Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
dn-compiled-module.jar

Overview

General Information

Sample name:dn-compiled-module.jar
Analysis ID:1483412
MD5:8fb7fc08191a2f03551c14710978d6cc
SHA1:56688549826dd365486d4d22493a76edb9c9c8d6
SHA256:9b0235346eab00432f9220809726ed295c464af1361889cdefc27bf59084e8f3
Tags:116-203-8-165jar
Infos:

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Exploit detected, runtime environment starts unknown processes
Contains functionality to query CPU information (cpuid)
Creates a process in suspended mode (likely to inject code)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Uses cacls to modify the permissions of files
Uses code obfuscation techniques (call, push, ret)

Classification

Process Tree

  • System is w10x64
  • 7za.exe (PID: 5948 cmdline: 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\dn-compiled-module.jar" MD5: 77E556CDFDC5C592F5C46DB4127C6F4C)
    • conhost.exe (PID: 2704 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • java.exe (PID: 984 cmdline: java.exe -jar "C:\Users\user\Desktop\dn-compiled-module.jar" MD5: 9DAA53BAB2ECB33DC0D9CA51552701FA)
    • conhost.exe (PID: 2884 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • icacls.exe (PID: 6456 cmdline: C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M MD5: 2E49585E4E08565F52090B144062F97E)
      • conhost.exe (PID: 5720 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: dn-compiled-module.jarVirustotal: Detection: 25%Perma Link
Source: dn-compiled-module.jarReversingLabs: Detection: 21%

Software Vulnerabilities

barindex
Exploit detected, runtime environment starts unknown processes
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\System32\conhost.exe
Source: MainForm.phb.0.drString found in binary or memory: http://77.91.77.145/?v=3&event=
Source: java.exe, 00000003.00000002.2026317806.0000000004200000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://bugreport.sun.com/bugreport/
Source: java.exe, 00000003.00000002.2026317806.0000000004200000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://java.oracle.com/
Source: AbstractFactory.phb.0.dr, MainForm.fxml.0.drString found in binary or memory: http://javafx.com/fxml/1
Source: AbstractFactory.phb.0.dr, MainForm.fxml.0.drString found in binary or memory: http://javafx.com/javafx/8
Source: jURL.phb.0.drString found in binary or memory: http://site.com/
Source: java.exe, 00000003.00000002.2027027105.00000000149B7000.00000004.00000020.00020000.00000000.sdmp, java.exe, 00000003.00000002.2026317806.0000000004284000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.oracle.com/technetwork/java/javase/documentation/index.html
Source: jURL.phb.0.drString found in binary or memory: https://github.com/TsSaltan/DevelNext-jURL/releases/latest
Source: classification engineClassification label: mal52.expl.winJAR@7/174@0/0
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeMutant created: NULL
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5720:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2884:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2704:120:WilError_03
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeFile created: C:\Users\user\AppData\Local\Temp\hsperfdata_userJump to behavior
Source: C:\Windows\System32\7za.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: dn-compiled-module.jarVirustotal: Detection: 25%
Source: dn-compiled-module.jarReversingLabs: Detection: 21%
Source: unknownProcess created: C:\Windows\System32\7za.exe 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\dn-compiled-module.jar"
Source: C:\Windows\System32\7za.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknownProcess created: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exe java.exe -jar "C:\Users\user\Desktop\dn-compiled-module.jar"
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
Source: C:\Windows\SysWOW64\icacls.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)MJump to behavior
Source: C:\Windows\System32\7za.exeSection loaded: 7z.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: version.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\icacls.exeSection loaded: ntmarta.dllJump to behavior
Source: dn-compiled-module.jarStatic file information: File size 1062441 > 1048576
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 3_2_021CA21B push ecx; ret 3_2_021CA225
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 3_2_021CA20A push ecx; ret 3_2_021CA21A
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 3_2_021CBB67 push 00000000h; mov dword ptr [esp], esp3_2_021CBB8D
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 3_2_021CB3B7 push 00000000h; mov dword ptr [esp], esp3_2_021CB3DD
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 3_2_021CB947 push 00000000h; mov dword ptr [esp], esp3_2_021CB96D
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 3_2_021CC477 push 00000000h; mov dword ptr [esp], esp3_2_021CC49D
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: java.exe, 00000003.00000003.2022238553.000000001475E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: com/sun/corba/se/impl/util/SUNVMCID.classPK
Source: java.exe, 00000003.00000003.2022238553.000000001475E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: &com/sun/corba/se/impl/util/SUNVMCID.classPK
Source: java.exe, 00000003.00000002.2025759044.0000000000704000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: [Ljava/lang/VirtualMachineError;
Source: java.exe, 00000003.00000003.2022238553.000000001475E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: org/omg/CORBA/OMGVMCID.classPK
Source: java.exe, 00000003.00000002.2025759044.00000000006DB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll"Mo1
Source: java.exe, 00000003.00000002.2025759044.0000000000704000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: cjava/lang/VirtualMachineError
Source: java.exe, 00000003.00000003.2022238553.000000001475E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: java/lang/VirtualMachineError.classPK
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeMemory protected: page read and write | page guardJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)MJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeCode function: 3_2_021C03C0 cpuid 3_2_021C03C0
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\bin\client\jvm.dll VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Users\user\AppData\Local\Temp\hsperfdata_user\984 VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\lib\resources.jar VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\lib\rt.jar VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\lib\jsse.jar VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\lib\jce.jar VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\lib\charsets.jar VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exeQueries volume information: C:\Program Files (x86)\Java\jre-1.8\lib\meta-index VolumeInformationJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Exploitation for Client Execution		1
Services File Permissions Weakness		1
Services File Permissions Weakness		1
Services File Permissions Weakness		OS Credential Dumping1
Security Software Discovery		Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Side-Loading		11
Process Injection		1
Disable or Modify Tools		LSASS Memory21
System Information Discovery		Remote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
DLL Side-Loading		11
Process Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveSteganographyAutomated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
DLL Side-Loading		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Obfuscated Files or Information		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1483412 Sample: dn-compiled-module.jar Startdate: 27/07/2024 Architecture: WINDOWS Score: 52 19 Multi AV Scanner detection for submitted file 2->19 21 Exploit detected, runtime environment starts unknown processes 2->21 7 java.exe 9 2->7         started        9 7za.exe 244 2->9         started        process3 process4 11 icacls.exe 1 7->11         started        13 conhost.exe 7->13         started        15 conhost.exe 9->15         started        process5 17 conhost.exe 11->17         started       

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
dn-compiled-module.jar26%VirustotalBrowse
dn-compiled-module.jar21%ReversingLabsByteCode-JAVA.Trojan.Generic

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://java.oracle.com/0%URL Reputationsafe
http://java.oracle.com/0%URL Reputationsafe
http://bugreport.sun.com/bugreport/0%URL Reputationsafe
http://site.com/0%Avira URL Cloudsafe
http://77.91.77.145/?v=3&event=0%Avira URL Cloudsafe
http://javafx.com/fxml/10%Avira URL Cloudsafe
http://www.oracle.com/technetwork/java/javase/documentation/index.html0%Avira URL Cloudsafe
https://github.com/TsSaltan/DevelNext-jURL/releases/latest0%Avira URL Cloudsafe
http://javafx.com/javafx/80%Avira URL Cloudsafe
http://77.91.77.145/?v=3&event=2%VirustotalBrowse
http://www.oracle.com/technetwork/java/javase/documentation/index.html0%VirustotalBrowse
http://javafx.com/fxml/10%VirustotalBrowse
http://site.com/0%VirustotalBrowse
https://github.com/TsSaltan/DevelNext-jURL/releases/latest0%VirustotalBrowse
http://javafx.com/javafx/80%VirustotalBrowse

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
http://77.91.77.145/?v=3&event=MainForm.phb.0.drfalse
  • 2%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown
http://java.oracle.com/java.exe, 00000003.00000002.2026317806.0000000004200000.00000004.00000800.00020000.00000000.sdmpfalse
  • URL Reputation: safe
  • URL Reputation: safe
unknown
http://javafx.com/fxml/1AbstractFactory.phb.0.dr, MainForm.fxml.0.drfalse
  • 0%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown
http://site.com/jURL.phb.0.drfalse
  • 0%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown
https://github.com/TsSaltan/DevelNext-jURL/releases/latestjURL.phb.0.drfalse
  • 0%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown
http://www.oracle.com/technetwork/java/javase/documentation/index.htmljava.exe, 00000003.00000002.2027027105.00000000149B7000.00000004.00000020.00020000.00000000.sdmp, java.exe, 00000003.00000002.2026317806.0000000004284000.00000004.00000800.00020000.00000000.sdmpfalse
  • 0%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown
http://bugreport.sun.com/bugreport/java.exe, 00000003.00000002.2026317806.0000000004200000.00000004.00000800.00020000.00000000.sdmpfalse
  • URL Reputation: safe
unknown
http://javafx.com/javafx/8AbstractFactory.phb.0.dr, MainForm.fxml.0.drfalse
  • 0%, Virustotal, Browse
  • Avira URL Cloud: safe
unknown

World Map of Contacted IPs

No contacted IP infos

General Information

Joe Sandbox version:40.0.0 Tourmaline
Analysis ID:1483412
Start date and time:2024-07-27 11:31:32 +02:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 2m 22s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultwindowsfilecookbook.jbs
Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run name:Without Tracing
Number of analysed new started processes analysed:7
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:0
Technologies:
  • HCA enabled
  • EGA enabled
  • AMSI enabled
Analysis Mode:default
Analysis stop reason:Timeout
Sample name:dn-compiled-module.jar
Detection:MAL
Classification:mal52.expl.winJAR@7/174@0/0
EGA Information:Failed
HCA Information:
  • Successful, ratio: 100%
  • Number of executed functions: 7
  • Number of non-executed functions: 1
Cookbook Comments:
  • Found application associated with file extension: .jar
  • Stop behavior analysis, all processes terminated

Warnings

  • Exclude process from analysis (whitelisted): dllhost.exe
  • Execution Graph export aborted for target java.exe, PID 984 because it is empty
  • Not all processes where analyzed, report is missing behavior information
  • Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASNs

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\ProgramData\Oracle\Java\.oracle_jre_usage\b5820291038aa69c.timestamp

Download File
Process:C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):52
Entropy (8bit):4.882568083276078
Encrypted:false
SSDEEP:3:oFj4I5vpm4USPPo:oJ5b4
MD5:879973F0AAA3ADF68D7D7CBF7ACB7417
SHA1:C0AAD95FFF3E35AE72A36DC1CC6D388A8D2C6D10
SHA-256:593D5AFF218C2111AEBAB303C5E3463E19764DED196B108153DBC376570E71BD
SHA-512:877A178C88CA2609D83899A84C43CC02D6B445DDD7CB9D2510AABC1548A86CAB8AC26464B987E5E7B825EDA33523B018B45FD7D6BA05805D66FB69FC7A20A3F2
Malicious:false
Reputation:low
Preview:C:\Program Files (x86)\Java\jre-1.8..1722072741360..

C:\Users\user\AppData\Local\Temp\hsperfdata_user\984

Download File
Process:C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exe
File Type:data
Category:dropped
Size (bytes):65536
Entropy (8bit):1.2593573192270093
Encrypted:false
SSDEEP:96:Iy4rn/8Gt0jE5+Z6raI28Ig27JjpHG1bow1o:Iya8GtIE5+Z6PIhPHGd
MD5:906ACE17EB2EE52688B4D95043AAA987
SHA1:9DCF89F3480F1BDB3BDA7C579E9DAC394301FB20
SHA-256:A79A20C44EFA47822AF99C41C1FF2B06FAF3375B5B145118115A6ECFE9883417
SHA-512:A9C77B7EE4D337E3827B58C1A6857E8631E1EB50F9FCD4B3610DD0B526ECEB13511A3531AE1489482AA8FB1842717C0FB03116639CD971FC69E14CF4CBCAF0C0
Malicious:false
Reputation:low
Preview:.........9........,..... .......8...........J...0...sun.rt._sync_Inflations.............8...........J...0...sun.rt._sync_Deflations.............@...........J...8...sun.rt._sync_ContendedLockAttempts..........8...........J...0...sun.rt._sync_FutileWakeups..........0...........J...(...sun.rt._sync_Parks..........@...........J...8...sun.rt._sync_EmptyNotifications.............8...........J...0...sun.rt._sync_Notifications..........8...........J...0...sun.rt._sync_SlowEnter..............8...........J...0...sun.rt._sync_SlowExit...............8...........J...0...sun.rt._sync_SlowNotify.............8...........J...0...sun.rt._sync_SlowNotifyAll..........8...........J...0...sun.rt._sync_FailedSpins............@...........J...8...sun.rt._sync_SuccessfulSpins................8...........J...0...sun.rt._sync_PrivateA...............8...........J...0...sun.rt._sync_PrivateB...............@...........J...8...sun.rt._sync_MonInCirculation...............8...........J...0...sun.rt._sync_MonScavenged...

C:\jar\.data\img\5314-windows_102509.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):7267
Entropy (8bit):7.404044958117031
Encrypted:false
SSDEEP:192:HXrUVeopjNdQMIFYngBdnOkchu0RZ9N/cDe5Jz:7UVeopvDBnIdnXcvHN/cDaJz
MD5:FCF0A3C2EFD5AAD406AB595DA537BC49
SHA1:4063283EF9507C9B1C0EF07711E6688F527288D9
SHA-256:8CE2532FCD60CAD54CC44C8262BEB94D2FD2C0A61301501F9597A639D33B72A2
SHA-512:BF7CD3DFE3CEB98A7B568FD250292A48C1D802C84D61E0E7EF74ACA5F9CB2AF733EC13D5BF20DE58E9310A7B71DB30A37C01E0D9FD558164E04C14573E9A738F
Malicious:false
Reputation:low
Preview:.PNG........IHDR..............x.....*IDATx....\.}.....3.]q...;Hc[.....8.Y#M......$...pZ$.J/{Q....&E..B....\.hb.qbGV.X.DQ.........,C........j..%..H..>..`.4.....w.9..D........................................................................................................................................X..1.%s.>...[..X....V..........n..V~.^h}-".......+{..._i.?.Z9..a..W......\..b}..[.r........|4.....>..D..p......,+.~..+.y.>7...+;1....V...."..R^m..h..c.5...(.".R...l....by.4...;B...3....a..K..Z/...n\........n....Ek.;...D..... .3..U...,.].c8..4.Ox.....E...z,......k..9Z.?s....N....9.[X..vo1.....V'"..l.b8.x.f.........".Y..A^..G..S.{...|gck'.W.Yl.z..W*../F.X.._oGd...I...N..p(EQ....xlk......o....v+..Bg....,E..;WZ....,../.G.pi..7k7/...."._...........?~j..7...x.....N.......o,.v"....z...ED.<Z.....~....W...!...39+..{..W..T*...N.........W.Vw...`>..A..vF.|...W.....cI...@.>a.....B....0..;..b.W..T_....wb<+...]9"+.4F..E>{...#.....Y.s.Y.?......*..6.....6..

C:\jar\.data\img\Computer_PC_Monitor_1906.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced
Category:dropped
Size (bytes):1741
Entropy (8bit):7.1245084734242905
Encrypted:false
SSDEEP:24:dwowe3u3Hr9akapIToRsyiGrkEqiTeOH+ovF8Vw9XB4KEHm:Czt3wi7yiHiT5+ovFlwa
MD5:0367C4443A1036C1DE70226E366EE2F3
SHA1:CC93787047DCBC9E00CB0A59FFD9512EF2878121
SHA-256:628F3DCBB067E45B192A4FE39F363415E98BC3F5BF35DC8056285A177F134C15
SHA-512:CF01FE37181A049793E5CAA4A477E007F40DAD6796890B71398A3591F8A2DD62CF4AB1AC9B3CA7B3E5094F18C18909EAA15E21C345678ED8FBB53E7F0E8A0580
Malicious:false
Reputation:low
Preview:.PNG........IHDR...............?1....sBIT.....O.....pHYs..........+.....pIDATx....o.g...g.....lb....!..T.... ZB.......Gn..8./....Qq........BA..P%@...hS.Ih.$...Cj.V.*....u.8_..{g...i.....z]..]....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D.t=...=.|......Qx.nn.....?..n..e.M......={~....).._.t.{/mt=.d.{...b........rz.h........i^......G/oJbV,../.g..)..F./.1..o..z.j...7+.L.!..|....|^.......M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....@4..M.D....].P.)eq6&..R....G.5...GF..~.T.SPkv....`.k....... ...&....h. ...&....h. ...&....h.......'..INo...y..........]O........cm|niz'.-m....y..V..).W...:..u.....4w ..M)._.Z.....$.}...'.r........+.....w.<.....@4..M.D....@4..M.D...\......as\.m..E....8l...i......

