1_class0...........Unknown.....................F.@param Traversable|array $nodes.@param string $prefix..@return array................................getValues......getValues$0...........Unknown.......................nodes...........Unknown...............................prefix........&..Unknown...................L.@param Traversable|array $nodes.@param array $values.@param string $prefix................................setValues......setValues$1....0......Unknown.......................nodes....0......Unknown...............................values....0...,..Unknown...............................prefix....0...5..Unknown...................;.@param UXNode $node..@return bool|int[]|mixed|null|string................................getValue......getValue$2....B......Unknown..............php\g

C:\jar\php\gui\framework\Instances.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):15251
Entropy (8bit):5.483801014763366
Encrypted:false
SSDEEP:384:BzMYDwphvqp5pz4u2kjBAselQAkUxeV6InZCp:BzMYDKqp5pz4u2kX6Insp
MD5:9721C302363D30AB8E3459AE921E592F
SHA1:D22A652E3C47E40AA2EA47CBEFF7185B50094E01
SHA-256:D5B4AD4BB7CA8BEB5EB0C35C1D6BCC9D57B8E8BEFDC7CBA321FB33BA486AAF60
SHA-512:67D73FC8D1CCC73CD29DCBB86B6A5E95B7371B026F9A3571DA108C31DED572B8CB6B0F3716F02B74D0A8D3B275FF063C69C7222B916F5C87A6DDFE9C974324EE
Malicious:false
Preview:..J..3S...........-1164723965~2530...-.-$php_module_ma96af4ff09544241aab6f2de39440581............Unknown.................................php\gui\framework\Instances...4.4$php_module_ma96af4ff09544241aab6f2de39440581_class0...........Unknown.......................instances...........Unknown........................cur...........Unknown............................@param array $instances................................__construct......__construct$0...........Unknown.......................instances........&..Unknown...................@param $name.@param $value................................__set......__set$1....&......Unknown.......................name....&......Unknown...............................value....&...!..Unknown................. .@param $name.@return Instances................................__get......__get$2....1......Unknown.......................name....1......Unknown................./.@param $name.@param array $args.@return array................................__call......__

C:\jar\php\gui\framework\Preloader.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):18936
Entropy (8bit):5.77158512347599
Encrypted:false
SSDEEP:384:+ZdM3r3bHSkduMOJ3w3yBOdvymeV9J8/BDNnhCp:4dMb3ukduMS3f0VeV9JoD1Up
MD5:D3BA3E474273C471F6B7616E7A0C3D59
SHA1:9D843DDAEE0A51FF03BFD3EB9152A68635C27F7F
SHA-256:83884015AD039EB1AEFE45A086D5565D8D3FFE53B8944555BA673F63A9BE1F79
SHA-512:19BB6D124290D9C59183AA713AF0E88F028C0E2944CE36103F7E50F178ADC6BD3DBB38B23E6E1E094FAE154EF33A1ADB7736A22D540820D37D8B060A3D358D13
Malicious:false
Preview:..J..3S...........-306331794~2743...-.-$php_module_m51f4f12848164aff93ecb1c7cf8eaf62............Unknown...........6.6$php_module_m51f4f12848164aff93ecb1c7cf8eaf62_closure0..................................__invoke......__invoke....B......Unknown...........................2....6$php_module_m51f4f12848164aff93ecb1c7cf8eaf62_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\php\gui\framework\ScriptEvent.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7145
Entropy (8bit):5.495875887450214
Encrypted:false
SSDEEP:96:mN7KMzrLAeQO2lMEOc0iJx/Naf5NX0ac9N/lTzk+0k7SPVeQO2lM+FSIWGC4MloO:m5KMrWOBiDEHFI/l/kk7MfFS7GCplP
MD5:FFF373BC1E3F7DDD1EECE188ABCA7156
SHA1:64D9874310C9B5059619D3458CC6ABB5B1A9813D
SHA-256:C0854565227956FFA43E421778041B2FCC1B0959C8EA9FFF7D295134CA9B602A
SHA-512:9D9946DEDEB3FE0603056D43F0FAF707C7599FB1E6B5FABFF3274F9E040D546AAF93A8DD47D740E426AA67A451A9FF5AC797ECF1B4F999F7827CE6B0C5F4CB93
Malicious:false
Preview:..J..3S...........642455018~1071...-.-$php_module_m04ff5bba802f447eb74ce116797451d2............Unknown.................................php\gui\framework\ScriptEvent...4.4$php_module_m04ff5bba802f447eb74ce116797451d2_class0...........Unknown......stdClass...................sender...........Unknown....................target...........Unknown....................usage...........Unknown............................consumed...........Unknown...................L.ScriptEvent constructor..@param AbstractScript $sender.@param null $target................................__construct......__construct$0....%......Unknown........... . php\gui\framework\AbstractScript...........sender....%.../..Unknown..........null.......................target....%...?..Unknown..........null.........................................done......done$1....,......Unknown.........................................isDone......isDone$2....1......Unknown...........Consume event.................................consume......consume

C:\jar\php\gui\framework\StandaloneFactory.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):6551
Entropy (8bit):5.688407155102867
Encrypted:false
SSDEEP:96:QK1/dV4ML7qeQO2lMjnEkoyDAJpNQ/NpNiOzarlNxIaLxBHeQO2lM+FSIWGC4MlP:QK1/daM3vnjAi0O4lPIuxBdFS7GCplP
MD5:DD48CDB66DC77AE51EC1FD43723CE498
SHA1:1F6B15C6662223FB00A600F64AC52ACDCC8ABACB
SHA-256:D8223B0A91767C77E3DEF174B5623B0F87E8E2F686452C23E650B78D063DB253
SHA-512:BF2538749FF78FAC5E92CFF45DDB295AE69E91BB23AFAEB45E3640759FA423930667B7518DFE469E378ECBD37668FC625988838EE81B7CAB27DE4D786863F8C2
Malicious:false
Preview:..J..3S...........-1189001877~795...-.-$php_module_m89603a89cea546bc9d02d848d6fadf89............Unknown..............................#.#php\gui\framework\StandaloneFactory...4.4$php_module_m89603a89cea546bc9d02d848d6fadf89_class0...........Unknown...!.!php\gui\framework\AbstractFactory...................StandaloneFactory constructor..@param AbstractForm $form.@param $fxmlFile.@param BehaviourManager $manager.@param EventBinder $eventBinder................................__construct......__construct$8...........Unknown..............php\gui\framework\AbstractForm...........form........-..Unknown...............................fxmlFile........4..Unknown...................3.3php\gui\framework\behaviour\custom\BehaviourManager...........manager........P..Unknown......................php\gui\framework\EventBinder...........eventBinder........f..Unknown...........................y.......2....4$php_module_m89603a89cea546bc9d02d848d6fadf89_class0.....4$php_module_m5f29fd52114f4ecba68204ff02d4e0f

C:\jar\php\gui\framework\View.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7521
Entropy (8bit):5.806843571045686
Encrypted:false
SSDEEP:96:vhueQO2lMIkonKJ9NEIDwxcN/lQx5cNtelNsuJG6BaUUUUW/B7MK0E3eQO2lM+F6:veKT0xYeluu86BHtTFS7GCplP
MD5:8BE42EAAC0892982F3E3B0D52CD51F46
SHA1:9E0C43031B592DBBBA153928D82A90CF56F61123
SHA-256:4D70005E2F93B66F3B7D39A522C9D99C47EE9B01213A748BEBFC6B183BE96C12
SHA-512:DEDDD6408EB7C0F4992A975A6E246D4033AC93DE86D172367D1014B016D9FF8C4770336CDEAC780929372E93CF394406A4B53AEDE55042B00FA4AB36E98920AA
Malicious:false
Preview:..J..3S...........1150629622~1387...-.-$php_module_mb969cda1641845c4a89af7a133da942d............Unknown.................................php\gui\framework\View...4.4$php_module_mb969cda1641845c4a89af7a133da942d_class0...........Unknown.....................#.@param UXNode $node.@return array................................bounds......bounds$0...........Unknown..............php\gui\UXNode...........node........"..Unknown...................................2....4$php_module_mb969cda1641845c4a89af7a133da942d_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCall

C:\jar\php\gui\framework\behaviour\PositionableBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2881
Entropy (8bit):5.245699976916582
Encrypted:false
SSDEEP:48:SI5UZm4PmtDT/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgj2dR+i+:90m4iWeQO2lM+FSIWGC4MloO
MD5:1C70EDC01DA63369FD9A8946C74409A9
SHA1:B8E65E0D0CC96B7B7626970B095F0834DE932BDA
SHA-256:3CC0394264281686C2C192F532AB63DC11A4790B8E2B96CAEDC4CAC0088D618D
SHA-512:C90E3F998823B1BA6240DE6AF3D22AB535A01D644E4A8517087902130F840FC6B0A5D3E0426CF131E2D349689ECC8E31B3256CAF5C0C2E7AAD1D7628007862E9
Malicious:false
Preview:..J..3S...........562918567~345...-.-$php_module_mc812f6e819b84a8eba9e055b2a623b13............Unknown..............................1.1php\gui\framework\behaviour\PositionableBehaviour...4.4$php_module_mc812f6e819b84a8eba9e055b2a623b13_class0...........Unknown.....................................................getX......getX$0...........Unknown.........................................getY......getY$1...........Unknown.........................................setX......setX$2...........Unknown.......................x...........Unknown.................................................setY......setY$3...........Unknown.......................y...........Unknown.................................................getPosition......getPosition$4...........Unknown.........................................setPosition......setPosition$5...........Unknown.......................xy...........Unknown...........................................2.]..-$php_module_mc812f6e819b84a8eba9e055b2a623b13......php/runt