C:\jar\.data\img\Icon.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):51039
Entropy (8bit):7.987191041711094
Encrypted:false
SSDEEP:1536:4kghS05oAgOLr6xGvxZM0rwkRHw71yllt:4kMSood4r6Qvx1xHAyH
MD5:5403E64B682EB778EB4354C415E5B4EC
SHA1:48E462A36B4EE7C2B85C8717DD55D092D3822CFC
SHA-256:B97B0A5739AAC7C4BB28B949F5865F1E4AF391A954FCCCEB9A3AA19AF94C5528
SHA-512:8558A388E1DC8FFB61648C4D0F41272586BB2DA580C35EDAED76943F0DF35581E87F9700542A8F8EC492DE999317BE40E864740B1D144E3830F6EC1C6D0351F4
Malicious:false
Reputation:low
Preview:.PNG........IHDR.............\r.f... cHRM..z&..............u0...`..:....p..Q<....bKGD..............pHYs..........o.d....IDATx..w.\Wy..]k.=..2..wY..na.J..L....7.B..$...!$.4J.M.!.@..L..[.U.fu.#...].z..3sfN.e[.........W}.......................................'..n..<?....n.F.4.a.!).a..RJ...!.*Z..Z(.JZk[).\....(..>..q..\..FGG.i..R!....MZ...R!D@k.........b.....!..[).hoo.`0..C..g._.p...4....R..a..1M.l...,K...M.l.kYV.e..n.....a....7m..:..{....p...]]]!.47.......@......T..Gk.....T......Z;Z....]..R.....O>..v...0.v....Aww.....7..........i.W7r..h...y~c.+2....t:....W.X1122r.......p.O.T*%.........Z...z9.t..6}.{..hkk%....F......8.....Sk..R^.N.{...x:.>z......"........L&........Sz...(.0...........e..U...`Y........<x...z.C..Q.T.-.MPJ=.x...=z..g{,...@..`A.R)..f....I)W+...r|...c\s.5\.q#..c.e,]...K.bY.:=.u...d..<....s.=<..S.].f.w..%K.......8..D"o6..eYj.....7MS..U....'.c[..|>...Z).=......<Ok.......~......&..l+..e.^s.............`.n.0..Lz.a.T*.?.......\W*..)...?.Kk...8.

C:\jar\.data\img\PuTTY_icon_128px.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 128 x 128, 8-bit colormap, non-interlaced
Category:dropped
Size (bytes):1700
Entropy (8bit):7.290120902029946
Encrypted:false
SSDEEP:24:uvk7WAK43+ue0JQg75sDmp8122vR013EYmPrs4HnptBE1k5EVQMEgOLTt8haJoOe:lCT8rsKpgBZPrKi5EzgVWpuJEh1
MD5:B7A49C508EC1ED05A6EC3BA9DC8FBBAD
SHA1:C69123D25128F85D572EE884100E9DE1D9194CD8
SHA-256:A13C77468119F1D07B6B2145E4339B8ED46D63662951FDE316AB14D45BE5E9F0
SHA-512:58F5FBE37926D03FB76F4D1481DE19F0FC6CA60A5AA6239B774ADA6CEB90C8EC03E865725E75A74A6AD08BA39203E1AA25250762D67D1F212CBFF796C20B8A67
Malicious:false
Preview:.PNG........IHDR.....................gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....PLTE.................y..z..{..|..x..w..v..u..t..s..r..q..p..o..n..m..}.................................................................................................................................................................................b.......tRNS.@..f....bKGD..h.Q....IDATx..gW.0..+.$.R.mCRL&..E..at.EK...5.W........._.p8~.]9......(...P%....zN.*....W+ .W* .W) .W( .W' .W)...B.-...V..[K...gC.@.X*....fX.;..X....y..h............g..C.@.@.\..Vk..a.j..J..=.7..v....N5....*.....*(...9.O..3o.S`...v.",P.M....0l.f.....`..e.t.lnF..b.7.]..F......!?4`-.9`....."0...7......d..........}..~..f>....a|bj.H..K...0.,@|.7.,(....!v....A..u..]....*....W.............#....|:..4.lo..utp.....h..#...k..;;..p.h.I..".....S........Q.... .t.C......F.G...x.......O..~.y.Q`o.;=!1~g..s..........F...^.?.v).xl../.w.....!...^oF...........OI..y.`0G......{...o....:.._....T...&.D.........N 0..9

C:\jar\.data\img\T678V.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 190 x 190, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):6979
Entropy (8bit):7.948132057719689
Encrypted:false
SSDEEP:192:pMQ1sZLDh+Xa5lRJYEQCq8EvCNWVRsIetQGWfRK:iQ2IXwlRJYLvlqNKRsBWfo
MD5:E09F1CD46C82261915E1694F29DC3E4A
SHA1:358109EF1A4FB18B5F860FAE49E57E8CC650EF73
SHA-256:DB4BEA64619D897C3C1B0F183D0C58A1BB191820B26A09F141EF5F126F9135F9
SHA-512:0F8E8286F5AF4C593F2B7AD0D4EF1493230A1590D3E4E763E05B6A3322F1AC1E5B20D104712528B1826D49F1A2DD07A57BE128AAC3328750F45F31601B3BA4BC
Malicious:false
Preview:.PNG........IHDR..............t......pHYs...........~.....IDATx..y|....VUKj.j.l....../.0..$.b.qX..@.;..2$...cf>Ify.......K.....LB..` ,..16`.m..}.d...Ru...]..7-.].......{..W..=u..<a..vUd.pey.-!g...5...2...h@.kN......M............m....x+..s=.\.LXV9........s5z..T.pL..D...F<.q..^lm..K...0..d.Ht.$l.E....4z>..pR. 5....m9..g..hA...Y..dM..."........*...7./....b(..G...q.*/.t.1...iY......w.....~...a ....j.V..........=...iYNYdx.m..D ..;...!..B'......Oz^*....K.....z.....(.g....{<...h..l)xV....b.6x^...}..e;DF._....B.c...!.(@k.\l.....yn.O.............B..7.7....!.(}Wee.3.o.O+..o..o.........B........B.W..U...I..h.;..W....a..>.t.. S.3....YD.H..Y..5u.x.k...I.o.Ny.v..............!5C....Z).$o8./-.......w2...:].!{d,..U^Q.#..X..:....G.,..../'._.......).qp...;_.cG{.)|!$55..h.[-...c......Z..:..y.cY.c.".e.....B..c..`(.l!DH:.A)..c..Q..B...V..~Jf.....<.S.....x.Q..Q..m.FV...Mh..8....QI\{F.....a.-GXs......~ ..c\........w.....C._.jN9.<.Jd...1..Jk.....u...yH..)S.^...".

C:\jar\.data\img\exe.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 128 x 128, 8-bit colormap, non-interlaced
Category:dropped
Size (bytes):1343
Entropy (8bit):7.4946293335021235
Encrypted:false
SSDEEP:24:uFMXF4Jl9kIYntx7ogdILFMchOEZrS27Srl8bOksu0L2z6EMVlN:510knPJILFM+OEZuSbOsGE4N
MD5:122DD692647F3DB60D1EB46105740336
SHA1:F10CC559FC7E65AC553E2A9DEAA135B976950EF7
SHA-256:1BFB565E014C406A992668260D404552D33A1AC1CE5A24AA5675F7FF46D92113
SHA-512:C95832AF3407172EBBA93D0BB7EABA3A8C1F75FBC1A3BB027396445B0551A62D79F7AAA88D9F0620A6D15D00DA08ED10A52D12B7778240298C5BF2F647750E05
Malicious:false
Preview:.PNG........IHDR.................... cHRM..z&..............u0...`..:....p..Q<...5PLTE.......................................................................}......................................................~..~..~..}..}..|..|..{..{..{..z..z..z..y..y..x.2..1..0../.....-..,..+..*..)..(..'..&..%..$..#.."..!.................................}..z....y.....x................|........|........9)....tRNS.~ p..n....bKGDf,..%....tIME....."........IDATx..iW.@....w....`..]... ......6.G.._0MK.2..7.I.0O...>.w&..Z(X,...b.X,..C...p...s.....p..3v.9u:...D...2..(NL..QB..R.#..>.G^...C..)...(3g.1....8...J....../....*...KKW..Z.^o4....4....v{......:...{...}.....>z..../^.z.....J.?..*...Tk....fk...mS'`....T!......{...(.. ...I..+....!....0?.@.....`~....!...._C...y.............@..7p.1.....ZA....!.W.tB.k..Y+..0.V.|.......8...8v,..k.@.....`~R.>v..C...c.!.7.............v..!......P........`..?6....`~......b~b.G..!.........^.l......]...b~.........`.......`~R........8v.....SDf.s.......

C:\jar\.data\img\favicon.jpg

Download File
Process:C:\Windows\System32\7za.exe
File Type:MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Category:dropped
Size (bytes):15086
Entropy (8bit):5.498658788956263
Encrypted:false
SSDEEP:384:jt2ecCH8I6NtsowmbiphwAG2qHgtMXst0o:B2lbdKPXGZ8t0o
MD5:AFB47AB69591AB1E78C07E1CE5163E66
SHA1:0BC6651A6D8CBF9BF81E8B8C64EF1E2FB7F3AF17
SHA-256:3B7794524228EA56CB62C63E29C182DFC01DEC2F6F3AF1A17947248C00AB615B
SHA-512:956F82B47108933ECE4F91CE1107C48F159FCF396F77DC48F4220032CCF9D110680E87ACC80868827692D528F26D3C721436F367047FE935C0BC27910A804927
Malicious:false
Preview:......00.... ..%..6... .... ......%........ .h....6..(...0...`..... ......$......................................................................................J...J..-J..XJ...J...J...J...J...J...J...J..tJ..JJ..!J...............................................................................................................................J...J..6J..}J...I...G...D...A...?...>...>...?...A...D...G...I...J...J..fJ..#J...........................................................................................................J...J..OJ...I...D...<...4.......+...)...)...(...(...)...*...+.../...6...>...E...I...J...J..3J...........................................................................................J...J..=J...H...@...4...,...(...'...(...(...(...(...(...(...(...(...(...(...'...(...-...6...B...I...J...J.. ................................................................................J...J...I...B...3...*...'...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...+...6.

C:\jar\.data\img\lightning_icon_155196.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):15351
Entropy (8bit):7.817955934478813
Encrypted:false
SSDEEP:384:q99Usj1bQlh8yQd4hWu2kVVIHiUYR7//ld6XD5:qfUMyh8yQdmWu2kVSHivRqXt
MD5:24DE0F7DEDADC3D9E21D3590BEB7399D
SHA1:BA703C4F4D6314B2AB3A92A629AAB3AB1B9D6C46
SHA-256:72018E20413BA7AD9645F9D4F581B0EF4793BF27F3FAFBFCB7253261C7B5A64D
SHA-512:9D492A534303013754E6F3576BDEA25B116960846B65331A040529A36E6E114ABD7600FC5D6D615354A549FBF717151E1C42095D8EA0BC6E18591B3030DF623F
Malicious:false
Preview:.PNG........IHDR..............x....;.IDATx...{.T....w.U}.[.}.....HDg4J......&...l&..=.....$..[.s.y...#.As...D3.$.......k&..3.jC..M.}..nk...#L...Z]U.|?.&..m..o.....y....X.... ......!....b......b... ......!....b......b... ......!....b......b... ......!....b......b... ......!....b......Jh..A3...T__.I...'......y^R...dYVADv....^.2e....^.....y....5kVc......}..%"R........-.L~}xx...1(...bm.......yc..D$.....gY..........Aq8..K.W..q.......4.\)...dX..-.....HSS... .... v.........".. .....P(<...C..G....=<<..p....u].[...?===.v.....b#.H.)..?..F.. ..1.]r.%.uww;.-x'.. .jjj.......Z.. nl.......x+..D^&..W(.....@.1.2.q....[1. .V.^]322.5..j..qf..'.J...?a.@....?.ID...@.r..............4c............q]...;.+....../..?.(.......8..+...L&3odd.ya...8...U.P..vG.q.#.r..m.....1....`.@..R...1.iw.xw..-mmmm..;..D...."...@p9....#.......p..y..;....yK.........o.n.pd......w........Ed.v..#.<o.vC.1. .zzz.B.p.v...5i..... ......u....P4..<..R......v\.U..@I...W..z.D.c......$.{.7];".8..j]]].....v.

C:\jar\.data\img\photo_2024-02-29_19-36-11.jpg

Download File
Process:C:\Windows\System32\7za.exe
File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 883x883, components 1
Category:dropped
Size (bytes):29841
Entropy (8bit):7.698031697995659
Encrypted:false
SSDEEP:768:tAfAdqiCl5KIpv+aHZXQCq6tszlPg4Cjsm+kQ9VGO9dq6EjFFKOs1EoJqSF:8OClwI9HFFtglPgedGSdq6EjfnqJp
MD5:64943CD0BD055379E48F85677CD5D89F
SHA1:36169F7B4D4EB575853343E398487665E64EB338
SHA-256:7E3A37BEA32E13917DA0DD87ABB413A2369226ED4F5B655B00CBBA5D2074FDB2
SHA-512:387CC455B6833759E329C874409B403C9C64485E3A9CB1DE7A0D0DD846BFFC6F378AB7DABEEDD5932CD1B9C8418B5D62ECF5FA1FD838757A6E02532BB54FD600
Malicious:false
Preview:......JFIF.....H.H.....C.......................................................................s.s..".................................................n+..x^G...p.rv{......IL.............(........<.yaH..................%6].8...........UTP/........(.........../<......v._`.........o......Jo.g.........._........A..@.........W.......'ZFh......*...........4'|........*...................`..........xhnp......}.>@.......&.........e..........z.~......K...........L........|`.........Z......A.O.........._.......>G............@.....>p..................w...........ik.....c.............W...8.]p..........;..V...y............(......._.....K..........gS...#.y....,-..@.......$rJ.".......j....$.*...s0...9=.$.I$..A.........*......J....R.... ..$rI....a. ..u....~)....-.....| .....G$..=.@...........8.......R.Gq..&.6G.}...y.D.=.....-....K4e.............@._...2.R....h....1S..ekP......wv..C......m.....6.96t....+L....@..U.......@..a........*....ooz...S....=.?..O...ol{.....s....A.f.H..{z.....5

C:\jar\.data\img\photo_2024-03-03_12-40-06.jpg

Download File
Process:C:\Windows\System32\7za.exe
File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, components 3
Category:dropped
Size (bytes):18334
Entropy (8bit):7.968875354966066
Encrypted:false
SSDEEP:384:ISRvATyV0gK0wIrw+8M5nSVtc/3ev6ye037wwtXlc5hdk8:RFiIGknSFCyLBXlAdP
MD5:883AF471F631AE7AD92E0B7A65922312
SHA1:4354F9BEEB116509DBE272087E021DCF5C09592A
SHA-256:B9D753A693F5D3DD3588AC374A73A925223B7FE77251E253A183E83B01490F64
SHA-512:ADBCF9B5FE46E3AA0672CCBDE85B581C82F501AC16BB3DE501A077EF9473D3BAA1B6A2950A8711C684E6AF46EF82058E1CD46088CDD260BD8F48D019F4871B08
Malicious:false
Preview:......JFIF.....`.`.....C....................................................................C............................................................................".........................................X............................!1AQa.."2BRq#3..br........$C.....%4D.....FSTUs.....6Vc.....................................4..........................!1A"Qa....2q...3B..#.$br............?....Y....=....P+.o...u.l.s..].4s...0......9:.i.C^.....:...=U*..<|.`..5+..v.]. Z.+..Q..........?...y. .....z.Z1S.;.@t..V.T..>8M!.9Y$6;..}..t..=.T.....4^..P#....7.'?H.S.N.c.O.....i.m.t!y)%+.....Le...Cb.7.<....m.G<$x`...].!.`h.*......,..Z..S....8...(..%..h....;.......a.........uN.@..I.Nb.*....;.*U.......T......HM'T.j.[. ...*....C.DWa. !.=.x......1.2..mi....b.....'Z......o....H.U...<.!:...l.*.l../X....f.O.U/FFn....Q...(.............d.I.=..4...sU6s..:..MZ.#.....S.O....n.v....Mi.2....o.....uSI...u..} .....w.ht8@o]F....T..hev..|........s...U..'..rU.f...u.M...7!.JtZ.s

C:\jar\.data\img\photo_2024-03-04_18-39-39.jpg

Download File
Process:C:\Windows\System32\7za.exe
File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1000x1000, components 3
Category:dropped
Size (bytes):58506
Entropy (8bit):7.8951205036140895
Encrypted:false
SSDEEP:1536:PBO2tFva0DxnRp6/GI5QA/a0v5G+cH3yakQNxjM:PBh9ampZLev5G+bCNxQ
MD5:A67FF506E7E30D74CB3D67C0315FAC95
SHA1:8E413F458E5A0327B774DC700DF2584FD3D1DD21
SHA-256:00628A85D4F44A0B2B40A3D22FB6A5BBB3CFAFF0F7EED6321EBE76597D030073
SHA-512:2AD613FEC9EC699401B569F832DC707B84BBFB08E30418B44AF8CD9257F41F660378817B5083716814CEC55A89017BF8900B886736EB82E244145F3CB95FBF45
Malicious:false
Preview:......JFIF.....H.H.....(ICC_PROFILE...............mntrRGB XYZ ............acsp.......................................-....................................................desc.......trXYZ...d....gXYZ...x....bXYZ........rTRC.......(gTRC.......(bTRC.......(wtpt........cprt.......<mluc............enUS...X.....s.R.G.B................................................................................XYZ ......o...8.....XYZ ......b.........XYZ ......$.........para..........ff......Y.......[........XYZ ...............-mluc............enUS... .....G.o.o.g.l.e. .I.n.c... .2.0.1.6...C....................................................................C............................................................................"....................................................................................@..,e.X.....DQ.R.,.Q.W.7C@TE@E......(Y`......e....A.T\.K,T.Q...B.4..............5..A@K.L..*........L.%..n6\..RP.2..E. ....R..E,P.. .1J.."....U.V...................9..y!...2...e\.b..-J..c

C:\jar\.data\img\trophy_jewelry_winner_win_treasure_gift_blue_diamond_game_icon_262398.png

Download File
Process:C:\Windows\System32\7za.exe
File Type:PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Category:dropped
Size (bytes):78827
Entropy (8bit):7.958337767791073
Encrypted:false
SSDEEP:1536:V+02zxVFq0XHRPp3GU73CWRbq/vDPlVY3xeTmnLb8QjWGdZwKPUSrd:Vl2vFqEHRPp2U73nb2563mm39WmZwKb
MD5:DAE4183C19FEDD173AB93B03FD1833FB
SHA1:198AF1AF35AC5CA51708477A1E5E1F5A9DDD4C65
SHA-256:426C61EA5F19A1935C401F7352D616902458DBA44DCA5F30D0DE477CF8550F20
SHA-512:63BEA9647C286B1284ABEA088D8E84188A84F0D5D67A3B97D21FD411912A37A05C2AFFB8229EACCC3224C2F53C67B1875110AAA8716AFDE03FF36C442ADA80ED
Malicious:false
Preview:.PNG........IHDR..............x......IDATx..g`#...gf.,.l......R.N .BK.$.B.TRHH...M#..{_.CI..@.!=!t..[.]{w.lY]3s......uFV......9s,.<.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.....p8.{...b...........@;...>......B....H....pNL......e..m.... g..:F)...?..{. U.ys8.....p8.$...A.....v)..c.....p....pN........z.y ...!...).....S*.rO..Y..5x...n..........~...sb..l8......"./.iZ.....V[0.y.....p.?\..p...i..!...B...f....>]...p8......,..z........B...p.....|..g.....'O...;(........W.rrG....~N...8.......>.......=........r?/..Y|.,..G;..._@..,...G...Z.nH. ...~......p..\..p4....2..a...] W....1...i..f3I......p.....p4...y=...}6...am...o-...@.......r.-..x...~~...x.....HK]].H...f.|....qv{3$......6.a.. v.c.7.Nq[.}.ptO....,..Y..a....(..=...*..q6...B.hj..h..J.R.#...r..I.r[[C..^....8.......|..&..j.....FPU..fE.....T"..h......]P.4.........[]...p8..W.8...

C:\jar\.inc\jurl.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):113500
Entropy (8bit):6.173960172447872
Encrypted:false
SSDEEP:3072:2isIloCPj8lXD8odGqKLnMCVjVPCZqKz31bxAbFPcDTF:1RopdnmCVEPM
MD5:B23664AE9473198FE4158381C3A411A4
SHA1:4619F94548EEC33F71B2A87488BB3C589B9585CA
SHA-256:A66586D062FBC324AC70B81C44AB430A643168F87F830811AC4AB7BF2A578A70
SHA-512:85A1FCA06AB08BD007D4FC1824E64B42297C188698F60BF0CBC13D07C6F1833D84FFF1A49A87193D96BF12C0C546C425F78277CEB73CAA20F36C4D40D8108027
Malicious:false
Preview:..J..3S........u..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\.inc\jurl.php...-.-$php_module_ma1dcf61cd93140389f54254a5363ae0d............Unknown.......................curl_init...3.3$php_module_ma1dcf61cd93140389f54254a5363ae0d_func0............................C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\.inc\jurl.php.......................url...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\.inc\jurl.php..........NULL.......b.......2.s..3$php_module_ma1dcf61cd93140389f54254a5363ae0d_func0......php/runtime/lang/BaseObject......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\.inc\jurl.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[L

C:\jar\.packages\app.pkg

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text
Category:dropped
Size (bytes):74
Entropy (8bit):4.111367136356229
Encrypted:false
SSDEEP:3:3kaX3VTIKmkPmDjmolFp:0aHVEKT0jflj
MD5:FF51C1DE5FD505614D35C638851E7714
SHA1:C3FDD132912E54960E348820202AAF58DFD551C0
SHA-256:FE06FF97DB144044D8F825AC9F2EAF3C92CA470691CDCAFD203CC726CC485B45
SHA-512:D2E88CA5E75F8C0D1455A91311979601C28B78A4DCEDBD29022B0C6213020CA311D6CE1C7D5700ED1398001B503856983F56A9B3890B9380CD475750D50E0FC1
Malicious:false
Preview:[classes].app\forms\MainForm.app\modules\AppModule.app\modules\MainModule.

C:\jar\.packages\httpclient.pkg

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):143
Entropy (8bit):4.273001500578649
Encrypted:false
SSDEEP:3:3yHQLENRVyFRovHZNRV6uHZNRV+9O4INRVcSZ2XKNRVjen:CwkfH98uH949Yu4XE
MD5:382775992447817E2371490B7C83C518
SHA1:E09691678F15414184CB4D2DECA9A4E8CD5F83EC
SHA-256:BBA2F9DABAA926EEFF51C9F4A84EB66BF1CB618782E4784C9424549E38AFDC30
SHA-512:C6D857155D6B6899F323615F1964AEFD4CD7137CE42AB3F08971958684D8A6CC32007C6CF2083B83D7A9C3A3E66000707C15D7BDE0221859530A3EE72BE2E568
Malicious:false
Preview:[classes]..bundle\http\HttpAsyncResponse..bundle\http\HttpChecker..bundle\http\HttpClient..bundle\http\HttpDownloader..bundle\http\HttpResponse

C:\jar\.packages\jurl.pkg

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):146
Entropy (8bit):4.51616781556568
Encrypted:false
SSDEEP:3:3yHQLEPiK8PiKcKBMNo4LBWPiKb2XKPiKyGwNo4LBWPiKHovnZ8An:CwbKfKc1fLB1KbmKyFfLB1KHovn3n
MD5:19609145DFD3765AEC5E1540F3BFC95A
SHA1:FB8CB04250418DC7E17014AE724215DFBDE5011D
SHA-256:85369D9B879F076921532D2E73FC63C1A712D6812B7C7EC2BDA2C02DDFA78407
SHA-512:5683766D7875E7254D18AE909E9F275200EF0C2AADEE71BC3283E2A74844ADC4E69BFC2F514ED43638D6AB4D4270084DEBC0838DEB808186F49F00143C25BDCA
Malicious:false
Preview:[classes]..bundle\jurl\jURL..bundle\jurl\jURLAbortException..bundle\jurl\jURLDownloader..bundle\jurl\jURLException..bundle\jurl\jURLFile..cURLFile

C:\jar\.system\application.conf

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):211
Entropy (8bit):5.072561563738107
Encrypted:false
SSDEEP:6:S4bOamX7V53/R9yNFak1M3W8bFSR2uNSy8uyoAEn:FwLXbJ53WwSR9Ay8uDn
MD5:3F703D789F803B33657D3E3CD9132C03
SHA1:DCD1FBF463CACFE4497246EB0E91EA315018E0C3
SHA-256:43D7C6698D58CF6895D2D575C30F7D156CA17FE68C12C04C87A02C95258CBE4A
SHA-512:1549D95BC849C981F854736DD6D1E8A6CB21741B7435D014B09C46B09A73791E1B703F13EB5F85FE46071F63816850F4891FACF3A4DCDACCA080741795AEC5A1
Malicious:false
Preview:# MAIN CONFIGURATION....app.name = 215..app.uuid = 6ccf8f8e-fb00-441b-a0f5-f3bc2fa6619b..app.version = 1....# APP..app.namespace = app..app.mainForm = MainForm..app.showMainForm = 1....app.fx.splash.autoHide = 0

C:\jar\.theme\style.fx.css

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text
Category:dropped
Size (bytes):76
Entropy (8bit):4.776237099865107
Encrypted:false
SSDEEP:3:UuTyAFSFSMcX20vhp9YXdL5:Uu0FS5OXdt
MD5:0F8A8BD7A94BA296BF8CCF7BEC06B537
SHA1:3052786977903E6CECF3F0A0B198B882BBD800F6
SHA-256:A0BC4CC14B7993BF7F55EFBDE33C0FC50AF02A1648078ECD53554A8749D394CD
SHA-512:A204A9896135269EC2888AE618F0CF2370CE890E309961380496E990B6F7846AA6A7B6039164AF9502B39BC100BC8BFEDBF29F4EB409573567C1B563262AA533
Malicious:false
Preview:/* JavaFX CSS Style with -fx- prefix */...progressBar{.-fx-accent: orange;.}

C:\jar\App.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):6364
Entropy (8bit):5.516499900123953
Encrypted:false
SSDEEP:96:fi+eQO2lMRWyG9JLND9DWvvEvFlvGfE/EPCKm5eQO2lM+FSIWGC4MloO:M4pWvClussaKmDFS7GCplP
MD5:F5BFD418CDDA697497475C421BEA30BE
SHA1:5A5DECB4972CAE9A2C459263968DD7E63CACBB18
SHA-256:1B37A4F9468110FF71309424838D5666EE1924965A7D6C2E32A37A5109C5453B
SHA-512:1F2AADC9371E2428AF9DF135796D60B139F5AB4264ADE10C0CFF8EE1576B40E62D8B234D944BB10D6A82D19F37A9DD5A8C3B12174389ABFEECB73C90153FB090
Malicious:false
Preview:..J..3S...........1952586485~583...-.-$php_module_mce568a42af9745dbbea6609c206a5e0c............Unknown.................................App...4.4$php_module_mce568a42af9745dbbea6609c206a5e0c_class0...........Unknown.....................................................pid......pid$0...........Unknown.........................................name......name$1...........Unknown.........................................version......version$2...........Unknown.........................................shutdown......shutdown$3...........Unknown.........................................later......later$4.... ......Unknown.......................callback.... ...#..Unknown...................................2....4$php_module_mce568a42af9745dbbea6609c206a5e0c_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_MET

C:\jar\Async.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3807
Entropy (8bit):5.53860912489771
Encrypted:false
SSDEEP:48:WnHyn25L6EjoOa/AjsgjNKASeEFzPzgT67wqVhlGl0Q2c0/Hyn25L6EjoOa/Ajsr:WSeQO2lMAlQ2yeQO2lM+FSIWGC4MloO
MD5:459D82E4F90F72D6B23AF0A0E0351E2A
SHA1:37CA0174B9A16EB68A99DAF77F2F4208B06FDDCB
SHA-256:2ECC9CF738A0139E59743A94F18D2BFC8EBE0504475A21D198171E00EFAA52C3
SHA-512:A294892D71ECAB99CB26B6710A1D62D0DC03A2B044E997FFA4905F4E91B4A85B891777ECC2E1F85EC1B9124A9AD72B2C7142F844D3C81447345E55901B961A68
Malicious:false
Preview:..J..3S...........-1597522967~110...-.-$php_module_m535f376e0f93425fbea8bd05c174d5c7............Unknown.................................Async...4.4$php_module_m535f376e0f93425fbea8bd05c174d5c7_class0...........Unknown......facade\Async.........................../.......2.N..4$php_module_m535f376e0f93425fbea8bd05c174d5c7_class0.....4$php_module_m31f71e20eed441609e5f218322c9efa0_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...Async......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.............~this..6L$php_module_m535f376e0f93425fbea8bd0

C:\jar\Dialog.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8151
Entropy (8bit):5.499206248411763
Encrypted:false
SSDEEP:192:GKcxwcGyLlcQc0yNC/lYGsc7FS7GCplP:GKmw3MJDf/2zmCp
MD5:4861A4EE1002AFF0D6A2D5AF439C2499
SHA1:6C5455BB24AA65516A307B10D29AF7C24F2D4214
SHA-256:7E69597C697EEB6C2BF7E8F23C5491DDAD2C765348A1D859C1EF83ADBA36BC9B
SHA-512:A9098C25690A1D7F121649313F7055A7F2D6AF3737EC358CFF7AFB897B3091D2E2F00767BFF2D2E4C865B4DD41567839A54B7DFD80D99600C7DACA76B2064A0F
Malicious:false
Preview:..J..3S...........1825166875~1421...-.-$php_module_mb54aae8f36a14397ab44627eca7266fc............Unknown.................................Dialog...4.4$php_module_mb54aae8f36a14397ab44627eca7266fc_class0...........Unknown.....................>.@param string $text.@param string $type..@return null|string................................show......show$0...........Unknown.......................text...........Unknown...............................type........ ..Unknown......INFORMATION.............7.@param $text.@param string $type..@return null|string................................message......message$1...........Unknown.......................text...........Unknown...............................type........#..Unknown......INFORMATION.............7.@param $text.@param string $type..@return null|string................................alert......alert$2....'......Unknown.......................text....'......Unknown...............................type....'...!..Unknown......INFORMATION............