C:\jar\php\gui\framework\behaviour\TextableBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2343
Entropy (8bit):5.476415031232835
Encrypted:false
SSDEEP:48:mYXln+/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgj2dR+iGKNQnaC:mY1nXeQO2lM+FSIWGC4MloO
MD5:26525FC76A33B4B39BC7A236A10C3851
SHA1:43570D7C1D00A4F3FC229391A4E22FDA8FAE25D1
SHA-256:73994B2650D94595B05E7EEB83BCD11A7A731536E3C9CE66C450B93AE9C576A0
SHA-512:9A690E2554C38E1DF32BD44673A0C001425D14730F4F5D7129E5A417F2DFD1F362C0E336060A46F5CD9BBE81D4E304F30375D4BAEC8DDA7442C5D2E53896C327
Malicious:false
Preview:..J..3S...........-1750278774~213...-.-$php_module_ma992ce3b8a29489f8cbf82781a30eba7............Unknown..............................-.-php\gui\framework\behaviour\TextableBehaviour...4.4$php_module_ma992ce3b8a29489f8cbf82781a30eba7_class0...........Unknown.....................................................getObjectText......getObjectText$0...........Unknown...................................2.]..-$php_module_ma992ce3b8a29489f8cbf82781a30eba7......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL......<init>..D(Lphp/runtime/env/Environment;Lphp/runt

C:\jar\php\gui\framework\behaviour\ValuableBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2649
Entropy (8bit):5.407395118545379
Encrypted:false
SSDEEP:48:cUJ+Emn/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgj2dR+iGKNQnb:b+EmqeQO2lM+FSIWGC4MloO
MD5:9896CE9CFBDFAE5CD27EB0AF9C62D058
SHA1:E12E46A222B2B199E4706B05936FC271CAA895C9
SHA-256:DA54BFDEFC860059C02A5FAAC68B3FD808B2CD08BAC72C2D32A507B585E71051
SHA-512:149202D49B8804398FFDB44BA2978CD02457EC1A0711226F9537201951921F415668CA6A0DAC2E7BAC0CE90F9239D6E2A4E018FF843A051F392AC60EEE54E6CA
Malicious:false
Preview:..J..3S...........-1187298460~292...-.-$php_module_m2063fd3986b54913ab9880274820103c............Unknown..............................-.-php\gui\framework\behaviour\ValuableBehaviour...4.4$php_module_m2063fd3986b54913ab9880274820103c_class0...........Unknown.....................................................getObjectValue......getObjectValue$0...........Unknown.........................................setObjectValue......setObjectValue$1...........Unknown.......................value...........Unknown.................................................appendObjectValue......appendObjectValue$2...........Unknown.......................value...........Unknown...........................................2.]..-$php_module_m2063fd3986b54913ab9880274820103c......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_C

C:\jar\php\gui\framework\behaviour\custom\AbstractBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):25841
Entropy (8bit):5.727129748592381
Encrypted:false
SSDEEP:384:jW+Y7m3M2L5JuGmIDOYOoigkphgEeu8N1wzdCp:aRm3M27udIBigkphet1m4p
MD5:3546E91C69B2807C262CD48E699547B7
SHA1:2BA3F8BD7D60258CB30EB3D420B255AF0D8A9000
SHA-256:96431B730A83705EAEABF8B38AE136B0A291DE0A750AB2DF7FD21B5DD34902F4
SHA-512:3EB50558F812105BE8CB29F91C2B2CC96148D238F12907F2373712FD70F5E1C7EE6861D8A5D0D1775D9F9EF728C001C3934E056B97136EEEA60A1885B6A70497
Malicious:false
Preview:..J..3S...........437964507~5652...-.-$php_module_m5def595ab2944171bf37130f6175dbe2............Unknown...........6.6$php_module_m5def595ab2944171bf37130f6175dbe2_closure0..................................__invoke......__invoke........4..Unknown.......................old........>..Unknown...............................new........D..Unknown.......................................old........>..Unknown...............................new........D..Unknown...................Q.......2.t..6$php_module_m5def595ab2944171bf37130f6175dbe2_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/

C:\jar\php\gui\framework\behaviour\custom\AnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):19619
Entropy (8bit):5.697555886023946
Encrypted:false
SSDEEP:384:5+1/OiMv9S0ItQAv0B/x/PkyuAIjYmo2iCp:wVOLo0jB/nmo2Lp
MD5:EBE1604839713BF6A80C1A8FC93D9BBB
SHA1:A2C0DCEE005F5D88BC1BBDC5608E0827DB245B51
SHA-256:B53A7B3BC9D88B0A853506CB79A0BF747A9DE1CECDB9F8575FDF751BABA6F2FD
SHA-512:8D4853AC6C61D6D46C7194A7A061F05ADFA4EA6CD15318DB7694100419667A1ABE6C13EE42B263F24FBC50C1461AA1907271670526C171398B391A4CDA3F3F0E
Malicious:false
Preview:..J..3S...........1855478274~2450...-.-$php_module_me6a70a000f274221be69992bd1703d0b............Unknown...........6.6$php_module_me6a70a000f274221be69992bd1703d0b_closure0..................................__invoke......__invoke....,...#..Unknown...........................2.o..6$php_module_me6a70a000f274221be69992bd1703d0b_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\php\gui\framework\behaviour\custom\BehaviourLoader.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17858
Entropy (8bit):5.84778217534875
Encrypted:false
SSDEEP:192:bze0U7FliKK9qvLWymdNRwF99J3hU0CUlE8cFOc+CaN8fpwRZMYVval2FS7GCplP:w7FIKKAeXwF9+SqscqbLMYTCp
MD5:82A59843AD6C045D341A9D65DD708BE1
SHA1:F11A81C29B59FBBA6E5026B50C17AE360A20148F
SHA-256:FAF4EFE4E599292431D021522D9BF0845E9B1606E9DE517825A6BBE0E19D72DB
SHA-512:043EE100FAE91D9AEBAFFEDA79958DECC749D377DD94CEE0329F58538D882CE3701F89D6148332968BD00A2FFDF39AE426F95E6A99A03614D85371A0B7C647F4
Malicious:false
Preview:..J..3S...........1781186620~4402...-.-$php_module_mbfb4219efdcd421099b18a4bf4cf1034............Unknown...........6.6$php_module_mbfb4219efdcd421099b18a4bf4cf1034_closure0..................................__invoke......__invoke....Z...,..Unknown.......................a....Z...6..Unknown...............................b....Z...:..Unknown.......................................a....Z...6..Unknown...............................b....Z...:..Unknown...........................2....6$php_module_mbfb4219efdcd421099b18a4bf4cf1034_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/

C:\jar\php\gui\framework\behaviour\custom\BehaviourManager.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8288
Entropy (8bit):5.720121507021854
Encrypted:false
SSDEEP:192:PA+5mQza9foWHjpmc6zolXs02tNF7FS7GCplP:o+6foWHAc68dsJPhCp
MD5:23224A6C4D4D7E0045F7B7FBBD8760CD
SHA1:E68560FA420DC82FBA58D677026F35C739526EAD
SHA-256:9CAF236E1B9ACE92E9EA014D461FA0C490B560A802A70A617B97F09D9E32319E
SHA-512:C1FD97DA1EF9E42F6CAC417B7B652C662BA77875E30E09E241ADDA2F6CDAB0EE3F8D5F577D4648627176AFB7A7C4121FA41D4ED1E97AB7F0951559987E81D99E
Malicious:false
Preview:..J..3S...........728623523~1211...-.-$php_module_m9d834f43aa0841de938ae83571ff1cd6............Unknown..............................3.3php\gui\framework\behaviour\custom\BehaviourManager...4.4$php_module_m9d834f43aa0841de938ae83571ff1cd6_class0...........Unknown.....................D.@param $targetId.@param AbstractBehaviour $behaviour.@return mixed................................apply......apply$0...........Unknown.......................targetId........#..Unknown...................4.4php\gui\framework\behaviour\custom\AbstractBehaviour...........behaviour........@..Unknown.................7.@param $target.@param $type.@return AbstractBehaviour................................getBehaviour......getBehaviour$1...........Unknown.......................target........!..Unknown...............................type........*..Unknown...........................Y.......2....4$php_module_m9d834f43aa0841de938ae83571ff1cd6_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...

C:\jar\php\gui\framework\behaviour\custom\EffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):18166
Entropy (8bit):5.7490407764482265
Encrypted:false
SSDEEP:384:rXXZkXX99l6zgFyx+6a15IlWuniLDmzXhwT9Cp:72XXsg0015IlHSoXhwTYp
MD5:C1612014F4D34CB3B8269B0E50132609
SHA1:E5CB89899EDAD8052192BF9F563623EAD9B54DAF
SHA-256:92808FA4937B775D9415010C14351849268C199925F1A4094F1E4880D9879200
SHA-512:A51B4C4DA0F39AECE69C40E64308F00ACB6F1BB5F29FA24656C71011E499D1AB8447874B82ACDD834D4FA533461908547609C0E58E59C9990E9F67732ABF3963
Malicious:false
Preview:..J..3S...........-1260466381~2942...-.-$php_module_me9da0c0837434ad89671009995075951............Unknown...........6.6$php_module_me9da0c0837434ad89671009995075951_closure0..................................__invoke......__invoke....(..."..Unknown...........................2.k..6$php_module_me9da0c0837434ad89671009995075951_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\php\gui\framework\behaviour\custom\FactoryBehaviourManager.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8066
Entropy (8bit):5.645930350211469
Encrypted:false
SSDEEP:96:gMFb85WEheQO2lMyq0aJx/N9NDLNEPl714h+laGNpf+xbGlsoqyNu1aUeQO2lM+U:gMl85DlPaDlWUyOylk0uVFS7GCplP
MD5:EB7ACE3AB49DF0A79520E028B8E98486
SHA1:5EB4E334F5098E8F226F2031EC4AFD270A62F39C
SHA-256:5D5491922B8ED5FCA1AF5DA844AF4085847C52A020002648BC5D24BBEE443E27
SHA-512:57C9C87170A4527F2F0CBC95726E3C93318C997A842FD4E6E3DB1DDB0B140C04A8256912ADB387FDD6C4A6BF7B3E7EA7FBD5D3174601D2A56BE803FCFD639733
Malicious:false
Preview:..J..3S...........-1752137432~1141...-.-$php_module_mb46373b3a42146c9b7a983b88ea067f6............Unknown..............................:.:php\gui\framework\behaviour\custom\FactoryBehaviourManager...4.4$php_module_mb46373b3a42146c9b7a983b88ea067f6_class0...........Unknown...3.3php\gui\framework\behaviour\custom\BehaviourManager...................factory...........Unknown....................behaviours...........Unknown......................C.FormBehaviourManager constructor..@param AbstractFactory $factory................................__construct......__construct$2...........Unknown...........!.!php\gui\framework\AbstractFactory...........factory........0..Unknown.................................................apply......apply$3....!......Unknown.......................targetId....!......Unknown...................4.4php\gui\framework\behaviour\custom\AbstractBehaviour...........behaviour....!...7..Unknown.................................................applyForInstance......applyForIns

C:\jar\php\gui\framework\behaviour\custom\FormBehaviourManager.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):9649
Entropy (8bit):5.736537193507609
Encrypted:false
SSDEEP:192:dMkS5DdpPdDlud1TlotiDK336Q9xFS7GCplP:dMkSBPdUT9DWqQ9nCp
MD5:71A16DE9C354F3421178535F319F6A26
SHA1:0BE123B16A319F28A2FE950C1B9594EE5DBF8A54
SHA-256:0CB57F868863C46CDC56668A6A4EB886488D86083B730726C446D7B7DD09589A
SHA-512:02E72949E56119FA5B6DBA3406BE14F79608D9CF5B1E968BE1E9A1A2BF3AD8353FD8A197D953E5FC8C0604308DFA165AC8D507FB83C97A8A50C2C49F2F2F6257
Malicious:false
Preview:..J..3S...........1355316104~1609...-.-$php_module_mc1958358fc53406ab928ca29def64829............Unknown..............................7.7php\gui\framework\behaviour\custom\FormBehaviourManager...4.4$php_module_mc1958358fc53406ab928ca29def64829_class0...........Unknown...3.3php\gui\framework\behaviour\custom\BehaviourManager...................form...........Unknown....................behaviours...........Unknown......................=.FormBehaviourManager constructor..@param AbstractForm $form................................__construct......__construct$2...........Unknown..............php\gui\framework\AbstractForm...........form........-..Unknown.................................................apply......apply$3...."......Unknown.......................targetId...."......Unknown...................4.4php\gui\framework\behaviour\custom\AbstractBehaviour...........behaviour...."...7..Unknown.................................................applyForInstance......applyForInstance$4....4......U

C:\jar\php\gui\framework\behaviour\custom\ModuleBehaviourManager.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7834
Entropy (8bit):5.702612528188955
Encrypted:false
SSDEEP:192:VPMlUa5DnIPZDl9qfnsQI/rlmiFqFS7GCplP:VPMlUatIPZfqUP/rAKeCp
MD5:9A915ACBA055AEB2A8A1EAD523686C43
SHA1:0E3004ADFC9CCF320F008CF995CA08D9458FD561
SHA-256:D383726025BD7D9606AF26DD12128B8277437F587AF533B39519E15B39D731A3
SHA-512:EA77C39E1FE36F012DDD5F4BB294807CF836BA7CCC15ED484884A3D04298260DE43FC6F05879C3E9E8F1E798B2ABC526052495804DF64534C90A1A2884DAE744
Malicious:false
Preview:..J..3S...........-1140026310~1006...-.-$php_module_m7e95347ae71d4237b9138a92016a3d96............Unknown..............................9.9php\gui\framework\behaviour\custom\ModuleBehaviourManager...4.4$php_module_m7e95347ae71d4237b9138a92016a3d96_class0...........Unknown...3.3php\gui\framework\behaviour\custom\BehaviourManager...................module...........Unknown..................C.ModuleBehaviourManager constructor..@param AbstractModule $module................................__construct......__construct$2...........Unknown........... . php\gui\framework\AbstractModule...........module......../..Unknown.................................................apply......apply$3...........Unknown.......................targetId...........Unknown...................4.4php\gui\framework\behaviour\custom\AbstractBehaviour...........behaviour........7..Unknown...........................w.......2....4$php_module_m7e95347ae71d4237b9138a92016a3d96_class0.....4$php_module_m9d834f43aa0841de938ae83571

C:\jar\php\gui\framework\event\AbstractEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4380
Entropy (8bit):5.512203171874955
Encrypted:false
SSDEEP:96:5DZdj+ReQO2lMsHSPMlZxgeQO2lM+FSIWGC4MloO:dZdj+XNlEFS7GCplP
MD5:02EF75964A96B0E3BCAFA9545612B31C
SHA1:39F548FDF33B72E6D0A89648934F1C41C49B6FEA
SHA-256:D3C815CC16C31C130F117E6301728BA9C0158A4CEAB07A2960112C90C31C6C84
SHA-512:68672940EF4FC649A8201255EDDE6051BED565959C99CB781C849B09FF985D2FCA64A23CBF1873F591746B261966FCDC95862CC1C135ED91C081396121B6AADB
Malicious:false
Preview:..J..3S...........-172470994~272...-.-$php_module_m2d348b010ce94861b076511969f058d9............Unknown..............................,.,php\gui\framework\event\AbstractEventAdapter...4.4$php_module_m2d348b010ce94861b076511969f058d9_class0...........Unknown.....................M.@param $node.@param callable $handler.@param string $param.@return callable................................adapt......adapt$0...........Unknown.......................node........#..Unknown...............................handler........3..Unknown...............................param........=..Unknown...................................2.U..4$php_module_m2d348b010ce94861b076511969f058d9_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/i

C:\jar\php\gui\framework\event\AbstractEventType.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4364
Entropy (8bit):5.4968303254784505
Encrypted:false
SSDEEP:96:usvxu9OeQO2lMeSPMlZxoeQO2lM+FSIWGC4MloO:dvI9GlcFS7GCplP
MD5:120384D3475ECD6B1663F56B177CEFC3
SHA1:6E801F6CFA0295BB8A7BF920861A0410A15CDCC3
SHA-256:15C5EB83101F630D65018D534C9EDA52B9BDBE8BF06EE7F8589951FF261E19E5
SHA-512:5834B1758CDBFE3068950FA3E23F10B95B93E3EFDF8DD8CF11B0230AA5BD59AE1BEC3C19601369AAE70C892AE1D30849FF02F94F7C20D0409AFB7A8825BB2F71
Malicious:false
Preview:..J..3S...........-1857457545~331...-.-$php_module_m611c7c22fcfa46f39548c925da3ce8c4............Unknown..............................).)php\gui\framework\event\AbstractEventType...4.4$php_module_m611c7c22fcfa46f39548c925da3ce8c4_class0...........Unknown.....................D.@param $event.@param callable $handler.@param $group.@return mixed................................bind......bind$0...........Unknown.......................event........"..Unknown...............................handler........3..Unknown...............................group........=..Unknown...................................2.U..4$php_module_m611c7c22fcfa46f39548c925da3ce8c4_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/