C:\jar\Files.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):11534
Entropy (8bit):5.326110294523934
Encrypted:false
SSDEEP:192:tOW6MCiai4yV2v3FcB/j4lipTmyIUSCG+hFS7GCplP:tOW6ri45v3FK4s0x+3Cp
MD5:8B6F95B3880239965D4DE12B45CF7A7E
SHA1:66BC6EE0C7FAE074955E2C1ED0D454A317C4E78D
SHA-256:21FC85740839CD4346D9701DF5635E6A26369E9C87DDD8AD846943D0EAB203C4
SHA-512:B77807322E5D29BC367A7A53222B19CBB501DA25932D7FFEF3ADCE0FADE56944B9E7F66DC8FC2AFF4D2AEA86E191D5725759786B2171165C57EB20D951ACD2B8
Malicious:false
Preview:..J..3S...........1469378100~1664...-.-$php_module_m0ccfe11b28fc42f685a6e872d3e40a51............Unknown.................................Files...4.4$php_module_m0ccfe11b28fc42f685a6e872d3e40a51_class0...........Unknown.....................................................exists......exists$0...........Unknown.......................path...........Unknown.................................................isFile......isFile$1...........Unknown.......................path...........Unknown.................................................isDir......isDir$2...........Unknown.......................path...........Unknown.................................................isDirectory......isDirectory$3...........Unknown.......................path........ ..Unknown.................................................isHidden......isHidden$4.... ......Unknown.......................path.... ......Unknown.................................................delete......delete$5....%......Unknown....................

C:\jar\JPHP-INFO\sdk\php\desktop\HotKeyManager.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):5440
Entropy (8bit):5.34174380026411
Encrypted:false
SSDEEP:96:4MU4lSQHeQO2lM9WejM7L2lmNdyZH/DeQO2lM+FSIWGC4MloO:4MU4lSQSxjM7L2lrFS7GCplP
MD5:5481BFCCA9FE2D696EBAAC6B77715483
SHA1:6337AE916AE97D8144DBDE3C191187E62EBC9FCB
SHA-256:DB982650FB538AEFE51932C340419345461CEEFAA6AAD2661173357E59B57F04
SHA-512:7DFAAC7E63F628185E2F528F5B7AEFE8ED9F1FFF42AE6FF18F3CD8FEA7330769EE713057C381643DCEE54FFD3C2D8559E8AC7FDCCEE4D5648347B79D76BC8555
Malicious:false
Preview:..J..3S...........-1655202432~628...-.-$php_module_m0ede3624e4754b60abaffec5eb41b347............Unknown.................................php\desktop\HotKeyManager...4.4$php_module_m0ede3624e4754b60abaffec5eb41b347_class0...........Unknown.....................................................__construct......__construct$0...........Unknown........./.@param string $keys.@param callable $callback................................register......register$1...........Unknown.......................keys...........Unknown...............................callback........-..Unknown.................3.@param string $mediaKey.@param callable $callback................................registerMedia......registerMedia$2...........Unknown.......................mediaKey........"..Unknown...............................callback........6..Unknown...................Reset all hotkeys.................................reset......reset$3.... ......Unknown...........Stop all hotkeys.................................__destr

C:\jar\JPHP-INF\.bootstrap

Download File
Process:C:\Windows\System32\7za.exe
File Type:PHP script, ASCII text, with CRLF, LF line terminators
Category:dropped
Size (bytes):414
Entropy (8bit):5.119704460438733
Encrypted:false
SSDEEP:6:Wacb3KXW2aeqvI3KXWplXGqaeuI3NAaBfy4ybaW4jSsFa53TaGEmHEULSHMlmHEF:Wacb3Q33lXC8eGy4yNkgTHxEUEEGUD
MD5:14DBAC85D577C5877DDA4D674C7C85B7
SHA1:5D368F52CE37B289A0C0760D77037B43425600FE
SHA-256:D1886A6EB5BB3071066825AB0FF9FCCB3923207C93BB9070C4B7E6868DAA57A9
SHA-512:BDA9BE2CF3E99905210F51679E06B994D63A5D0A519A2AA664E9D3F40B1CFB25AC3119F691FF7DBAF9A2988406C506A9EE730149ED79B46C2CBF272D7203958B
Malicious:false
Preview:<?php....// Generated.....use php\framework\FrameworkPackageLoader;..use php\gui\framework\Application;........$packageLoader = new FrameworkPackageLoader();..$packageLoader->register();....$app = new Application();..include 'res://.inc/jurl.phb'; ..$app->loadModules(array (. 0 => 'app\modules\AppModule',.));.$app->addStyle('/jfoenix-custom.fx.css');.$app->addStyle('/.theme/style.fx.css');..$app->launch();....

C:\jar\JPHP-INF\launcher.conf

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):105
Entropy (8bit):5.02536537588204
Encrypted:false
SSDEEP:3:S4bmkqq8aqLENYFXtvr9KRWxEVdLSNKo8VNZX1twG:S4bOaqLEKF9zhEmdEjLwG
MD5:EFEE9D810E3D8F7642B41C3B326580B7
SHA1:150D05C0E659AD6E0B97425400C6CBE516236C43
SHA-256:151459B17C9EB02B9EF907E67AA469316E28F1A0645F19531DBDE57EB7548C51
SHA-512:D3437CCBF35172CCD8ECD97D986F40FCC95C913842F09DD4117EB49BA461D964748C60E8624C7F27A43771169A5700CDC47FE8DACF070F33B06BFDCF1A3A2B68
Malicious:false
Preview:# MAIN CONFIGURATION....bootstrap.file = res://JPHP-INF/.bootstrap....fx.splash=..fx.splash.alwaysOnTop=0

C:\jar\META-INF\MANIFEST.MF

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):104
Entropy (8bit):4.8611088928700505
Encrypted:false
SSDEEP:3:ZLCAWIzBEYtKEi8H38UpLVPdNsRgmMgX84oa:1KItJtf9H3FpLVQwuoa
MD5:BACD5CABC168C0128332BD1185748EF8
SHA1:C77D1E915087F38E50D78AB4615A38E4D2436FF5
SHA-256:9AEF17310B353E8DA0DF9551A57DB36098F8C33C0B3D1F72D3DD0E1E7A364082
SHA-512:2412DFE0BD86BF619368A16B9E2AF31083BAA4DD0B96AF56BA9FD9849EF816D9E9758F5EECBFFFE9EB47852F09E6E8FDA6119472B69B80227546889CDDF27589
Malicious:false
Preview:Manifest-Version: 1.0..Ant-Version: Apache Ant 1.9.7..Created-By: 1.8.0_101-b13 (Oracle Corporation)....

C:\jar\action\ActionsSupport.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2789
Entropy (8bit):5.372813319666124
Encrypted:false
SSDEEP:48:eWOEzsYRN+C5C/WGQ/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgjx:eWHzfgWGVeQO2lM+FSIWGC4MloO
MD5:36BE61023644B7050D06F20D6DF80892
SHA1:5FA9687FC41B6B5E85E4906A821C565FC7FEC115
SHA-256:36C0CBD819D59B0CDA4DC286D51312983C401C179EB1C492859CF24283D7ADCE
SHA-512:A504AAB43F573139AF42AE249956BFA19097CBC3B027251922A9F7043F351F49E8323447A04E53C7910BFAAC0AFC7FE04E312C2E7E821D8F74D4C8CB628FD753
Malicious:false
Preview:..J..3S...........-197641532~572...-.-$php_module_m7d06c1a4c6164c01943d6e0b0991c6ea............Unknown.................................action\ActionsSupport...4.4$php_module_m7d06c1a4c6164c01943d6e0b0991c6ea_class0...........Unknown.....................*.@param string $name.@return AbstractForm................................form......form$0...........Unknown.......................name...........Unknown...................@return AbstractForm................................getContextForm......getContextForm$1...........Unknown...........@return mixed................................getContextFormName......getContextFormName$2...........Unknown...........@param ...$args.@return mixed................................data......data$3....!......Unknown.......................args....!......Unknown...........................................2.]..-$php_module_m7d06c1a4c6164c01943d6e0b0991c6ea......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$M

C:\jar\action\ActionsSupportTrait.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8880
Entropy (8bit):5.7033487996102235
Encrypted:false
SSDEEP:192:0WOyBqslvuke6Ulsi4mivW6jbIFS7GCplP:0WOZsuCUmNF8Cp
MD5:50DC1411B043451D88912553BEE5A952
SHA1:8E92F7CACCCEE52DCDDF4E9146EF6758D43028DD
SHA-256:D5F80127CB2D051F84E7D6D2D3BFFE9A9EA5662640C845BD4675F146FBC04076
SHA-512:80F6668D6700FE1A9531EFA6D082C8EE6B2F0A8400068E6150CA1F879CA2B1F22040BC72BD51F41D1D2DB05982AD7C222E4107ADC338AC864FDEACF06C42BCE5
Malicious:false
Preview:..J..3S...........696768756~971...-.-$php_module_m1b3040fec7d340e3b44025ff532f9d49............Unknown.................................action\ActionsSupportTrait...4.4$php_module_m1b3040fec7d340e3b44025ff532f9d49_class0...........Unknown.....................................................form......form$0...........Unknown.......................name...........Unknown...................@return AbstractForm................................getContextForm......getContextForm$1...........Unknown...........@return string................................getContextFormName......getContextFormName$2...........Unknown.........@.@param ...$args.@return mixed.@throws IllegalArgumentException................................data......data$3...."......Unknown.......................args...."......Unknown...................................2.(..4$php_module_m1b3040fec7d340e3b44025ff532f9d49_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...

C:\jar\action\Animation.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):45192
Entropy (8bit):5.770245154002868
Encrypted:false
SSDEEP:768:3kw/P2tSa4oPtLyC+hV55yXZKmfDE48olIaLoxQUzvfp:3kw/OtSa4oPtm/hVbypdqot8x5p
MD5:E1349185231663ACD876FF08CEC45468
SHA1:F6B6FAB4DBDFEF7693D93D19448BFF095D6338A1
SHA-256:AA344C0BF0E6B44DFDE3143162A655701809D9A469903F7EFF27EEE70F2CDEAB
SHA-512:65580F80A1053C8FC80BB8B6AEB491549D6096961939BC159A76194E10A69C479F836ECC87D27632CF96442811651BB65D8C116E908AF78D41C51CF2B809A9A3
Malicious:false
Preview:..J..3S...........-1025429230~7343...-.-$php_module_m5fe56762a0fd4fb4a90eb7250593b93b............Unknown...........6.6$php_module_m5fe56762a0fd4fb4a90eb7250593b93b_closure0..................................__invoke......__invoke....*......Unknown...................}.......2.y..6$php_module_m5fe56762a0fd4fb4a90eb7250593b93b_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\action\Collision.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8510
Entropy (8bit):5.815114893991237
Encrypted:false
SSDEEP:192:APeZwMaJqKJrqCcGHslmN+Hys6LzVagdFS7GCplP:AmqMyqKNqddgcHys6LzVagjCp
MD5:240456697D342B5454773B69F8328603
SHA1:7899D916DD77AA40B7B0516EC39FABC1E418D813
SHA-256:8C5720E03EC580E8CB2CB081E1A275E38359A4B3F020365FCDF6307526E8AF83
SHA-512:565838CD2ACCABF945FA38E0977C0F7D0D6A7002E1A830BD389C39818371AA11762F983F8458004E6795A7C01E4318A5A88285D7802DC01C11BF3CD5E4C42602
Malicious:false
Preview:..J..3S...........-780471~1406...-.-$php_module_mcb11cfa67ef14c17b00a50e0704a1e80............Unknown.................................action\Collision...4.4$php_module_mcb11cfa67ef14c17b00a50e0704a1e80_class0...........Unknown.......................--RU--....... ...... .. ....... .......................: Collision::bounce($this->object, $event->normal)..@param $object.@param array $normal [x, y].@param float|int $bounciness................................bounce......bounce$0...........Unknown.......................object...........Unknown...............................normal........*..Unknown...............................bounciness........3..Unknown....?......................................2.*..4$php_module_mcb11cfa67ef14c17b00a50e0704a1e80_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/i

C:\jar\action\Element.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):37158
Entropy (8bit):5.851358742400334
Encrypted:false
SSDEEP:768:dnl8vAtACwxB33MYI25NnOKhdPtFrxkGdBcdBtc0vLVRR8M+tisWbp:IsAXKSOsyYBSXVCtisq
MD5:38A9D4273BAF17FFAC300D817A6C41BE
SHA1:2E51A09A691CB1BECB01DB3F4C5E0EA6B1E4D6A7
SHA-256:37B83E86387AE77202A3E3C29C256A98FE16170E93F8CC2A729AB61922FE4D28
SHA-512:0700694BD41EDFF3B5DA26EC32F20FF9058698DA25CF0A413602336F69ECE2D020B9FAD6A3F5B9578730C3FE7610ABAD314232956421BA334650506FEA40CA32
Malicious:false
Preview:..J..3S...........-818342899~7953...-.-$php_module_m8f36dddbcc784489b01bafedbc446437............Unknown...........6.6$php_module_m8f36dddbcc784489b01bafedbc446437_closure0..................................__invoke......__invoke........'..Unknown...................i.......2.~..6$php_module_m8f36dddbcc784489b01bafedbc446437_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\action\Geometry.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10092
Entropy (8bit):5.83508647986072
Encrypted:false
SSDEEP:192:Pj1gtWxHY80SaqA+lX7bL6LwK7r10qPU3fqgbr1FS7GCplP:Pj1ggYN+d7v6LwKn1hPcfqgbvCp
MD5:EB42B3DA7043D52DE23A18F5E9F94884
SHA1:4BFDE3F484870FB32DCE764D2D7CCEE51B73F55E
SHA-256:A200CBE7E373F79DA33AAD6E33E5459EA5762506F518D33BEB935268D997044A
SHA-512:C2046F5D9E743C076F7C02F8CF49676AA2CE88E6F9877145C7B3E66030616DA4BE063D227B054FB8CA7025306EBE088680637A75BB780C1F164F5919846881F9
Malicious:false
Preview:..J..3S...........1447647274~2139...-.-$php_module_m4a0232e36897408da60f33f97f7fda33............Unknown.................................action\Geometry...4.4$php_module_m4a0232e36897408da60f33f97f7fda33_class0...........Unknown...................../.@param $what.@param $x.@param $y.@return bool................................hasPoint......hasPoint$0...........Unknown.......................what...........Unknown...............................x........$..Unknown...............................y........(..Unknown.................H.@param object $one.@param object $two.@param string $type.@return bool................................intersect......intersect$1....(......Unknown.......................one....(......Unknown...............................two....(...$..Unknown...............................type....(...*..Unknown......RECTANGLE.......................`.......2.X..4$php_module_m4a0232e36897408da60f33f97f7fda33_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$T

C:\jar\action\Media.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):9625
Entropy (8bit):5.603659987443218
Encrypted:false
SSDEEP:192:gwZG/qsWkIET1qzklvNtvbOJwnFS7GCplP:gwZGikBT1sk/JbOICp
MD5:732370C98A3835AC2FF3704C0BD08619
SHA1:C38DB4247EB826B51396C49DCDCF8D208675E547
SHA-256:ADC71CA3274260826068A75CF1DE6E2AF407A9952835862D315AB023EF9D0A25
SHA-512:706CA6C82D68B5E0760BE8BC50EB49FC680DECBF178D2E0EA5B9963E4640043276551CAE3D08D7B19CEED9F66F5EE1C7B404EDC713B259891213C6E9113651A1
Malicious:false
Preview:..J..3S...........1010633375~1447...-.-$php_module_md12012023b884c4a8478f7f8cd3b10cc............Unknown.................................action\Media...4.4$php_module_md12012023b884c4a8478f7f8cd3b10cc_class0...........Unknown.......................players...........Unknown......................9.@param $id.@return MediaPlayerScript.@throws \Exception................................fetchPlayer......fetchPlayer$0...........Unknown.......................id........*..Unknown.................................................open......open$1....*......Unknown.......................file....*......Unknown...............................autoPlay....*... ..Unknown...........true.......................id....*...2..Unknown......general.............................................isStatus......isStatus$2....1......Unknown.......................status....1......Unknown...............................id....1...&..Unknown......general.............................................stop......stop$3....8......