C:\jar\php\gui\framework\event\ClickEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3909
Entropy (8bit):5.542919944064763
Encrypted:false
SSDEEP:96:KFeQO2lMP3mlQ28eQO2lM+FSIWGC4MloO:Ki3mldYFS7GCplP
MD5:36101765573B6365003AF311FC661F2D
SHA1:AE47AB59E16801042BEF9902163EB06CF4A34010
SHA-256:E96C85753888E71B3135B851E785E2EFB6E0AD99AB631D1D85083D7D0E1D87A2
SHA-512:2D36C876E55B314E129ADD48EDC9E4FA44DA98AD2168BD12BDA4773C4FB37EDED994E154CF153AC026B9462559CD8E7464E8E2FBB1DB93C2530103AC26DFA708
Malicious:false
Preview:..J..3S...........22594538~101...-.-$php_module_m2e65b36ac6fe45e8a9221a9d5dba8203............Unknown..............................).)php\gui\framework\event\ClickEventAdapter...4.4$php_module_m2e65b36ac6fe45e8a9221a9d5dba8203_class0...........Unknown...-.-php\gui\framework\event\MousedownEventAdapter...........................S.......2.N..4$php_module_m2e65b36ac6fe45e8a9221a9d5dba8203_class0.....4$php_module_m83885205589048629f1732d568dd0b24_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL..)php\gui\framework\event\ClickEventAdapter......<init>..D(Lphp/runtime/env/Enviro

C:\jar\php\gui\framework\event\KeydownEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):34815
Entropy (8bit):5.7056792368309335
Encrypted:false
SSDEEP:384:DB/bbqvIh08z94N8xJiN2jeyz4t0yA2yypHQ1JInrhCp:1/bbqvN8BQ8WwCyznyAxytaYYp
MD5:7CA381E6A3F485E339EBF1B4666A0527
SHA1:71CD45C549A6E7F8C4A0052E7C16A012065CF82A
SHA-256:4D5766FC74D9039FBAA3147BDBA977EFD42A5B3D36880CE3493FC91BBECC6AC8
SHA-512:410283F6A71BA83BF8A7B1A4DFE11970EEF7DA93457DCE8E2A016FE5B8F6606BF5C6CB913CDE024F0B7A365B55AF7F2E466290A74353D7A44E77BA23DED47942
Malicious:false
Preview:..J..3S...........1504338311~3753...-.-$php_module_m4cd7379c95f44180bd5249a893d5aa06............Unknown...........6.6$php_module_m4cd7379c95f44180bd5249a893d5aa06_closure0..................................__invoke......__invoke....+......Unknown..............php\gui\event\UXKeyEvent...........event....+...,..Unknown..............................php\gui\event\UXKeyEvent...........event....+...,..Unknown...........................2....6$php_module_m4cd7379c95f44180bd5249a893d5aa06_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/r

C:\jar\php\gui\framework\event\KeyupEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3907
Entropy (8bit):5.559978140404773
Encrypted:false
SSDEEP:96:BmhTleQO2lM5bWlQ2+TeQO2lM+FSIWGC4MloO:BmhTYbWld+5FS7GCplP
MD5:19224EC40492B4D257A73AAF8FBE8DBE
SHA1:2270B950DD5368A00F2C0A1365192EB6AEAEBB21
SHA-256:2ADD8918F4D3C566D47D24C4C82E2946E78B48F7B98D7658E014C0E1863C5161
SHA-512:B64D02478B4E13900386F5995097E21F7252C0CEE3171A000C2DFDEC76C978E4554ED651159D0CD602706D9A8D5C1A4015E9712B942375E0D02CB25E8AC5A119
Malicious:false
Preview:..J..3S...........187729494~99...-.-$php_module_me172f4161353485180d96a408cdcc8b7............Unknown..............................).)php\gui\framework\event\KeyupEventAdapter...4.4$php_module_me172f4161353485180d96a408cdcc8b7_class0...........Unknown...+.+php\gui\framework\event\KeydownEventAdapter...........................S.......2.N..4$php_module_me172f4161353485180d96a408cdcc8b7_class0.....4$php_module_m4cd7379c95f44180bd5249a893d5aa06_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL..)php\gui\framework\event\KeyupEventAdapter......<init>..D(Lphp/runtime/env/Environm

C:\jar\php\gui\framework\event\MousedownEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):21702
Entropy (8bit):5.64153940189694
Encrypted:false
SSDEEP:192:jYD7nK4Tplq+0Ksdh7nK/Trl9BSA2f7gKltldKJjH7gK7zlw/KES7gK7xlfYMikr:T4FT9L/nuPUXRFexTDxCp
MD5:67F739E1EA50F22915F47FEECE75CFD1
SHA1:6EEDDE669ECAB7990E6A7620F3279FFE7C690286
SHA-256:80F9113F7525EAEB7848EF6CE1AB5DA49B2913DFF89370C6875E485F842BEF33
SHA-512:39A1735FCD83E002ED9EDF776EF7A67A6B4BDE9F01A025FF52B3BD6FE11C1161133FA193A10828F0BADB43B8C2C451C90C39F582AC96B7651EA2C56979C7CEDD
Malicious:false
Preview:..J..3S...........-739127059~1610...-.-$php_module_m83885205589048629f1732d568dd0b24............Unknown...........6.6$php_module_m83885205589048629f1732d568dd0b24_closure0..................................__invoke......__invoke...........Unknown..............php\gui\event\UXMouseEvent...........event...........Unknown..............................php\gui\event\UXMouseEvent...........event...........Unknown...........................2....6$php_module_m83885205589048629f1732d568dd0b24_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lp

C:\jar\php\gui\framework\event\MouseupEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3914
Entropy (8bit):5.539453775314383
Encrypted:false
SSDEEP:48:rHyn25L6EjoOa/AjsgjNK8SeEFzFzgT67wqVhlGl0Q2cq/Hyn25L6EjoOa/AjsgQ:+eQO2lMvulQ2UeQO2lM+FSIWGC4MloO
MD5:9C2BD01F2915AD912B0E9897A415D35E
SHA1:C106B0B89DB526786331CB354B3C7A1CD45AA843
SHA-256:D7034D2A71814D9877740E326DE6846F7358E482409E4950C98FAB27B55F2053
SHA-512:0CEDAB6E9A86F64B5AA5987F9FE2BF39AA2F50523C9FC8FD2697BB7F2EAC2FD8B0FA1F448E052179267EA98F824C817CD7F5F430F8D798127B848BAE0E6C863F
Malicious:false
Preview:..J..3S...........236205538~103...-.-$php_module_mecfb83eb66ae40169e8a5b05633a563e............Unknown..............................+.+php\gui\framework\event\MouseupEventAdapter...4.4$php_module_mecfb83eb66ae40169e8a5b05633a563e_class0...........Unknown...-.-php\gui\framework\event\MousedownEventAdapter...........................U.......2.N..4$php_module_mecfb83eb66ae40169e8a5b05633a563e_class0.....4$php_module_m83885205589048629f1732d568dd0b24_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL..+php\gui\framework\event\MouseupEventAdapter......<init>..D(Lphp/runtime/env/E

C:\jar\php\gui\framework\event\ScrollEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):22196
Entropy (8bit):5.636518494900513
Encrypted:false
SSDEEP:384:0Z7zJD33N2O7JSx4JLtMJUx4NLr/5qCp:0ZfB33wTx4JLrx4NH5zp
MD5:D35B43A5C7A0E168B916461818AF6BB6
SHA1:A118A4E0FBCB58A7343B031C30C3A257B4B63123
SHA-256:A45D5F1C530D997462FD4D7043AF958B414595E76A3002578E6D1A631A2A4901
SHA-512:E4F5A9071627DD5FC241015B925380775B428662A41FE1C87B2A8ED0DC0F1BC847A974B0FB0A55C5613D57DEFA07395F8E0DABD4E7D3C6954BEDBCC8598E3553
Malicious:false
Preview:..J..3S...........-293439028~1744...-.-$php_module_mbfa1bde306804119b5ed471efec5b163............Unknown...........6.6$php_module_mbfa1bde306804119b5ed471efec5b163_closure0..................................__invoke......__invoke...........Unknown..............php\gui\event\UXScrollEvent...........event......../..Unknown..............................php\gui\event\UXScrollEvent...........event......../..Unknown...........................2....6$php_module_mbfa1bde306804119b5ed471efec5b163_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(

C:\jar\php\gui\framework\functions.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):48359
Entropy (8bit):5.647148800735591
Encrypted:false
SSDEEP:768:wIfereO7M0R7zLW86MQRyzAfEO9G/g+Wp:wIfwe8M4LW8rEyzSEO9Go+a
MD5:8E6DAF0525E85D29F2432128DA9CEF23
SHA1:A9A45ABBDBAA90D45BCDCFCA82BEF3344A72DF14
SHA-256:B3F1A2F38A83F2E27E9902FD0055C41A8DA7237B36E8D158B2C94EB3C216F825
SHA-512:086E72040A9FE810B1891474341D58DBCCCD8D31F1E8BB0529E0567E056674B08CC29A5F3BBA1C47EA88CF755B4BE761AA7C3985AF1BAAB7A63A72B526E659A6
Malicious:false
Preview:..J..3S...........-620545250~4217...-.-$php_module_m0d5c5a11afe44ccebbcef6437c8e9bee............Unknown.......................app...3.3$php_module_m0d5c5a11afe44ccebbcef6437c8e9bee_func0............................Unknown...............2.r..3$php_module_m0d5c5a11afe44ccebbcef6437c8e9bee_func0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...app......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.............~this...Lnull;...~env...Lphp/runtime/env/Environment;...~class...__invoke..H(Lphp/runtime/env/Environment;[

C:\jar\php\gui\layout\UXFragmentPaneWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):12907
Entropy (8bit):5.788931016190486
Encrypted:false
SSDEEP:192:w6RFx5Ek/QlDdMqvU5y6QRsgOxB5l0T1E0FS7GCplP:dRvv/QxBvcXQRbW56T1nCp
MD5:F7751CA09D40A18797F06BE3D38A4A0B
SHA1:7B794871BCB0B7723F79F00322E7A1535C798D59
SHA-256:379A4ACD35E2CC981EB13E5807CFDA28A0E2A143BA658D58032F5CFA11558BA3
SHA-512:99AD47CE4AEACAF5A766231A1FD11ADDD4D7B8CA3AD3056E127A7256408687AB0F59E77EFDDB72259FE3A7796EB04D21630E17056E1E322B07199D829CC39D3B
Malicious:false
Preview:..J..3S...........1828757610~1622...-.-$php_module_mbca367d76d8c4599a685dfa4e450fe6e............Unknown...........6.6$php_module_mbca367d76d8c4599a685dfa4e450fe6e_closure0..................................__invoke......__invoke........1..Unknown.......................value........;..Unknown.......................................value........;..Unknown...................5.......2....6$php_module_mbca367d76d8c4599a685dfa4e450fe6e_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/Class

C:\jar\script\DirectoryChooserScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):16896
Entropy (8bit):5.77807481046054
Encrypted:false
SSDEEP:192:nGA3lJkKbDJKGsLucXYSnnHFtTubcQc478f2ielHYzsYKs6IjpJEkuD3JJXMDY/X:G0nkuKGshnlIBiecExzx/+G
MD5:2721EBEF5650E847DB0B7713C87964B4
SHA1:4BB970758E5E28D6FBB01728811CBF365D67AFC8
SHA-256:CE16B823FF7E472229D95993A4B02A1BA10CB83C890D83CC69328BBA2BFA7BCD
SHA-512:7EABADE6ED7EBBFD4DA1C8F9CC239231E9516434C0689381705DB7E06D04E76FC46A197BFA4D31DCFDAA50B2776DD5A15342422242D29D4D2FA0F2F05E20F765
Malicious:false
Preview:..J..3S...........27769203~2078...-.-$php_module_m3366e7e9e7b649938c8bad0468a31159............Unknown...........6.6$php_module_m3366e7e9e7b649938c8bad0468a31159_closure0..................................__invoke......__invoke....e...,..Unknown...........................2.k..6$php_module_m3366e7e9e7b649938c8bad0468a31159_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp/

C:\jar\script\FileChooserScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):22308
Entropy (8bit):5.815107106441876
Encrypted:false
SSDEEP:384:4NYmekwJscKPAiPoEzz1wZeKHqJN8+lf5b0i:nmekwJJjMo41/ua8Ef5b0i
MD5:C8560138867BFEB40C3DF51D043358C8
SHA1:0673168FA71F6FE8C9958EF69CB054D26E25456D
SHA-256:EA194883CAF84C2306981B1B17CA7F6078EF803E83B8CFC168AC00646C783044
SHA-512:49639C80D8EEFACC36F4CC4334D191F623E084CAA068BB8AF69D847BA199D7178EAB2C2B75DF0B257FDFB896FE2F36FCCA58A9EB5818E43F6E90BC9FDB1F2B06
Malicious:false
Preview:..J..3S...........-958029419~4047...-.-$php_module_m0c904a8e74bf4be894fd8d6fe0250932............Unknown...........6.6$php_module_m0c904a8e74bf4be894fd8d6fe0250932_closure0..................................__invoke......__invoke........,..Unknown...........................2.k..6$php_module_m0c904a8e74bf4be894fd8d6fe0250932_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\script\FileScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):28722
Entropy (8bit):5.754476748468374
Encrypted:false
SSDEEP:384:4JmAR4mZrs1H5JJxrLVKCIu0/pe6xNeP8YCp:4MeO5hrLVoH/9xNg8Zp
MD5:98FC4A00F039A94A4AB2695A1D964644
SHA1:12CFAC339C0E898C03498FA768E409BE1024237A
SHA-256:F2FB793BF092C6F82750D1A8A69D3AAE5A4715D04EA3923E8917797B920AFB54
SHA-512:3B2B0B272EFDE28DCE286A6E30375AA294F611AAEF6554493D77CCF441970996640BA4C3B1671C0E0D9765F028CC663C16FEF3E57B116B735AB833F5B104A607
Malicious:false
Preview:..J..3S...........206343712~4622...-.-$php_module_m35a8a987a1ab45449a6a87ed6bfa95a6............Unknown...........6.6$php_module_m35a8a987a1ab45449a6a87ed6bfa95a6_closure0..................................__invoke......__invoke....C... ..Unknown...................K.......2.r..6$php_module_m35a8a987a1ab45449a6a87ed6bfa95a6_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\script\HotKeyScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):12393
Entropy (8bit):5.838774646632352
Encrypted:false
SSDEEP:192:gD8lxlb/l+ztwG2jksUflMIghe/FSXliX:487/+J4wiI8euMX
MD5:D1C0DD89E1F1CA8E4BB65BA3A7AF411C
SHA1:7206E62EC4BD0B9D94F6CC5EC6C5E2E617079DF5
SHA-256:85E5AE9FC03CBCF33A649EAF334D223A7F8EF725A9331BF298DA86E304F4CC10
SHA-512:FCE8506AB5076F5522A249751366BE5B516C6A8583825D8897D802EAF08DFA29677E833A85E684A97760576870A55FE1463733F592B9F014E527890B2D08C54D
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.hotkey.HotKeyBundle\script\HotKeyScript.php...-.-$php_module_mcd4b29a620ad499eb9b02004cb68e305............Unknown...........6.6$php_module_mcd4b29a620ad499eb9b02004cb68e305_closure0..................................__invoke......__invoke....G...-..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.hotkey.HotKeyBundle\script\HotKeyScript.php...........................2.v..6$php_module_mcd4b29a620ad499eb9b02004cb68e305_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.hotkey.HotKeyBundle\script\HotKeyScript.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lp

C:\jar\script\JsoupScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):48714
Entropy (8bit):5.994904912908345
Encrypted:false
SSDEEP:768:8vzDoWnlMl5zkLLJiUDGrQTAEcUNJBraJs:8vzDoWlCkLNFDAQTAEcUNJYJs
MD5:8BEFB9DC4CC7838B3384EA5CAFEA334A
SHA1:AF27465E8E8564E3490E96C8C9137306C88A8C1A
SHA-256:F98672873D5FC9793DC4C2A4BA8A959EBE30A540E86DAFDCF71A3484B9C8256B
SHA-512:37C57F8F8881C94D762B7F11A9F9FCA2995C6B31FE3513A0862BDDF62B549CE5CF43E1C5E48B2EAB8893EE2DC697F42E99784EFB729575B48ADF5C67A8165D37
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jsoup.JsoupBundle\script\JsoupScript.php...-.-$php_module_me76b0714e26d4c6ab993cbe65a2dddca............Unknown...........6.6$php_module_me76b0714e26d4c6ab993cbe65a2dddca_closure0..................................__invoke......__invoke...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jsoup.JsoupBundle\script\JsoupScript.php...................P.......2....6$php_module_me76b0714e26d4c6ab993cbe65a2dddca_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jsoup.JsoupBundle\script\JsoupScript.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtim

C:\jar\script\MacroScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):22235
Entropy (8bit):5.784730131151687
Encrypted:false
SSDEEP:192:AonEQBLcolM8VZP5fl5QWZP5vlVQSKEDeK4oZwlqYKfzT3gVr3ZZiZKICilEOpIB:TnEs71HN71YttMzTgZrQNAcCp
MD5:AB7615AC0A8DC213B032214AB7153E03
SHA1:21D0546D9FAAE0A093D61DDFEE0361E4F2F3CB01
SHA-256:B1D1D5F322EDBF44843522FB1D75471C6DB420E9D97E311A70C710D3B78EA972
SHA-512:BB2CE9EFC17F8833D2460FD4F38166AD5563CE748167631EBD5F4C1FB604474635C2841D6638951E6CCB8ABCAF13A8331AF984CA92A1D77C2FD3E072A77E7BEB
Malicious:false
Preview:..J..3S...........-33397036~3218...-.-$php_module_m95343d2f09c74fa383ab51414dc5c653............Unknown...........6.6$php_module_m95343d2f09c74fa383ab51414dc5c653_closure0..................................__invoke......__invoke....d......Unknown...........................2....6$php_module_m95343d2f09c74fa383ab51414dc5c653_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\script\MailScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):31091
Entropy (8bit):5.944974804481431
Encrypted:false
SSDEEP:384:J1L66DNcnx+vFEuHQNqEpqLef23qgLHYcfT9ZRV8VsArSiMX:7/hOxWEuwQ9w23rHhRZR2Vs2Sis
MD5:A05E7FDD91DAD1BAC0AAE755B99D18F7
SHA1:A829A3A0E441686369D407EB9BE04819CCEF5109
SHA-256:2742FD3C95B279387D59889AA710E5E526B2CBA559FE9D78B0454900680346D9
SHA-512:4A58E3C3BFCAE1CD0935B8179D83CC827F80EB0E58DC6AE1B95ED01CACCB25F9EB4E71EC72E637762DC56B9D6836612CBBC296F5B088F3A9F998ED177DAE3A26
Malicious:false
Preview:..J..3S........}..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.mail.MailBundle\script\MailScript.php...-.-$php_module_meb437e52292a435c884b32463d523de5............Unknown...........6.6$php_module_meb437e52292a435c884b32463d523de5_closure0..................................__invoke......__invoke...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.mail.MailBundle\script\MailScript.php...................N.......2....6$php_module_meb437e52292a435c884b32463d523de5_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.mail.MailBundle\script\MailScript.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/

C:\jar\script\MediaPlayerScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):37739
Entropy (8bit):5.729987989926939
Encrypted:false
SSDEEP:384:2LsT7yOFskzN78Fdwy+Cxv77mGXV+PbcvE20Sqf7zKZIwa22LqQSJKPT4B5IIstR:QnOFskR7S+aVv7sTb1Ue4B5IIGnR
MD5:57149AB9FDF0493BDBBB311D28AA7A80
SHA1:36453A2B694E73A31347B56D50720D56030E4C0D
SHA-256:B2CE9E8ED63C867925E812CB06D49F30D90DA838EEE7E1B8F0FB6C14BF70DE3B
SHA-512:6D274F7C073883477C83CB1BB4AC1C3002506A555049A69B5AD465CC1B9A456A712AB80FDDCA7227A03185ACA8A363407A46CBB91836B8DB0D5E9DD7827060B2
Malicious:false
Preview:..J..3S...........441929738~8876...-.-$php_module_m76365e12addd4da3af270fb754f914ad............Unknown...........6.6$php_module_m76365e12addd4da3af270fb754f914ad_closure0..................................__invoke......__invoke....`...5..Unknown...........................2.m..6$php_module_m76365e12addd4da3af270fb754f914ad_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\script\PrinterScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):13840
Entropy (8bit):5.833657032814197
Encrypted:false
SSDEEP:192:wgxhk4UQVb7DOS93gXIjRzZrr+d8ypYbp1xlmq1Q/UCX+Q8AXMGRkFS7GCplP:wgxhk1QVb7rdRxmK1xIX8YQA8GeCp
MD5:6E9ED1C5D14F380E21D5DD09675D9543
SHA1:C44CF4143FF0D588ADA62C68C06C033B057CE6AD
SHA-256:A2967E388AB9CDAAD752F44C76D8D5AEDEFC89E572A64370C3334813CDD87EFC
SHA-512:2BC69262E8DF8653C1E0310C00A6753DA0E76AF1480DF7D34241CFB2025952C8FC08CC53E912CFCB540699575D7EAC287E98F438458A13CA59DF9162A078B650
Malicious:false
Preview:..J..3S...........-1944139242~4645...-.-$php_module_m93418b05ca134ac09f0b8ae59b1cd11a............Unknown.................................script\PrinterScript...4.4$php_module_m93418b05ca134ac09f0b8ae59b1cd11a_class0...........Unknown... . php\gui\framework\AbstractScript...................printerName...........Unknown....................dialogEnabled....#......Unknown.....................jobName....(......Unknown.......Printer Job...............copies....-......Unknown............................printColor....6......Unknown.......DEFAULT...............printQuality....?......Unknown.......DEFAULT...............printSides....H......Unknown.......DEFAULT...............lastPrinterJob....M......Unknown....................RobotScript constructor.................................__construct......__construct$14....R......Unknown...........@param $target.@return mixed................................applyImpl......applyImpl$15....Z......Unknown.......................target....Z...!..Unknown......

C:\jar\script\RobotScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):16471
Entropy (8bit):5.648447853647801
Encrypted:false
SSDEEP:192:U0kogC2LbTKF2kgstb0kePlABK5kCrJ9G9j9wd8s4tmvyRNglABRFS7GCplP:U0k9C43KkIROi45kk4BRe+HCp
MD5:A63ADD93DCB26B408E191E4781BB73C8
SHA1:AF76E7E3F1A76D54E3B8C846EA6DF9EDD15A4C66
SHA-256:375E951B3829F3F297232D47F7E86C883906884460FF00A0279E925450A4C9D6
SHA-512:3724D342D081EB5A3AB1F1E01D175642CF04966662B833170C58AFBFD9FFD42A8654797995C2C2E265F423B91DAAC8F36215592255924512EE3FF5CA1295CA37
Malicious:false
Preview:..J..3S...........-197591762~3565...-.-$php_module_m4d8ae0608c3e45b88e535b8909aba1ca............Unknown.................................script\RobotScript...4.4$php_module_m4d8ae0608c3e45b88e535b8909aba1ca_class0...........Unknown... . php\gui\framework\AbstractScript...................robot...........Unknown............!.......RobotScript constructor.................................__construct......__construct$14...........Unknown...........@param $target.@return mixed................................applyImpl......applyImpl$15....'......Unknown.......................target....'...!..Unknown.................................................getX......getX$16....0......Unknown.........................................getY......getY$17....5......Unknown.........................................setX......setX$18....:......Unknown.......................x....:......Unknown.................................................setY......setY$19....?......Unknown.......................y....?......Unkno

C:\jar\script\ScoreScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):20660
Entropy (8bit):5.678433270481556
Encrypted:false
SSDEEP:192:TRy4vn5PCl9ey4gnlm8PzMAX3C6A/Ns72cQfE8W2lwecuMHk2PNUNFS7GCplP:goPCvdUinkszyi1HYCp
MD5:405B8A570DF7FC96D98ADCD2526B0D2C
SHA1:CF929FF180DCBD6FD186808D019BCB10DCE6596F
SHA-256:EBA8C115B40CCB52CCC44D7D7212645666890D4FE2BD909E24D32AC3EE80364E
SHA-512:6D0D7487FE196DA011CAADC52817B2DDDECDDDFE55ABABE816A0EEF49E2927A96426B82F8B53C58050C6842986135FEF0C7704E9783FB9A673174B546D368104
Malicious:false
Preview:..J..3S...........2104900453~2913...-.-$php_module_m06e5765556e94ea480c89138a2c80aa2............Unknown...........6.6$php_module_m06e5765556e94ea480c89138a2c80aa2_closure0..................................__invoke......__invoke....'...6..Unknown.......................name....'...@..Unknown...............................old....'...G..Unknown...............................new....'...M..Unknown.......................................name....'...@..Unknown...............................old....'...G..Unknown...............................new....'...M..Unknown...................~.......2....6$php_module_m06e5765556e94ea480c89138a2c80aa2_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCa

C:\jar\script\SystemTrayScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):42445
Entropy (8bit):5.9452673153252595
Encrypted:false
SSDEEP:384:8nbklvnqlvzKlv/FlvDEJJUYCRpw8TSZkFeDDJuPup9P9To3QS67cMX:+YlvqlvOlv9lvIJeYIpw8T7Ga67cs
MD5:D08274D76E44C88E7806E4C289AD54F8
SHA1:A8C17AB9818AFDCB6577D96600572E2406453589
SHA-256:0C5FD0758A3458C9E4E844385E28EACBFE824AC5B0FA4BE384FFAF17AEA8A1CD
SHA-512:9397BEEB12EF468755E1D595C17C80ECC33EA4EB4F5FC2AF7EA0143450CE022FE9CAE2D076E930710EA065A9A9820719DB68AEAAF79CDDE9311E411B4529AC9E
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.systemtray.SystemTrayBundle\script\SystemTrayScript.php...-.-$php_module_mcc8bcae0667e4808993cc6e1c3a26249............Unknown...........6.6$php_module_mcc8bcae0667e4808993cc6e1c3a26249_closure0..................................__invoke......__invoke....C...!..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.systemtray.SystemTrayBundle\script\SystemTrayScript.php...........................2.~..6$php_module_mcc8bcae0667e4808993cc6e1c3a26249_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.systemtray.SystemTrayBundle\script\SystemTrayScript.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/Functi