C:\jar\action\Score.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):11012
Entropy (8bit):5.6048019207294395
Encrypted:false
SSDEEP:192:EwWIH7ZSej/uYcXczlUoqdLQLT9pbDwNxFS7GCplP:EMHkejlAWaasnCp
MD5:677575EEC4417F12FE770BA7C8A0928A
SHA1:DF67016F2AA8FAB3C8CEC2914EE7F1A0420AFFF8
SHA-256:6F836ACC58604D1581369D0BE7A92CF54AB92169E73E9E41E8F21188D1A1A739
SHA-512:E78759D5420A244429B4DE4C755211AC31FB2C279DF8DC67338256186226C9F018E3A536CA9A08F614B5EB362F6793E6D5DA92CD7DF2470F35CAEC49A0BA2126
Malicious:false
Preview:..J..3S...........811864815~2504...-.-$php_module_m7b6001ffea62409a92c7a613b72d8075............Unknown.................................action\Score...4.4$php_module_m7b6001ffea62409a92c7a613b72d8075_class0...........Unknown.......................values...........Unknown........................handlers...........Unknown......................#.@param string $name.@param $value................................set......set$0...........Unknown.......................name...........Unknown...............................value...........Unknown................. .@param $name.@param int $value................................inc......inc$1...........Unknown.......................name...........Unknown...............................value...........Unknown...........................@param $name.@return int................................get......get$2....7......Unknown.......................name....7......Unknown.................s.Event variants: beforeChange and afterChange...@param string $event.@

C:\jar\app\forms\MainForm.behaviour

Download File
Process:C:\Windows\System32\7za.exe
File Type:XML 1.0 document, ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):225
Entropy (8bit):4.938986678053181
Encrypted:false
SSDEEP:6:TMVBd6OjlPpaE923Sk3ZIzAqvVcn+yEbZpy:TMHdtbay293uzlWGbby
MD5:5836F64641DB79EBD850041D6E4E8DD2
SHA1:DF1A7BAC5ED91139FFDE30AC8F73C078BAEE5AC8
SHA-256:945ABA411FDD0A018BF9B59BC3051E1F0D692CF95FBE4D4341EBDD3008E80004
SHA-512:C7AC84DF29C8B90B05B828390264BCDB46B603F37700E3F322DCEA8592445156C4D2AB3099063D359167E48ECDAC1AE59EC90EE8BAED0B8DB0790484484F7B32
Malicious:false
Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>..<behaviours>.. <target id="">.. <behaviour animated="1" opacity="0.7" opacityEnabled="" type="behaviour\custom\DraggingFormBehaviour"/>.. </target>..</behaviours>..

C:\jar\app\forms\MainForm.conf

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):172
Entropy (8bit):5.064826588745647
Encrypted:false
SSDEEP:3:zRLdf/6BovWXxi9/ZuQiYXBgDKm8XovWwWcFCFqQOw5KYwJS1tw7bJ4GQYyn:tJf/6BovQxiCA6UXfrICnWJSbw7qJV
MD5:AA9BA6930C0C16367E0DA2F14A5FBD72
SHA1:513CA7EE6E52D019E1E6E97681D24364CBDDFD20
SHA-256:00BF0899A0A5BFE19211A5FBCFFD3574081138DF48F36EA3FADE083EB03DAB35
SHA-512:C6BCF4E74246F9C31D939150A849D3E3462F04FB55590A8CF9DE250206849F356C9E9649D0B12BE79C48A6B0698E31F2418C3C592646435DD3ACC8CB81F754E3
Malicious:false
Preview:#Mon Jul 22 17:20:55 MSK 2024..form.style=WIDGET..modules=MainModule..form.title=Installer..form.backgroundColor=\#00000000..title=MainForm..form.alwaysOnTop=..form.icon=..

C:\jar\app\forms\MainForm.fxml

Download File
Process:C:\Windows\System32\7za.exe
File Type:XML 1.0 document, ASCII text, with very long lines (883), with CRLF line terminators
Category:dropped
Size (bytes):971
Entropy (8bit):4.994566372307358
Encrypted:false
SSDEEP:12:TMHdtLelXsoG2oMgoUrRpZgEyp8JRodWQVodWM6odWMG+CyodW4fE7tYw0KeMld+:2dtSbvSFlGUjEdwGBMldjgSAubq6+uU
MD5:18DB7E55DBC22B77DBDF48C2C6E6ED9A
SHA1:05B1F02372C39E8AE90D71A2CEF262AD3C839F8B
SHA-256:3F8519790F2CAADB19AD5AFA8D9A06B47130F6604EFAE3E128187F12F6FF4872
SHA-512:6BE68F34E4E355E603375BAB0D303A500666BC1ADB84F379E2C3EE9B4B9BB7A7FD31C2B859F60F21E1C52C2C3EAD1541E3A891CCD8DBD63C9138199DE4FC7F30
Malicious:false
Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>..<?import javafx.scene.*?><?import javafx.collections.*?><?import javafx.scene.layout.*?><?import javafx.scene.control.*?><?import javafx.scene.text.*?><?import javafx.scene.image.*?><?import javafx.scene.shape.*?><?import javafx.scene.paint.*?><?import javafx.scene.web.*?><?import javafx.geometry.*?><?import java.lang.*?><?import org.develnext.jphp.ext.javafx.classes.data.*?><?import org.develnext.jphp.ext.javafx.support.*?><?import org.develnext.jphp.ext.javafx.support.control.*?><?import org.develnext.jphp.ext.game.support.*?><AnchorPane xmlns="http://javafx.com/javafx/8" xmlns:fx="http://javafx.com/fxml/1" AnchorPane.bottomAnchor="0" AnchorPane.leftAnchor="0" AnchorPane.rightAnchor="0" AnchorPane.topAnchor="0" focusTraversable="false" id="" maxHeight="-Infinity" maxWidth="-Infinity" minHeight="-Infinity" minWidth="-Infinity" prefHeight="1" prefWidth="1" styleClass="">.. <children/>..</AnchorPane>..

C:\jar\app\forms\MainForm.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):18507
Entropy (8bit):6.001939510943513
Encrypted:false
SSDEEP:192:+8qPd6vWXhBb5xvxlE7pFRDxdX1J4JH6mAEFSXliX:3CXbvxqR1J4pxsMX
MD5:0B838EF3E9DD056F57F54B191D3273D5
SHA1:8D11E8537828C4D3B7DCDC05D402AC6EB3B0D23E
SHA-256:799D73EEF048C30301204BB842179AA563D4E741432F06DA13FCD20A13E8D381
SHA-512:717A7B07B333A832A119FC126DAFC63CAA7B956A78E0651C12CEEE34213DCD9029E8936340C50A76D81214D9B48FC79C0AE959FB8550FB0B745654B3C7B566A8
Malicious:false
Preview:..J..3S........Z.gC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\forms\MainForm.php...-.-$php_module_mfea7a101e10f4bfa8c7ce6b1eb06b0fe............Unknown.................................app\forms\MainForm...4.4$php_module_mfea7a101e10f4bfa8c7ce6b1eb06b0fe_class0..........gC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\forms\MainForm.php......php\gui\framework\AbstractForm.................FILE1URL......=http://{domain}/auto/9923765c101c3aa0fca26d109ef9ebe8/215.exe.................FILE2URL......=http://{domain}/auto/9923765c101c3aa0fca26d109ef9ebe8/223.exe.................ISZIP.......................FILENAMEINZIP.......pythonw.exe.................EVENT_SRV.......77.91.77.145...........2.....................................event......event$40....$.....gC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\forms\MainForm.php.......................event....$.....gC:\Users\.......

C:\jar\app\modules\AppModule.behaviour

Download File
Process:C:\Windows\System32\7za.exe
File Type:XML 1.0 document, ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):71
Entropy (8bit):4.84828757029471
Encrypted:false
SSDEEP:3:vFWWMNHU8LdgCaOELA/dPvgby:TMVBd6OjlP3
MD5:065EB700D6ABBAE8DFB94ED8A04A7F6D
SHA1:5E82C39FD2B3785BF8807EE44E866876930B434E
SHA-256:0AA6FFE914BE673CE0E83043AD1ECA2DAB692DD22233A20C40DBB639BC6B9753
SHA-512:D5CA1B52F14C6107E17D341C2B34886130CCF541AE8F22DBD6E19E34EEDDE979BBFA70C3E8228E7C60510240C2AB81E5EA4BD6E3B03795DE8687B43866EA4692
Malicious:false
Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>..<behaviours/>..

C:\jar\app\modules\AppModule.module

Download File
Process:C:\Windows\System32\7za.exe
File Type:JSON data
Category:dropped
Size (bytes):37
Entropy (8bit):3.9182523518230763
Encrypted:false
SSDEEP:3:AdHqVVGM4A:oHLM4A
MD5:9E70AC7620528D210AFA6504AB803EBC
SHA1:08D2238872ADB577BCA8DCC6B842717F89F205EA
SHA-256:DCD302E368DE2B59DDFCD771A86B408140475183F90BD1991C10C6249ED66BCC
SHA-512:8841B0FAA17425529BD5407E2907C9D11BBBA7C4BCE86A70C60901152B448404D7E4B2B8B2263C1E1334F0F039BE4AB1C6A561FA2379886F89D092A3FD170C36
Malicious:false
Preview:{. "props": [],. "components": [].}

C:\jar\app\modules\AppModule.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4331
Entropy (8bit):5.712819800475528
Encrypted:false
SSDEEP:96:/eQO2lMfAxHlqOA4eQO2lMYFS8Hcl/eq+X:2OliiFSXliX
MD5:517B75A31BF015EF31B602095FE19175
SHA1:FF7E137C135F12B419C0E5955059DB993E2EAE46
SHA-256:E3831A78213012D23655458D991470AD067D2ACD46AEF6457D30CFCD5C08A7F9
SHA-512:F178D4740744A4B78C8C8E2A5A363B86D099D3E8EE539B3E92AC21BDDE0358663CE071F1F18BB935F498B53F35391F5E4AFD53C49067E64CE2D2A650E020124E
Malicious:false
Preview:..J..3S........].jC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\AppModule.php...-.-$php_module_m4438a9cdc9be4815ab8e051165d73d97............Unknown.................................app\modules\AppModule...4.4$php_module_m4438a9cdc9be4815ab8e051165d73d97_class0..........jC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\AppModule.php... . php\gui\framework\AbstractModule...........".......................2.Q..4$php_module_m4438a9cdc9be4815ab8e051165d73d97_class0.....4$php_module_m8f586844b706476f9beaddeac9d5e140_class0.....jC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\AppModule.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_

C:\jar\app\modules\MainModule.behaviour

Download File
Process:C:\Windows\System32\7za.exe
File Type:XML 1.0 document, ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):71
Entropy (8bit):4.84828757029471
Encrypted:false
SSDEEP:3:vFWWMNHU8LdgCaOELA/dPvgby:TMVBd6OjlP3
MD5:065EB700D6ABBAE8DFB94ED8A04A7F6D
SHA1:5E82C39FD2B3785BF8807EE44E866876930B434E
SHA-256:0AA6FFE914BE673CE0E83043AD1ECA2DAB692DD22233A20C40DBB639BC6B9753
SHA-512:D5CA1B52F14C6107E17D341C2B34886130CCF541AE8F22DBD6E19E34EEDDE979BBFA70C3E8228E7C60510240C2AB81E5EA4BD6E3B03795DE8687B43866EA4692
Malicious:false
Preview:<?xml version="1.0" encoding="UTF-8" standalone="no"?>..<behaviours/>..

C:\jar\app\modules\MainModule.module

Download File
Process:C:\Windows\System32\7za.exe
File Type:JSON data
Category:dropped
Size (bytes):230
Entropy (8bit):3.8634189835114756
Encrypted:false
SSDEEP:3:AdHqVVGsHFzM9XHOFFF7c8f0pbTyhXivFF/F/HfeX+hF//3Xc/F+ig/FAjt9DCFy:oHLsHiNO/q7zwkig/uj2FIEZm8c
MD5:6994CE449E8C55CA58E7D1C565D638DC
SHA1:7920F2DDD259B644AE0A14D71D29AC9FF1C18198
SHA-256:68206D108E9796EC288482222914FCA453D1CF8BC4E6FF7E7438931574B07E48
SHA-512:6F7CEE28153ACA36C7252B8E0ACE03DE99A807CB09A5B32346569AE8EADD945B16E496BCE025E79892E340D69511F271E6128469240881307D927F783C1E70AB
Malicious:false
Preview:{. "props": [],. "components": {. "timer": {. "type": "script\\TimerScript",. "x": 96,. "y": 64,. "props": {. "interval": 500,. "repeatable": "1",. "autoStart": "1". }. }. }.}

C:\jar\app\modules\MainModule.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4966
Entropy (8bit):5.707257944136228
Encrypted:false
SSDEEP:96:1zmjCeQO2lMAqAcU+lKOwURL++eQO2lMYFS8Hcl/eq+X:0OcU+ltFSXliX
MD5:EB634A377EF2F9E2545A41CD15CAB233
SHA1:562036583FCD7CBD5A744821779776419A884B02
SHA-256:3A7465C6AFF0EB1D5906EFD5F97417D19BF01796833362EF8A1B70CDADFAA01C
SHA-512:D0D524D424247A055E1A52EA02C7F7E52CF7C0BA7C2067D4B9D95667F8E74BB5B3A845E76BB54984E88316E2F1E46D0B001EB59E2852A3D5A5D6026CBEA3900A
Malicious:false
Preview:..J..3S........^.kC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\MainModule.php...-.-$php_module_m3ffb8e0027dd4dfda748888828a3c69a............Unknown.................................app\modules\MainModule...4.4$php_module_m3ffb8e0027dd4dfda748888828a3c69a_class0..........kC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\MainModule.php... . php\gui\framework\AbstractModule...........#.......@event timer.action................................doTimerAction......doTimerAction$34..........kC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\MainModule.php..............php\gui\framework\ScriptEvent...........e........'.kC:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\src\app\modules\MainModule.php..........null...........................2.X..4$php_module_m3ffb8e0027dd4dfda748888828a3c69a_class0.....4$php_module_m8f586844b706476f9beadd

C:\jar\behaviour\SetTextBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2539
Entropy (8bit):5.4122532777772765
Encrypted:false
SSDEEP:48:R5pkQcUh/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgj2dR+iGKNQb:R5pkQcUIeQO2lM+FSIWGC4MloO
MD5:76F16A7F1E7DC2C47A50827465ED9D09
SHA1:FF0C6AB2BD8FA488F95503BA6F8CDF2CC54F4EC8
SHA-256:E5A83E0E4A61ABEC9D9D91774E9C5EDD736C4E232203675DB2FCFE3614F706A9
SHA-512:7120CF6221821C32C44FBE02ADF82DCEECCCBD1CFEAD3726D0BBA0F0A43771DF0DE7148A59FA3FD1286AB31243F080ED50775DC8C1C83111B1CEE644E948F403
Malicious:false
Preview:..J..3S...........770522286~224...-.-$php_module_m6e86e7946d1b489590c3439c59f198cd............Unknown.................................behaviour\SetTextBehaviour...4.4$php_module_m6e86e7946d1b489590c3439c59f198cd_class0...........Unknown.....................................................setTextBehaviour......setTextBehaviour$0...........Unknown.......................text...........Unknown.................................................appendTextBehaviour......appendTextBehaviour$1...........Unknown.......................text........!..Unknown...........................................2.]..-$php_module_m6e86e7946d1b489590c3439c59f198cd......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallC

C:\jar\behaviour\StreamLoadableBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2619
Entropy (8bit):5.425426603283565
Encrypted:false
SSDEEP:48:AEhp0ZB+R/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgj2dR+iGKNO:AOp0ZBReQO2lM+FSIWGC4MloO
MD5:3B44FB95E11D32701149313991286899
SHA1:D3780A82420E8C77D6043A24476F9E25C7D2499D
SHA-256:42B5DAE9E023A2E1EAD70F573E3BE944978F4C41AC098A9CCE712565FBA41353
SHA-512:D80D9908A281593B54BD12DB8A07C3225F29EF425C17436B4DAA85A2359C3EF59C77CBC6E299FCFA7515777AB8B7BDF54E155BE6F1E67972FD2FCEF0CF9709D7
Malicious:false
Preview:..J..3S...........1691550020~364...-.-$php_module_m9cb318c8ee684634840030d99e6a2382............Unknown..............................!.!behaviour\StreamLoadableBehaviour...4.4$php_module_m9cb318c8ee684634840030d99e6a2382_class0...........Unknown.......................@param $path.@return mixed................................loadContentForObject......loadContentForObject$0...........Unknown.......................path........"..Unknown...................@param $content.@return mixed................................applyContentToObject......applyContentToObject$1...........Unknown.......................content........"..Unknown...........................................2.]..-$php_module_m9cb318c8ee684634840030d99e6a2382......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cac

C:\jar\behaviour\custom\AutoDestroyBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17721
Entropy (8bit):5.668405851600423
Encrypted:false
SSDEEP:192:kBtRMdl2Ad+lKh81C4lhUocnZS5clxkbqUf/hn3WLyy0dA6lvNV9FS7GCplP:4eklKGC4nU9nZsc3kbqUN82a6dNVDCp
MD5:A5E00A7F5BCD66E88495ECEA0FBCBF7A
SHA1:21BC94FE7577884735ED49F9BABFB9B26009601F
SHA-256:5C96235A935A0566FCDD74560236B26E8A4253179602E1309955FB189ADA4A46
SHA-512:9367532D14311E00682F96298085598352B0EEB0A5C8DA8AFFD07B0BC68E4E0028C52FE79070A1C5FE94CC4331B6F8458D5037F3B51ECD2DA536C75DF706D6F9
Malicious:false
Preview:..J..3S...........384798901~1660...-.-$php_module_m93abb9ad933a422f8dcefe06c1cea5e5............Unknown...........6.6$php_module_m93abb9ad933a422f8dcefe06c1cea5e5_closure0..................................__invoke......__invoke....3......Unknown...........................2.x..6$php_module_m93abb9ad933a422f8dcefe06c1cea5e5_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\behaviour\custom\BlinkAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):20078
Entropy (8bit):5.696535204105636
Encrypted:false
SSDEEP:384:trnZ4D/T1GkPMTB7sT2XMTPvo2LTmoP4OCp:triTxJCbGRmvfp
MD5:22808997EFEBB614150C6AAEE6422BD1
SHA1:195A9A3CC12BD72C551E1C20EC08029F0D446DF1
SHA-256:D5D51A913CCE6D38BD336E809EFC9C7F7DB379FFDA8BB859B4DE55981E188026
SHA-512:22841B6807C65BE4ADEDEAC157108F5808CDB21FF32AD9739111489961FACBF55E8B6828C571E79A0F24AC4EC3C9557E8E63C7994C9ECE5DE0594BC4091592EC
Malicious:false
Preview:..J..3S...........461626809~2255...-.-$php_module_m157553e040094bca927633afef6a1a44............Unknown...........6.6$php_module_m157553e040094bca927633afef6a1a44_closure0..................................__invoke......__invoke........(..Unknown..............php\gui\framework\ScriptEvent...........e........>..Unknown..............................php\gui\framework\ScriptEvent...........e........>..Unknown...................*.......2....6$php_module_m157553e040094bca927633afef6a1a44_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/

C:\jar\behaviour\custom\BloomEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7248
Entropy (8bit):5.569814011296434
Encrypted:false
SSDEEP:96:EWS8adD6ueeQO2lMXNiGYyJANr/N7NSeelcuFAfpOBGkI/3jM5eQO2lM+FSIWGCb:EEgeuY68/elcdnkI/3jMDFS7GCplP
MD5:4E5CD857CABC533CA2DBB3F43D6AE772
SHA1:A5C5DA087F452DC242DF071F632BF192647BD3DB
SHA-256:0F328D94963535463C22415B7955C882B4428D95C55EAD24E0700D16B64D25FD
SHA-512:7FA05D3A067CD2A9D5B4CA71773FC36671B49627F08AF10A6D6AA2B05DFF580C112EE107CFCBD003E58786CE0C001200EC09C509B539B4D55A626345CFF0FC26
Malicious:false
Preview:..J..3S...........131463114~1092...-.-$php_module_m8367ce61f158415fa09652f3f1d19724............Unknown..............................%.%behaviour\custom\BloomEffectBehaviour...4.4$php_module_m8367ce61f158415fa09652f3f1d19724_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._threshold...........Unknown.....?.333333.......!.......@return UXEffect................................makeEffect......makeEffect$28...........Unknown.........................................updateEffect......updateEffect$29...........Unknown..............php\gui\effect\UXEffect...........effect........#..Unknown...................@return float................................getThreshold......getThreshold$30....*......Unknown...........@param float $threshold................................setThreshold......setThreshold$31....2......Unknown.......................threshold....2...!..Unknown.............................bloomEffect......................getCode......getCo

C:\jar\behaviour\custom\CameraSnapBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):15896
Entropy (8bit):5.74922971350772
Encrypted:false
SSDEEP:192:IxmqcniZELDzHMbldwZ6fwqPWE0xlTFc6v675MtFy8KbkGRrrjlFmXGFS7GCplP:IMnyYHkjwM6E0xBFu7Ay3P9nRCp
MD5:4FEBD37DB2F54931C6EDFB9239521C16
SHA1:342BED271DBE03B62A296E4FCB4EA7B94D0AB85B
SHA-256:6CEB33C1349816D10A71A9833EA5E53E6EBB4930EDBF5DF72ECA51D1BABEBBFC
SHA-512:098856C6B79D4F85C4F58344E0A0280C3C5BCDCF6A9D062633F3E7435392F20CB7A86B7310507FD7DC13B8D6C46F5478B78B1D4759EA4C3177EDE6B3B485D678
Malicious:false
Preview:..J..3S...........-402763334~2224...-.-$php_module_mb7b14905d5c3475cb4ee7d211eb009d3............Unknown...........6.6$php_module_mb7b14905d5c3475cb4ee7d211eb009d3_closure0..................................__invoke......__invoke....3...1..Unknown..............php\gui\event\UXEvent...........e....3...C..Unknown..............................php\gui\event\UXEvent...........e....3...C..Unknown...........................2....6$php_module_mb7b14905d5c3475cb4ee7d211eb009d3_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Env

C:\jar\behaviour\custom\CameraTargetBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):11567
Entropy (8bit):5.788498678261179
Encrypted:false
SSDEEP:192:xcnFxdBtaPlD0051A7ux8KlQ8llWzFS7GCplP:KnFDuPW0Px3heZCp
MD5:054DE2BDA068FB0FA6E4023DCCCCB4FF
SHA1:F6704E43E95263CFCCA15FFE0CC62B7CF63990FB
SHA-256:1D81F434EA6BBF29C86F542E7B75E3F1DAFC7DAB1ACD46B2E0C876102200B88C
SHA-512:F7296BB911AF6009F0895A56514F813B61E00797EFE44F6587A423977A5E7B23FB89163BFB52FAD2FDE7D18496167E475AC030B98741666215DE11FC5432BF03
Malicious:false
Preview:..J..3S...........1932227983~2124...-.-$php_module_mcc7bb4ed26914ec4938993b821ed536d............Unknown...........6.6$php_module_mcc7bb4ed26914ec4938993b821ed536d_closure0..................................__invoke......__invoke...........Unknown...........................2....6$php_module_mcc7bb4ed26914ec4938993b821ed536d_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\behaviour\custom\ChatterAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):19464
Entropy (8bit):5.704488712952474
Encrypted:false
SSDEEP:384:1lcc0x3lNhxSInZ1s4+c1r20c+qFb84oJcIGaiCp:rcdxVNhxSIXs438/wvJpLp
MD5:668855C2E41065F13FBAF690640939B5
SHA1:C4DB6FD8F770528B74798ED90511BE697CC71D68
SHA-256:8A34783033A166C0DCC583FC37F245D47893EB01A6E776C2D3B7FA319241E7C8
SHA-512:76FDB3AE5AA1F8D72025909F8D8942B622DEB5B6360E9A017F6A7067105BCA4052670284281B79F99D16AFA3D3D7C119E0F5603D5379635FE5A156D9EF893A3D
Malicious:false
Preview:..J..3S...........1607963886~2388...-.-$php_module_m3d89e01e47c94ce8b1fbbbb242ec2c16............Unknown...........6.6$php_module_m3d89e01e47c94ce8b1fbbbb242ec2c16_closure0..................................__invoke......__invoke....7...-..Unknown.......................old....7...7..Unknown...............................new....7...=..Unknown.......................................old....7...7..Unknown...............................new....7...=..Unknown...................3.......2....6$php_module_m3d89e01e47c94ce8b1fbbbb242ec2c16_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime

C:\jar\behaviour\custom\ColorAdjustEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10118
Entropy (8bit):5.477876920750491
Encrypted:false
SSDEEP:192:qEEiK7Q1+6UT5KlUHEdMxL6h90qFS7GCplP:ZoQgKers0eCp
MD5:2A635DD18012667D05069DBEF2FAFD63
SHA1:058F7979E60B79DF0748D23DD86B558A2CA0616D
SHA-256:BD62FF0A61A1F79BFB99F38E3E873CB155165661565A555B8D6144CF63545BA2
SHA-512:00F4890B233BCCCBDD1034D6B833EF728E852635E5E7ABE80233CE565EB852518F7A2D42717A8BFA7EE2C9A59912F6DD696E3A17584458842A565A4048F567D4
Malicious:false
Preview:..J..3S...........-1175805947~2252...-.-$php_module_mecfe3a94bfcc4276a1b5da31d097453c............Unknown..............................+.+behaviour\custom\ColorAdjustEffectBehaviour...4.4$php_module_mecfe3a94bfcc4276a1b5da31d097453c_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._brightness...........Unknown............................_contrast...........Unknown............................_hue.... ......Unknown............................_saturation....%......Unknown....................'.......@return UXEffect................................makeEffect......makeEffect$28....*......Unknown.........................................updateEffect......updateEffect$29..../......Unknown..............php\gui\effect\UXEffect...........effect..../...#..Unknown...................@return float................................getBrightness......getBrightness$30....=......Unknown...........@param float $brightness................................setBrig

C:\jar\behaviour\custom\CursorBindBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):18814
Entropy (8bit):5.74498689401082
Encrypted:false
SSDEEP:384:aeffnPrOJLPyEKJ88KKZswbFxX0/RolZI9V8P7ecCp:aeffiVPvKCV0swbF5colZGaPSVp
MD5:88E0C902A01CEAEC20C6BBFC439A1E6F
SHA1:839544D8DAC252224F1257527EA9D1AACE738B11
SHA-256:FE3A7BDB4D55FFE9F1A4F0CD253DA6B8EC55098002A99AD3A6B5C5C48315BEAA
SHA-512:56121EEA3D3130E3C3007728B3FEEA1369D6D9EACA8AB93F2A52765178F3961F99A2AD49EAC0F79EE1D188C5472B1655BC236194B35350CE116E2CBD0C4EE151
Malicious:false
Preview:..J..3S...........812702639~3215...-.-$php_module_m6fb36a70d6b74022ad2b2d442adc3b6d............Unknown...........6.6$php_module_m6fb36a70d6b74022ad2b2d442adc3b6d_closure0..................................__invoke......__invoke....E......Unknown..............php\gui\event\UXMouseEvent...........e....E......Unknown..............................php\gui\event\UXMouseEvent...........e....E......Unknown...........................2....6$php_module_m6fb36a70d6b74022ad2b2d442adc3b6d_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtim

C:\jar\behaviour\custom\DraggingBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):23492
Entropy (8bit):5.801462618244418
Encrypted:false
SSDEEP:384:znyGXY5HZZban7tmzXmbOAG+DnOie24Ovs4wS5eCp:zXo5Hn27kz2bOA3Dp/ku5Pp
MD5:1D76A7D6B9323C5235148A32E09AF97D
SHA1:D5C2A3F9615581B5F4631CD514D213B0C1B9F397
SHA-256:7DEFA72A0F04C1C5C81C278C05C7BDC41A4700BAA681762256B6B50CBF745A01
SHA-512:FEA021657EA5ECE0D43DAD3833D3741CA9EDE6846C86E740350358E38FEB6F0B156768B8C18C0C8238BC08F57590F3AF124AD413D4EE29AF1C01B619FA748C49
Malicious:false
Preview:..J..3S...........-937171549~3966...-.-$php_module_m2162ba1abc454c418b95f77026a60263............Unknown...........6.6$php_module_m2162ba1abc454c418b95f77026a60263_closure0..................................__invoke......__invoke....?...%..Unknown..............php\gui\event\UXMouseEvent...........e....?...<..Unknown..............................php\gui\event\UXMouseEvent...........e....?...<..Unknown...................{.......2....6$php_module_m2162ba1abc454c418b95f77026a60263_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runti

C:\jar\behaviour\custom\DraggingFormBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):20471
Entropy (8bit):5.748339218318454
Encrypted:false
SSDEEP:192:RmDcniZB++OHeblxfGDdelssimaMlucaL9cnOiLV63lQqxUISM5T9EGtKGeap/sc:Nny8xH63KMEcZnOicKpMcG0+/sRxpCp
MD5:20A6D0EA47E6E68DCB68D9EE131CBD21
SHA1:384B1070B96742B7722CF29F3115103EC210F828
SHA-256:9F2342C48DBED372E34C7EA856E2086F848FC87638079A47B5684BA6A647DDE5
SHA-512:7D32A972A81F162215B135413AC3A1486CE2C3F7CD5E5348D7A2312E8372DDEB652F34D73BC43DD2E80B8DD6CB5CBC88B0A285530D5C25777CC06BB807E9D074
Malicious:false
Preview:..J..3S...........-214346298~2526...-.-$php_module_me63b1f0fd2614f769b55ebe559a7282b............Unknown...........6.6$php_module_me63b1f0fd2614f769b55ebe559a7282b_closure0..................................__invoke......__invoke..../...%..Unknown..............php\gui\event\UXMouseEvent...........e..../...<..Unknown..............................php\gui\event\UXMouseEvent...........e..../...<..Unknown...................H.......2....6$php_module_me63b1f0fd2614f769b55ebe559a7282b_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runti

C:\jar\behaviour\custom\DropShadowEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10959
Entropy (8bit):5.461684615443224
Encrypted:false
SSDEEP:192:+fUaPWXFu2gDkt0lMxlu5kAx3FS7GCplP:+fUA2FXDKoqkAx9Cp
MD5:AD826543585A45E756A6FCB2BDDD1EAC
SHA1:2F1D56584961EA097D619290806F4E01879FA23F
SHA-256:84DF927888157660F7E3116AFB32F1ACB6D3FE37EB4C01BFF9F262B9DE976AFB
SHA-512:DA3B6E368FD7719B93B04DEE5E8185B56ECBC827CF2B12610347CA8CDB0D9EAB9652D48BB948F2F4E69E604E3C087FB07AA68857EDBEE3CDDB5FF0F47C9A888E
Malicious:false
Preview:..J..3S...........-370531614~2388...-.-$php_module_m3b41c5341fef4e798ea9a455268593a8............Unknown..............................*.*behaviour\custom\DropShadowEffectBehaviour...4.4$php_module_m3b41c5341fef4e798ea9a455268593a8_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._radius...........Unknown............................_offsetX...........Unknown............................_offsetY...........Unknown............................_spread...........Unknown............................_color...."......Unknown.......#b3b3b3.......).......@return UXEffect................................makeEffect......makeEffect$28....'......Unknown.........................................updateEffect......updateEffect$29....,......Unknown..............php\gui\effect\UXEffect...........effect....,...#..Unknown...................@return int................................getRadius......getRadius$30....;......Unknown...........@param int $radius.........