C:\jar\script\TimerScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):25150
Entropy (8bit):5.662870439899543
Encrypted:false
SSDEEP:384:yCZKvCxupqYk6j6Z0SK+GxCtYSvf+ARXBIO+wqVLAvzCp:B0aklkmrSKWtvpBap
MD5:4D5B7704B4D34DD27572A2312914A421
SHA1:7F0A966414191EEE5EC4DF61F76033065AC2AF37
SHA-256:FD3025FE712D3ACBE2B4217E61578D98B672851F162EAB14C5E38F438312DDE0
SHA-512:4EB3185AE575B99245ABD347E89B173CAF278493FDE1A41FC7BFE29774FB3F52E64C824AF462965AA209FCEB4A3D3E2C6C51FBB69E572D7E7BBE566C2F84390D
Malicious:false
Preview:..J..3S...........-330087377~5481...-.-$php_module_m48a8921095e94f0396312e64c897e9cf............Unknown...........6.6$php_module_m48a8921095e94f0396312e64c897e9cf_closure0..................................__invoke......__invoke....Z......Unknown..............php\time\Timer...........self....Z...$..Unknown..............................php\time\Timer...........self....Z...$..Unknown...........................2....6$php_module_m48a8921095e94f0396312e64c897e9cf_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment

C:\jar\script\storage\AbstractStorage.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):13954
Entropy (8bit):5.763565543645736
Encrypted:false
SSDEEP:192:FqMqgk6sGReLmKhpDthgey4By5MWqKXVgflGM3Gf9GYXF9cOmw2WFS7GCplP:FOM7eK2V3yN5MjCgf7wGUc63Cp
MD5:418F44595C2F91A2BEF8014F50F32AD4
SHA1:6EF187C18B873BD76C01E0B344FCD6BD3B2DF6CC
SHA-256:BB8CCD3FF722F0C1123C5387F07791EDDF5CEC9A7C99E26D09CB68DBB875FF55
SHA-512:FFBD2A693A0E560BB4184B69FA57E3CA5F2556785B515AE2E385EF460349BF85D55C294051939225B23320033E26B13228DDD8E6DD34FD8E50F03706F1092355
Malicious:false
Preview:..J..3S...........-1456093176~3512...-.-$php_module_m0e61a1a67fac4eeba063b43bd1e09b88............Unknown.................................script\storage\AbstractStorage...4.4$php_module_m0e61a1a67fac4eeba063b43bd1e09b88_class0...........Unknown... . php\gui\framework\AbstractScript...................data...........Unknown........................autoSave...........Unknown...................................................load......load$14...........Unknown.........................................save......save$15...........Unknown.........................................applyImpl......applyImpl$16...........Unknown.......................target........!..Unknown...................Returns value of key and section..--RU--........... ........ .. ..... (. ......, .... ........)..@param $key.@param string $section.@return mixed................................get......get$17....+......Unknown.......................key....+......Unknown................

C:\jar\script\storage\IniStorage.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):14850
Entropy (8bit):5.855739402541395
Encrypted:false
SSDEEP:384:6kQk0xU8sbkxr7UGNlWCiG57lM0z/9Ev/pCp:WkBdktBWCl57lM0z/GMp
MD5:3AC1D5A80F57DEA3FE7244E8C9BDB761
SHA1:03A4A70B1BFD411E1F5313335017316AF4570D9C
SHA-256:FF0A9DDBC3CAD6C2BA0EE9381354893E7D818D7844C5DA65BDC4FB22536EE25F
SHA-512:187EC5C728D279F3257ED2E21B86CEEF6000C4F170F349B51FB1062B46DFD9425626BE83B8A00F16CCB0BE5B6DC0F0AF06DACB7F1428DE89D88522858E0EDF8B
Malicious:false
Preview:..J..3S...........1783086926~3958...-.-$php_module_m930c45c6b8b0437087b01d56d321deaa............Unknown.................................script\storage\IniStorage...4.4$php_module_m930c45c6b8b0437087b01d56d321deaa_class0...........Unknown......script\storage\AbstractStorage..................._path...........Unknown....................trimValues...........Unknown.....................multiLineValues...........Unknown...................-.IniStorage constructor..@param string $path................................__construct......__construct$25....#......Unknown.......................path....#... ..Unknown..........null.........................................load......load$26....,......Unknown.........................................save......save$27....f......Unknown...........@return string................................getPath......getPath$28...........Unknown...........@param string $source................................setPath......setPath$29...........Unknown.......................s

C:\jar\script\support\NodeHelper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):14073
Entropy (8bit):5.925329716422269
Encrypted:false
SSDEEP:384:yMM4W4d7FWeto6b7cFFGaNXCufde/mbCp:yMM4WkWWPcDGaZcp
MD5:E5CA03B69D1688E4D01A804B3102228C
SHA1:1534465C9BC497C47F20C6EC61564498947474B9
SHA-256:F2F13FDB35BA191DA96F13934838383D61B7A50B138A2FA7D3E375FD5C905026
SHA-512:B35F67E82B010C5D8E363EFB2245E42BE8006AC176DEBB4407961890724AC030669AF2AE385B6356FBE8A9E9C72154D4092A1CB00B23454BC8B85283CC2ECC16
Malicious:false
Preview:..J..3S...........1231039404~3497...-.-$php_module_me2732b05f6884485b1443623734d454f............Unknown.................................script\support\NodeHelper...4.4$php_module_me2732b05f6884485b1443623734d454f_class0...........Unknown.......................root...........Unknown....................options...........Unknown..................D.NodeHelper constructor..@param mixed $context.@param string $input................................__construct......__construct$0....$......Unknown.......................context....$... ..Unknown...............................input....$...*..Unknown.................................................isValid......isValid$1....@......Unknown...........@return UXNode................................getRoot......getRoot$2....H......Unknown.........................................bindAction......bindAction$3....M......Unknown.......................handle....M...(..Unknown.................................................adaptValue......adaptValue$4....Z...

C:\jar\script\support\ScriptHelpers.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):16315
Entropy (8bit):5.714822360007286
Encrypted:false
SSDEEP:192:Imyqy/UKlKi5gQvlKBEMUy9+LZ9dK0DHw8EIiD34AleDPDEFKY/btFS7GCplP:IGKbvDG+H4F5fYXeK+Cp
MD5:71E435324F12ED385CAE08A2A4E5A62F
SHA1:2C0F83A3533910F85EDB12C4F8E3511C0D7E8076
SHA-256:EFCACF359A8920F8A511050C85AD9DA42BC05D01986D4C5065C9C8EF0790EA2D
SHA-512:9D7D55D9FE08D2E19E421FDAB254EDC2B5BE532752C9EB61F6D207B9D0165E9E879CCB24B6E69507634C57CBE39A755B678523999F933AE6F9346F694BDABA1B
Malicious:false
Preview:..J..3S...........-2024789997~1822...-.-$php_module_m3d2575e00f5245579ccf2a20ab12a3d9............Unknown...........6.6$php_module_m3d2575e00f5245579ccf2a20ab12a3d9_closure0..................................__invoke......__invoke....F...!..Unknown..............script\support\NodeHelper...........node....F...6..Unknown..............................script\support\NodeHelper...........node....F...6..Unknown...................K.......2.r..6$php_module_m3d2575e00f5245579ccf2a20ab12a3d9_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/

C:\jar\timer\AccurateTimer.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):19321
Entropy (8bit):5.6690623011775365
Encrypted:false
SSDEEP:192:jG7lLGHq/dIpE931l3XMT6g4vk3giMWZYMRQg+AEETHuDkk1llHoPa+7K8cRRMdm:aguT9Mlgc/+ZKHuYQlSlCp
MD5:1296DDFE605B4CB2EA5DEB1C35B743C3
SHA1:444991040B6248F62F3390575A8C6A804C3E6D59
SHA-256:CAB6962AD9F32CE1DCE392C2C9DA53ACE42591BF60F7C06EC3FD8146C0D0D8CF
SHA-512:0B8CAD96EBF08B91DBC014628BDBEEB8824EB000665519D2DDAD4690AF38A8162FAF89D99E18E6517B32024588514A8E15E635AB2BC580513B8B62BA7766693F
Malicious:false
Preview:..J..3S...........2075802040~3706...-.-$php_module_m620ca7e1fb81454685afbfcac62ae4ac............Unknown...........6.6$php_module_m620ca7e1fb81454685afbfcac62ae4ac_closure0..................................__invoke......__invoke...........Unknown...........................2.i..6$php_module_m620ca7e1fb81454685afbfcac62ae4ac_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

Static File Info

General

File type:Java archive data (JAR)
Entropy (8bit):7.993740948577237
TrID:
  • Java Archive (13504/1) 62.80%
  • ZIP compressed archive (8000/1) 37.20%
File name:dn-compiled-module.jar
File size:1'062'389 bytes
MD5:9baedc9c520816e671957a4a7a1e354b
SHA1:b8ece17002aeb8fda221f9732cd1ff6a721497be
SHA256:2f0f3e5fac55119cf67ea7950ee7dbbe2c5982986de51baccffc76c97f701585
SHA512:87e7307f488af0ba9fc30e21d6e09cfc9890722f5d89e63b06ab4fe8a8feb24cb36fad60a23241210f2b3436f64b5248b0182c0725ae35ad6ed77359fc1a1c15
SSDEEP:24576:+WSqOyr1GVmrQAgPnPccCClxSwNJ5d098x90CRyn+HLg0DPjR:xw+1SmZgPnPccCxwNzuy/0C0+HskPN
TLSH:0035237709E62C60E3732E3AA53AFC53A43A801CB41791513C6E165E66F3D869F8F709
File Content Preview:PK...........X................META-INF/....PK...........Xc...\...h.......META-INF/MANIFEST.MF.M..LK-...K-*....R0.3..r.C.q,HL.HU...%-..y...R.KRSt.*A.-......u....4....sR........K..h.r.r..PK...........X.................inc/PK...........X.................pack

File Icon

Icon Hash:d08c8e8ea2868a54

Network Behavior

No network behavior found

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

General

Target ID:0
Start time:05:31:22
Start date:27/07/2024
Path:C:\Windows\System32\7za.exe
Wow64 process (32bit):true
Commandline:7za.exe x -y -oC:\jar "C:\Users\user\Desktop\dn-compiled-module.jar"
Imagebase:0x750000
File size:289'792 bytes
MD5 hash:77E556CDFDC5C592F5C46DB4127C6F4C
Has elevated privileges:false
Has administrator privileges:false
Programmed in:C, C++ or other language
Reputation:high
Has exited:true

General

Target ID:1
Start time:05:31:22
Start date:27/07/2024
Path:C:\Windows\System32\conhost.exe
Wow64 process (32bit):false
Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:0x7ff7699e0000
File size:862'208 bytes
MD5 hash:0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:false
Has administrator privileges:false
Programmed in:C, C++ or other language
Reputation:high
Has exited:true

General

Target ID:2
Start time:05:31:24
Start date:27/07/2024
Path:C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exe
Wow64 process (32bit):true
Commandline:java.exe -jar "C:\Users\user\Desktop\dn-compiled-module.jar"
Imagebase:0xda0000
File size:257'664 bytes
MD5 hash:9DAA53BAB2ECB33DC0D9CA51552701FA
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:moderate
Has exited:true

General

Target ID:3
Start time:05:31:24
Start date:27/07/2024
Path:C:\Windows\System32\conhost.exe
Wow64 process (32bit):false
Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:0x7ff7699e0000
File size:862'208 bytes
MD5 hash:0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:high
Has exited:true

General

Target ID:4
Start time:05:31:25
Start date:27/07/2024
Path:C:\Windows\SysWOW64\icacls.exe
Wow64 process (32bit):true
Commandline:C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
Imagebase:0xc60000
File size:29'696 bytes
MD5 hash:2E49585E4E08565F52090B144062F97E
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:high
Has exited:true

General

Target ID:5
Start time:05:31:25
Start date:27/07/2024
Path:C:\Windows\System32\conhost.exe
Wow64 process (32bit):false
Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:0x7ff7699e0000
File size:862'208 bytes
MD5 hash:0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:high
Has exited:true

Disassembly

Reset < >

    Executed Functions

    Function 0291D9A5 Relevance: .2, Instructions: 199COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000002.00000002.1654207190.0000000002912000.00000040.00000800.00020000.00000000.sdmp, Offset: 02912000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_2_2_2912000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: c3ddf2d9325c6133f841550c528654f1df60048cfbe71064bf5b233ae80961e7
    • Instruction ID: 92c839437ee475e4255d89d1be7b4aed52cf7cf31f7cd5e836c226e75f8d3519
    • Opcode Fuzzy Hash: c3ddf2d9325c6133f841550c528654f1df60048cfbe71064bf5b233ae80961e7
    • Instruction Fuzzy Hash: 2781FEB5A04649DFDB18CF26C494BA9FBB5FF49314F08859DC81A4B391CB34A944CFA0
    Function 02910672 Relevance: .1, Instructions: 57COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000002.00000002.1654207190.0000000002910000.00000040.00000800.00020000.00000000.sdmp, Offset: 02910000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_2_2_2910000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: 7117c26017f97d4b1946e169c98690a4de111ff073a821b597ace0ec01aca623
    • Instruction ID: 9123524d38351816b69befe202e41138394da24432bbfb112b78b93fa1593356
    • Opcode Fuzzy Hash: 7117c26017f97d4b1946e169c98690a4de111ff073a821b597ace0ec01aca623
    • Instruction Fuzzy Hash: 80118BB2D0022ECFCF14CF49C8815ADB3B4FF98324B568625DC69A3341D33A69A0CB81
    Function 02910722 Relevance: .0, Instructions: 22COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000002.00000002.1654207190.0000000002910000.00000040.00000800.00020000.00000000.sdmp, Offset: 02910000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_2_2_2910000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: 8342b855bb2bee572f7f52d943d69b5e1643ecb8c1815fe220ef75d4dccfc715
    • Instruction ID: e78bf0d419eca433b7dca29848d7f6cf2d38c51e03d8b176098903baafe83264
    • Opcode Fuzzy Hash: 8342b855bb2bee572f7f52d943d69b5e1643ecb8c1815fe220ef75d4dccfc715
    • Instruction Fuzzy Hash: 87F0157AC0022DDB8F14DF48C8400ADB7B1FF49218B1A8596DC6937341D332ADA2CF81
    Function 02924B78 Relevance: .0, Instructions: 21COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000002.00000002.1654207190.0000000002912000.00000040.00000800.00020000.00000000.sdmp, Offset: 02912000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_2_2_2912000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: cbcd0777345a95fd82244e861b2a928b423d7c6eb71223352d5b9a75d4b108c7
    • Instruction ID: a5daf12bc6c69ec2db6fb9fc2025044dc3fa70304b912a52e25536abaab4c6d1
    • Opcode Fuzzy Hash: cbcd0777345a95fd82244e861b2a928b423d7c6eb71223352d5b9a75d4b108c7
    • Instruction Fuzzy Hash: 5DF07FB6900A06EBDB158F65C1047DAFBB4BB88718F14421AD82C57350D7797469CBD0
    Function 0291DA35 Relevance: .0, Instructions: 18COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000002.00000002.1654207190.0000000002912000.00000040.00000800.00020000.00000000.sdmp, Offset: 02912000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_2_2_2912000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: e64116b00a5b6b61e85729ecb74ea6366a2fd1788528be47b4c7514d46d57c93
    • Instruction ID: 2d8e639be8cfd6952f0ba111c4c4af469c497c2f1f7d007aab7b7439155055e7
    • Opcode Fuzzy Hash: e64116b00a5b6b61e85729ecb74ea6366a2fd1788528be47b4c7514d46d57c93
    • Instruction Fuzzy Hash: 47F0C2B6D00A0AABDB258F65C1047DAFBB4BB48714F14421AC42C63310D37874A9CBD0
    Function 02923C76 Relevance: .0, Instructions: 18COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000002.00000002.1654207190.0000000002912000.00000040.00000800.00020000.00000000.sdmp, Offset: 02912000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_2_2_2912000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: 1dd9ed7c67356edf23f901b70de538f4381b2494db95ee6a6f3294803b79283a
    • Instruction ID: 9b8bfa82438c7889d32450cc605f805b23883beb4bfce743295edb877c4b8211
    • Opcode Fuzzy Hash: 1dd9ed7c67356edf23f901b70de538f4381b2494db95ee6a6f3294803b79283a
    • Instruction Fuzzy Hash: FDF0C2B6D00A0AABDB258F61C1047CAFBB4BB48714F14421AC42C67310D37874A9CBC0
    Function 029245E9 Relevance: .0, Instructions: 18COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000002.00000002.1654207190.0000000002912000.00000040.00000800.00020000.00000000.sdmp, Offset: 02912000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_2_2_2912000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: b1086a74f2398616588975ba3ceec1d33c238eca309933c0ecdaf1d5bd8b35d8
    • Instruction ID: a6e329553e92532985205cd7dd6afd8c9c2253362540e9a923cb1de44252f116
    • Opcode Fuzzy Hash: b1086a74f2398616588975ba3ceec1d33c238eca309933c0ecdaf1d5bd8b35d8
    • Instruction Fuzzy Hash: 91F0C2B6D00A0AABDB258F61C1047DAFBB4BB48714F14461AC52C63310D37874A9CBC0

    Non-executed Functions

    Function 029103C0 Relevance: .1, Instructions: 70COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000002.00000002.1654207190.0000000002910000.00000040.00000800.00020000.00000000.sdmp, Offset: 02910000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_2_2_2910000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: a012a9fb5cf5d9e1554885d89a3030425dd9bcc3e3bcfa4e280c99466c7885fc
    • Instruction ID: b0864b113b4d70c0e7a8df022a7bf8fd350be3e7d57d4259268cca5de6a148f2
    • Opcode Fuzzy Hash: a012a9fb5cf5d9e1554885d89a3030425dd9bcc3e3bcfa4e280c99466c7885fc
    • Instruction Fuzzy Hash: AC21F9BA50425A8FDB358F598C403D9B7E5FB58314F21482EDECDE7710E3306A898B51