C:\jar\behaviour\custom\EscapeShutdownBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):13208
Entropy (8bit):5.701893683083005
Encrypted:false
SSDEEP:192:glUlnPDhll2cn3ReBWlTYDyOzptlMlmPpmll9cn3RzflrpEs3irlo5Vjilpl5a4J:tDn3RMWCdtlCSn3RzfNiK6azocJCp
MD5:81EAF63752568834BB8A302503E8DAC8
SHA1:FE0E5191AB348B4EC9FEECB7F341B347C63B3908
SHA-256:D53DF99C63EC483C3FC00D65BD64D2C238B00A4961220510EFB452D96BF8CDEC
SHA-512:B6101473BDF0FAFF46FEC9E8300DC557463F52A9C78BE212AA55FCFAD74FBE08316DA667404FCA4BE72378CC25CF97399ED88EB12D3731DA31F3638FE50C5417
Malicious:false
Preview:..J..3S...........-1075559626~1382...-.-$php_module_mc1078d826a7049e2935a2c906976d88a............Unknown...........6.6$php_module_mc1078d826a7049e2935a2c906976d88a_closure0..................................__invoke......__invoke........!..Unknown..............php\gui\event\UXKeyEvent...........e........6..Unknown..............................php\gui\event\UXKeyEvent...........e........6..Unknown...................z.......2....6$php_module_mc1078d826a7049e2935a2c906976d88a_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/

C:\jar\behaviour\custom\FadeAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17893
Entropy (8bit):5.674138575926377
Encrypted:false
SSDEEP:192:f/AtGraglgm/Et79hHl0zKw/AtGsglUxhPGdDoWxaojxLK1lxAi3lpiWubRFS7Gu:3A49O4EFdWAgyQUbotLmzyzCp
MD5:C94AA242958308EECD7DDD332D2802C0
SHA1:94603E6A5C83775A2ADE9E4476340C9A2AAE62B7
SHA-256:33C30079FF8BFA98EB8044BEF655325C63C566DEE2A5B2C49BE27A603CDC4076
SHA-512:995E74B26AC41CF185D185ED3AF7D7743757D259F294AB93454C2C876533D9E27B3BD7AA3B5F3BBE3A68971731BB6295F2CB1914B43C21E34B66F3A9CE5B5028
Malicious:false
Preview:..J..3S...........1598607469~1966...-.-$php_module_m620c8174dad74e84abfc3d959a2af772............Unknown...........6.6$php_module_m620c8174dad74e84abfc3d959a2af772_closure0..................................__invoke......__invoke....7...Z..Unknown...................9.......2.p..6$php_module_m620c8174dad74e84abfc3d959a2af772_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\behaviour\custom\GameEntityBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):32949
Entropy (8bit):5.839813846669592
Encrypted:false
SSDEEP:384:s/sTdCEkRJZI2BYMqtgUswxY5mnUBtjsg2WbEeqDVMrxDnFCp:yIfkXBXq2UjxatYg2beqDVMrRngp
MD5:9C9AF477B6CD5D932D86054C8CE2222B
SHA1:D2B3E04458B4012491234EB2DAFDAB4EE7088393
SHA-256:AF9B55B9246682116DC65AB8A8C04E4F726F5F8C70351EA4BCB29EA37303F1EC
SHA-512:AC8953F7C3C0C6ED997252CC91DEFE5D76B323B5A1786CA5692793B4EC8AF90BF4D1009A99F22CDA82319E7DAFFB1EFFC98A7B28AAE6F0A80A376A4A82A7E679
Malicious:false
Preview:..J..3S...........1794272642~7427...-.-$php_module_me36473fa49fc40a59f1e08df9d0b293a............Unknown...........6.6$php_module_me36473fa49fc40a59f1e08df9d0b293a_closure0..................................__invoke......__invoke....X...4..Unknown...........................2.m..6$php_module_me36473fa49fc40a59f1e08df9d0b293a_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\behaviour\custom\GameSceneBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):23760
Entropy (8bit):5.816240758167119
Encrypted:false
SSDEEP:384:W0xzTbzOAcfY32s3pIupotJZnrkTX0QP8Ehy1PAhu5Cp:W0VTHtb3nKJRkL06G1PSp
MD5:9770E0C560E0AE5BB8BD3730AAE1F745
SHA1:E403FE7CD843E8258E3CF2AB091ADF87F8219204
SHA-256:414E628B53AC56D6D05C01E4D47EB740A7B8CC7B4BC4B78FE7319682CFDE13E3
SHA-512:9E6E694684D5D4335ABDF8F0CA84AC8C7AECA7416DD870A27B4F58383BAD4E41D23399B6E5766EF4E85FBC42199F7E17E47A23311C055CEF65D122492F552890
Malicious:false
Preview:..J..3S...........-1989929878~5857...-.-$php_module_mbc2b7fd99573481082a68852b3ff77a9............Unknown...........6.6$php_module_mbc2b7fd99573481082a68852b3ff77a9_closure0..................................__invoke......__invoke....X...$..Unknown.......................x....X......Unknown...............................y....X...2..Unknown.......................................x....X......Unknown...............................y....X...2..Unknown...........................2.y..6$php_module_mbc2b7fd99573481082a68852b3ff77a9_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke

C:\jar\behaviour\custom\GaussianBlurEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7241
Entropy (8bit):5.55349911410022
Encrypted:false
SSDEEP:96:2NTKuDaPtXLeeQO2lMIoNiGYOJANV/NpN2XRWlv9Nu1fINMk+/uOo+eQO2lM+FSP:CDCbA2gaWlfgxk+/uOTFS7GCplP
MD5:AD6B43739A1ECE1088B8D13637DADD4F
SHA1:8463E153E577D77DF4A562E2CB035D259C2E0A5B
SHA-256:D20E154D5CF0AA5C0DE94D82D1B6CA5DBD6F3FA7B83E6B8114AB3D4B305E1763
SHA-512:644C87A0201F7637FC75DF5188146965D9E66BB3757284ECA06916324C33573245C22939A2E67381FCC350F121BC6C9AC1F85C4A32080CA86566653716DAB81A
Malicious:false
Preview:..J..3S...........1475220546~1092...-.-$php_module_mda3badd03bec4d59992e94fa1fb29880............Unknown..............................,.,behaviour\custom\GaussianBlurEffectBehaviour...4.4$php_module_mda3badd03bec4d59992e94fa1fb29880_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._radius...........Unknown....................!.......@return UXEffect................................makeEffect......makeEffect$28...........Unknown.........................................updateEffect......updateEffect$29...........Unknown..............php\gui\effect\UXEffect...........effect........#..Unknown...................@return int................................getRadius......getRadius$30....*......Unknown...........@param int $radius................................setRadius......setRadius$31....2......Unknown.......................radius....2......Unknown.............................blurEffect......................getCode......getCode$32....7......Un

C:\jar\behaviour\custom\GlowEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7199
Entropy (8bit):5.564301006815568
Encrypted:false
SSDEEP:96:d7fbQQ/eeQO2lM5dNiGY2JANK/N3N2g2RWlv9NuVEINhk+/uONeQO2lM+FSIWGCb:djtc+lveWlfANk+/uOXFS7GCplP
MD5:9671E76E59FABE91CB2FFE8374D169F3
SHA1:C450AD072831FF1DE8DFEF6B434610BEF5FA8058
SHA-256:FFCD7D2C38A6C719B32EE8E71AD2F2D5DBFE00093B363E6E768F4B442B56023E
SHA-512:0E034E5B7316FC5EC9A241A7B4E0ADE4F082698CF4F70D0494918C74A72A4C0DF84CE201D27A422A96DC3C56C6CA9B9031D9ADCEB1616A3E68FD4686EB83F369
Malicious:false
Preview:..J..3S...........849850209~1080...-.-$php_module_m558b8d8f645d4465bab631ca26d51a91............Unknown..............................$.$behaviour\custom\GlowEffectBehaviour...4.4$php_module_m558b8d8f645d4465bab631ca26d51a91_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._level...........Unknown.....?.333333.......!.......@return UXEffect................................makeEffect......makeEffect$28...........Unknown.........................................updateEffect......updateEffect$29.... ......Unknown..............php\gui\effect\UXEffect...........effect.... ...#..Unknown...................@return float................................getLevel......getLevel$30....+......Unknown...........@param float $level................................setLevel......setLevel$31....3......Unknown.......................level....3......Unknown.............................glowEffect......................getCode......getCode$32....8......Unknown.......

C:\jar\behaviour\custom\GridMovementBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):25413
Entropy (8bit):5.788170779341156
Encrypted:false
SSDEEP:384:cI+IYZdVYkkWBmQ44nmS58vFrUxexow6FuZ4U1aHUxXtsoyViz1bNAUCYaA4aVA5:ujGiLta+eKw6FuSU1XNzLyjp
MD5:96136D8F417F769C695919472131C25B
SHA1:729596396D14C26B04DC2A1C827AEB17176A4BE9
SHA-256:4BCC83CAD84FA87E6051A1955237B61DADF57A33FF760B306E75758F03E3550D
SHA-512:16CADAA78DD2A9D014D4CD3D5B128D01C60577A9F323E4C6AC18F54D50084186AC1C0B14C25813ECDEBCB9E1027006A07A6231E5AD8B8E3A42B072E526A4620C
Malicious:false
Preview:..J..3S...........993695944~4558...-.-$php_module_m1a9c7dd68a204598b0dde598e23e3575............Unknown...........6.6$php_module_m1a9c7dd68a204598b0dde598e23e3575_closure0..................................__invoke......__invoke....F...!..Unknown...................R.......2.t..6$php_module_m1a9c7dd68a204598b0dde598e23e3575_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\behaviour\custom\InnerShadowEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10045
Entropy (8bit):5.49491742710161
Encrypted:false
SSDEEP:192:prlSz8DNXQLlN2gXw93UT5KlkHEvMSBiIeAmFS7GCplP:prlSz65QLlwCw9iKuSeAaCp
MD5:14ADE19FED66B4E1CF0DE841AC4A0D17
SHA1:787EBF0E079B24390F49B828844B569DB15B34E4
SHA-256:20D0A7C80811C2DB8A815D8A85DA6105F9B0D93BF02AFF93B36757B6416FB67E
SHA-512:FFAE9C6B559C346415F669DE139CC154824E6540C5B8D4813A0E97D89D26FAF16E90819661CF96AF0C44E7A18D56E41EF002621EA88162803C1016B555C82071
Malicious:false
Preview:..J..3S...........-1268290970~2082...-.-$php_module_m3ce286ffa29c4dc0a98ec98a3e12074b............Unknown..............................+.+behaviour\custom\InnerShadowEffectBehaviour...4.4$php_module_m3ce286ffa29c4dc0a98ec98a3e12074b_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._radius...........Unknown............................_offsetX...........Unknown............................_offsetY...........Unknown............................_color...........Unknown.......black.......'.......@return UXEffect................................makeEffect......makeEffect$28....#......Unknown.........................................updateEffect......updateEffect$29....(......Unknown..............php\gui\effect\UXEffect...........effect....(...#..Unknown...................@return int................................getRadius......getRadius$30....6......Unknown...........@param int $radius................................setRadius......setRadius$31...

C:\jar\behaviour\custom\KeyInputRuleBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):16599
Entropy (8bit):5.773680344872532
Encrypted:false
SSDEEP:192:K7rwgecAG1lc/fifCKaEU22PWtWMoluzpagmPVpo5Ljkfc+9llm6FS7GCplP:Cw5c/1WfM12W4bcz2omfN9XrCp
MD5:A55F9FBE8FBC174FFBD954CE800153E5
SHA1:4BE726A5C87917A206A10D8B3B35B5DB949EE2B9
SHA-256:1BF6DCE8705B0ECCB2E1522BA32BBE8C57E1846F87A2B86F553BC4E25AB4BD99
SHA-512:D2CFA83738747B14773CF828102899127AF0B4923A1D7329CE18EE06A0F23BAA62C24A79262BC7FAC6A67E7DD9623734C373A6E8EADEC92E2A7D6A52D5802C0A
Malicious:false
Preview:..J..3S...........-2124815524~3216...-.-$php_module_m2370e373c6b940d2a1ccbd6cf89d1fb5............Unknown...........6.6$php_module_m2370e373c6b940d2a1ccbd6cf89d1fb5_closure0..................................__invoke......__invoke....&...2..Unknown.......................old....&...<..Unknown...............................new....&...B..Unknown.......................................old....&...<..Unknown...............................new....&...B..Unknown...........................2....6$php_module_m2370e373c6b940d2a1ccbd6cf89d1fb5_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtim

C:\jar\behaviour\custom\LightingEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10464
Entropy (8bit):5.5009951536419
Encrypted:false
SSDEEP:96:j7qLaEXJFeeQO2lMCONiGYiJANo/NjN10UT5gtlNNI3HEdeDWeUuLVUU8f+iUqR1:i2q32UT5KlUHEdMxL6h9w5FS7GCplP
MD5:541C5645554D010F836592DA72860F11
SHA1:AAED99FAF199CE2ED7DE19C5F85AD4EDC9D843CD
SHA-256:5E7127C66AE1785CACB67496ED8B8E3F9CF902E6CB5565738E184AD67DDAB937
SHA-512:EE0CDE50790BD497513C80EECCFCF94D7F804735804276695514CB0EAB691B0E8D55DBE0C76D6AEBB6DCC66F629443D38B5E8E990DBBD3E6CAAAA8F8271DA20D
Malicious:false
Preview:..J..3S...........-1169576932~2553...-.-$php_module_m82c273c12b4a49b1a2dc70585fc7cebb............Unknown..............................(.(behaviour\custom\LightingEffectBehaviour...4.4$php_module_m82c273c12b4a49b1a2dc70585fc7cebb_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._diffuseConstant...........Unknown............................_specularConstant...........Unknown.....?.333333..............._specularExponent.... ......Unknown.....@4....................._surfaceScale....%......Unknown.....?..............'.......@return UXEffect................................makeEffect......makeEffect$28....*......Unknown.........................................updateEffect......updateEffect$29..../......Unknown..............php\gui\effect\UXEffect...........effect..../...#..Unknown...................@return float................................getDiffuseConstant......getDiffuseConstant$30....=......Unknown...........@param float $diffuseConstan

C:\jar\behaviour\custom\LimitedMovementBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):13257
Entropy (8bit):5.8479460013446225
Encrypted:false
SSDEEP:192:UonxyNadYUuQpAhcrltbJ2Se/2JT1oqx5p5Bh27MCf1lRauXFS7GCplP:/nxy3OAhcrQ29uYjh27xf1/aaCp
MD5:434FAAB541228545602E3F9EB63A25D8
SHA1:E23039B8FD0BC2116CCB000C6348699BBEB7DC20
SHA-256:6C3BC741F52CB9586AF449BB05E5080F136C1E64BC9BB625DA76F4256D0EBC67
SHA-512:9DB45FBBA35DC95F42A155D257DF55B78F533452FE89D6DE76EC9641730B312C52D97350D0C59B5D83BD1D5A32F09319E2698350530D1D99D21E5233F6E89A47
Malicious:false
Preview:..J..3S...........-1623146549~2487...-.-$php_module_mba84574028224713a42671e27a9a9ea9............Unknown...........6.6$php_module_mba84574028224713a42671e27a9a9ea9_closure0..................................__invoke......__invoke...........Unknown...........................2.[..6$php_module_mba84574028224713a42671e27a9a9ea9_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\behaviour\custom\PulseAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):19423
Entropy (8bit):5.66433824549523
Encrypted:false
SSDEEP:384:AnZH2c91orDYKTdUaTWQqTyMKOCTRrNPCp:ABbbzDOy5SZcp
MD5:4479A2CE6F39649B949CB85C8E55F30C
SHA1:0743CBDA9803256CF3F423A4F9C47E885BE48D13
SHA-256:A376E03914FB6CCB9E2591B60BC0F8356A4C4D470F9C8C9F34F8CD62947A6E57
SHA-512:C9D72A2E77A077A417C8528362C18B6EF127821697E8B2394DC5E31AFF25FE83EF6830423147D9059FECEBB55D023A364A4BFC716E938F681660C6C31777407B
Malicious:false
Preview:..J..3S...........-626076543~1897...-.-$php_module_m0a970775b33343feaacec05fbc203ff6............Unknown...........6.6$php_module_m0a970775b33343feaacec05fbc203ff6_closure0..................................__invoke......__invoke....)...(..Unknown..............php\gui\framework\ScriptEvent...........e....)...>..Unknown..............................php\gui\framework\ScriptEvent...........e....)...>..Unknown...........................2....6$php_module_m0a970775b33343feaacec05fbc203ff6_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp

C:\jar\behaviour\custom\RandomMovementAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):26476
Entropy (8bit):5.842969033592206
Encrypted:false
SSDEEP:384:gH/nTdnNGICMoG/5LFqZs+OpC3ZhurGMfkSyiirX/Cp:g/nh519KsvpSZh4Gyj8rX6p
MD5:2E7AD85C0C8DB7035F1C8E80CB60F274
SHA1:80FA60A6AD576AD028624EAD87D7E20072556343
SHA-256:AB155C8C9C6F1ED7BE2F874D4E8D7F1889068E5DC227C9BFEBAC2CE5B41E5876
SHA-512:FD254F65F376164785F9D9816B82D797E77BD2F11617087FD93AC370D17B6F811D7D7487883554AAD5A97FA98C7C2FAF466AF39E2DD3996D56CBD3B125CE76FC
Malicious:false
Preview:..J..3S...........-1245295193~6154...-.-$php_module_m7337c1e7229a4f719fc4b78729460f32............Unknown...........6.6$php_module_m7337c1e7229a4f719fc4b78729460f32_closure0..................................__invoke......__invoke....P...X..Unknown...................z.......2....6$php_module_m7337c1e7229a4f719fc4b78729460f32_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\behaviour\custom\ReflectionEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):9275
Entropy (8bit):5.520827256181182
Encrypted:false
SSDEEP:192:1O3S+gtKrctlCh24eW4uvU93e4PFS7GCplP:1oikkCxgDVesCp
MD5:6CF60770D1624E97B77F9AFC3BF30E31
SHA1:EE810E7F6F726B4A5600A93755A6BFD5F0227385
SHA-256:5C42C0D7430604A0E33298584070F8436F03876A9BA61128FF91DD4874E38650
SHA-512:704C4407624AEEAAB8D09438A1DB3745960A7CACB366888B18FECC63053A7388E3E8D3B79BB67AC8CFF44BF403A14F501B990CF9BBDA2A84F639287AF1E2C27F
Malicious:false
Preview:..J..3S...........-148005674~1887...-.-$php_module_m26aa6dd4ce564a19bb96e48645bfed76............Unknown..............................*.*behaviour\custom\ReflectionEffectBehaviour...4.4$php_module_m26aa6dd4ce564a19bb96e48645bfed76_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour..................._topOffset...........Unknown...................._topOpacity...........Unknown.....?......................_bottomOpacity...........Unknown....................%.......@return UXEffect................................makeEffect......makeEffect$28....%......Unknown.........................................updateEffect......updateEffect$29....*......Unknown..............php\gui\effect\UXEffect...........effect....*...#..Unknown...................@return float................................getTopOffset......getTopOffset$30....7......Unknown...........@param float $topOffset................................setTopOffset......setTopOffset$31....?......Unknown...............

C:\jar\behaviour\custom\RotateAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10580
Entropy (8bit):5.633384699986155
Encrypted:false
SSDEEP:192:2wcnZG8Il91lx6hvUWKi92AlxKFS7GCplP:CnZGxX1OUbi976Cp
MD5:BCE757E617B4B3C74904AFAE7F142D47
SHA1:07991DF0C51A1EAFD52D277A193A0D9110FB1A2C
SHA-256:89970C37942BC4A74847B41177D4C01556A7DBE2C056D10DCDDC69723952AC80
SHA-512:126BD5F0E2C96BBD680AC462EDAC2B7A2EF55E91ACD770D6FF1B6AB463254BCFCCCB45E6993887E84BD6F33C9187C49AE025D2ED20A101212E5E9F0E86763EB0
Malicious:false
Preview:..J..3S...........-1325586418~1004...-.-$php_module_mdaf6fb5581884ae9811e2de77ebc3d4f............Unknown...........6.6$php_module_mdaf6fb5581884ae9811e2de77ebc3d4f_closure0..................................__invoke......__invoke...........Unknown..............php\gui\framework\ScriptEvent...........e........-..Unknown..............................php\gui\framework\ScriptEvent...........e........-..Unknown...................%.......2....6$php_module_mdaf6fb5581884ae9811e2de77ebc3d4f_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lph

C:\jar\behaviour\custom\ScaleAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17953
Entropy (8bit):5.667685029678092
Encrypted:false
SSDEEP:192:A/AtGraglgO/EtFsHl0zKn/AtGsglU6PqaWyojdLPj7rllfiS54MOxCdFS7GCplP:mA49OgEid/Agypa7oBLHrPfp4MOxuCp
MD5:415B53556D3F20AC722F17AA4FAD311B
SHA1:9E8B6E92AA9A07AEE647835FEFD040094A3C64BC
SHA-256:F1EF996E758724F15D8ECCA3FDEB850B4C82F26F0A14C55E86C4BCAC8DEB7C71
SHA-512:9072D6D06EB73BA5076527C2E3E54986F01B0F11C9610C33E452AD5D7F08DAB07A1327928A6302C8005A85EEDD3D0D5F39F3672BAF0765D3BEFC8B8C01C675E5
Malicious:false
Preview:..J..3S...........288168476~1962...-.-$php_module_m508134df5d6a4b228ceb1a5e691ea097............Unknown...........6.6$php_module_m508134df5d6a4b228ceb1a5e691ea097_closure0..................................__invoke......__invoke....7...Y..Unknown...................9.......2.p..6$php_module_m508134df5d6a4b228ceb1a5e691ea097_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\behaviour\custom\SepiaToneEffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7217
Entropy (8bit):5.5457956690815156
Encrypted:false
SSDEEP:96:+w3fbQQZeeQO2lMSlONiGY2JANK/NlNKdWUAlcuFAI49m/MFeQO2lM+FSIWGC4MN:j/Kz+lwwUAlchm/MPFS7GCplP
MD5:1FA48368E81B8A2135B0D0A44B25D0F4
SHA1:C76A038B7629FDF6833F92CA85FF755D73796A8A
SHA-256:1EC9B900FDA05F4239310826C67522586A3BF372E3B4B7B38BD2DF9C354336C6
SHA-512:8F7B00AE8B5B5457CC1FA7218CDDB708994179D0AA2692685ED4DE9667B81C1EE2230DA45893427B870E4DB6E032E4D4DB9B15CDB351D81C791C927F790519F3
Malicious:false
Preview:..J..3S...........1148608488~1107...-.-$php_module_maa1daac0956b403598f796474eec9c43............Unknown..............................).)behaviour\custom\SepiaToneEffectBehaviour...4.4$php_module_maa1daac0956b403598f796474eec9c43_class0...........Unknown...2.2php\gui\framework\behaviour\custom\EffectBehaviour...................level...........Unknown.....?..............!.......@return UXEffect................................makeEffect......makeEffect$28...........Unknown.........................................updateEffect......updateEffect$29.... ......Unknown..............php\gui\effect\UXEffect...........effect.... ...#..Unknown...................@return float................................getLevel......getLevel$30....+......Unknown...........@param float $level................................setLevel......setLevel$31....3......Unknown.......................level....3......Unknown.............................sepiaToneEffect......................getCode......getCode$32....8......Unkn

C:\jar\behaviour\custom\VibrationAnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):26529
Entropy (8bit):5.641704053090557
Encrypted:false
SSDEEP:384:H/MTk3bTFpwozb4saTUZ57alYtb11lAKMPYCp:fTbTQozb9n5sYtbnYBp
MD5:26016803414F2D198F08FE9E6C4F8B89
SHA1:A7E034B9D2BB594E087200591E13CD9EA748F193
SHA-256:7D91A84340BC87B4DA5260C9399E7E98408206A8D2B0E17B6B5C2A478C8355F0
SHA-512:A49346628552792AC9B6E7955F8F4B8F61DC32837A0AD24A097C4ADFB790201551BBAE5F446EAA203DAD352E82DFC002209CD7FE9E0782369118DE66539AD68A
Malicious:false
Preview:..J..3S...........-1226741605~1994...-.-$php_module_m16951a853046458ab4ae50345421c5de............Unknown...........6.6$php_module_m16951a853046458ab4ae50345421c5de_closure0..................................__invoke......__invoke....0...?..Unknown...........................2.m..6$php_module_m16951a853046458ab4ae50345421c5de_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\behaviour\custom\WatchMakerBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10984
Entropy (8bit):5.686223303923802
Encrypted:false
SSDEEP:192:Q2MN2MC2MKn8fl2j8ielfR/cBgDx2Mk5AY172Mn2Mld2M22MQZQlbXU2MMFS7GCb:9MIM7M8Nj8iekBo8MkqBM2MlYM/MuQxA
MD5:FE25D1F08A0249C7C0FF8995811CB662
SHA1:DA789EF618F6B15177B690799B8C326487AF9C18
SHA-256:29697C6DE7C1B8D2FAB12E62ACB6740A6B31C332FB0FF4CAC722D7718F5D4776
SHA-512:A81E2186532C015D4D1568F07C176FDE91586714E613FDC52CD590B05D31AD006EB275672DDF106CFA60B0FE2B00E0B3ADC9089B583840A8DF4C02928EFC2C2B
Malicious:false
Preview:..J..3S...........1501497343~1313...-.-$php_module_md942ea5a910e48998f769e330cc5c4af............Unknown...........6.6$php_module_md942ea5a910e48998f769e330cc5c4af_closure0..................................__invoke......__invoke....$......Unknown..............php\gui\framework\ScriptEvent...........e....$...)..Unknown..........null......................php\gui\framework\ScriptEvent...........e....$...)..Unknown..........null...................2....6$php_module_md942ea5a910e48998f769e330cc5c4af_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<i

C:\jar\behaviour\custom\WidgetFormBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):31807
Entropy (8bit):5.8344051263579875
Encrypted:false
SSDEEP:384:cg1NjZhsQnDzj/HsSnDzCoSF1J4QASVj20/364YV/bAab36cCp:rNXsQDPfsSDGo0JHj20/369V/cabKVp
MD5:1B42FB94DED173FD082F4956BB2DB0CF
SHA1:C85631FEF9197A5AC591EB2FB64597979D5D8A94
SHA-256:4F020711D93DCDB341085F2C38750ADF4CB7B08C40ED12590F32D60ABBFEC3CD
SHA-512:3EB3E48D32548BF0E998597A179A801E1FC9C9422C83BC950101A617AF99E624D43345DBFCD8871323A08C618C4AAFEE71AB78F5DCA4587EC23372AEF89F6460
Malicious:false
Preview:..J..3S...........-1954239182~5223...-.-$php_module_ma5920588492741d58c17e4094a80aecf............Unknown...........6.6$php_module_ma5920588492741d58c17e4094a80aecf_closure0..................................__invoke......__invoke....7...#..Unknown...........................2....6$php_module_ma5920588492741d58c17e4094a80aecf_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\behaviour\custom\WrapScreenBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):16148
Entropy (8bit):5.77042573377243
Encrypted:false
SSDEEP:384:FvkiSuiNWaKA+Bss0SCUCY9iaDdQa66Cp:WiziNgfBvuk9icz+p
MD5:724AD0A9A9F3F49329D9CA22415793B3
SHA1:F42AE239B1D2A422096A98CAC4FA5F8561547AD0
SHA-256:8613B16BF7B518D3C37AA5F3DB069F8D3B6DACECAB0ECBB3FBD3602559239D4F
SHA-512:84ED80B04711DC3FB8D0537C051C3CB0D108BA5D1DF7B2218809B878A6E9DE358113B35C5B839830B65E3B054FD321A611C3BCB5FC0ED112012B77264AD8FA26
Malicious:false
Preview:..J..3S...........-491706443~2362...-.-$php_module_mc0f66f5ff23045129945b5d0dec89e42............Unknown...........6.6$php_module_mc0f66f5ff23045129945b5d0dec89e42_closure0..................................__invoke......__invoke....,......Unknown...........................2.k..6$php_module_mc0f66f5ff23045129945b5d0dec89e42_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\bundle\http\HttpAsyncResponse.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10399
Entropy (8bit):5.842086393084811
Encrypted:false
SSDEEP:96:LLIBQHsHwWFHhd0uPaeQO2lM/AmbJX/NXVD1N7BfNPacZEkE9yuMLlfOwqBPfhXD:Kmmb9rxMilgBPfhXNwADgTMpldFSXliX
MD5:158BC16F8BB5496F73B2FE79F7BC5E94
SHA1:7A39891D46A73266DD8F9E006F3D726D0CB5C054
SHA-256:345D42CA43ACBD8E66E926110E89AED163BF101FF79EA2AC5D7420DD2398CE34
SHA-512:7D54F0FC6BDDF2019064DEC18718E5A274478BB385AA87193CFB1A6D46257E0D3B012C75D242707AB49E0556BD97F21FF34A4AD3386009769F27BEBAC0C037CA
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpAsyncResponse.php...-.-$php_module_m3768eef9eba64e5c988a5bbd420280d9............Unknown.................................bundle\http\HttpAsyncResponse...4.4$php_module_m3768eef9eba64e5c988a5bbd420280d9_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpAsyncResponse.php.......................onSuccess...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpAsyncResponse.php....................onError...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpAsyncResponse.php....................onDone...........C:\Users\...

C:\jar\bundle\http\HttpChecker.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):20690
Entropy (8bit):5.86737938970272
Encrypted:false
SSDEEP:192:kwuJhIr35AlYwpFlkmJkBVKk/QVOlhByKE4ykAnaqPgldhe0Hiq/MzskFSXliX:IJhI2P/kjsYlAnapt3HiqhMX
MD5:92DFD7A665925BFDA1AF0F6FB58361D4
SHA1:859BA58A2BF2B179C11E80D01E171760FDB6A065
SHA-256:60AF987CC24F0185140059A1CB8183B7B12ECFDDD19BF621E152FF2B9DFE33ED
SHA-512:5F02A3415392EA4C801844D8FDADD641ADB83758DB692E96D3AC9CBA9D2F513433268CDADCB03D221726B500C13D9217D63177C690726347842C2112DCF2D461
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpChecker.php...-.-$php_module_mcd89cbc09cc742df8768751236ea21dc............Unknown...........6.6$php_module_mcd89cbc09cc742df8768751236ea21dc_closure0..................................__invoke......__invoke....L...-..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpChecker.php..............bundle\http\HttpResponse...........response....L...D..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpChecker.php..............................bundle\http\HttpResponse...........response....L...D..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpChecker.php.

C:\jar\bundle\http\HttpClient.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):81653
Entropy (8bit):6.058072062206772
Encrypted:false
SSDEEP:1536:qO2/euL0mVPZcQfZBgLXZ/G0qlJ1PFt7JWM2xOAUs:qOAfL0YPqQfvgLXZejv5jUM2xOAUs
MD5:2FF8AEFBE30D5FDE3DEAE05FAB500CDB
SHA1:CE7B87E504402571A41F467B76AAE33E64E8B036
SHA-256:A27CBD79198B7229917AA34B327F093C173BA79B79E84BB0DC492265865248C1
SHA-512:EDE5CEDDFE7C6AF35A0964E464BB093851DB1DD6F055DFE2595D1B8F57B8BACA8717849973F2E9E8FD4D6E8020C31A599DB4149AD5369EF1D1CA1572DC8C5429
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpClient.php...-.-$php_module_m35d6cb45d4504c698f62cd5f4a3be71c............Unknown...........6.6$php_module_m35d6cb45d4504c698f62cd5f4a3be71c_closure0..................................__invoke......__invoke...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpClient.php...........................2.p..6$php_module_m35d6cb45d4504c698f62cd5f4a3be71c_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpClient.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionC

C:\jar\bundle\http\HttpDownloader.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):97316
Entropy (8bit):6.0055854757190685
Encrypted:false
SSDEEP:1536:2unyQSjXwwxll3GbzByb6giZM/pFBvF+VzQmxes:2unyQSjAwxll3mzByb6giZMRF1oJLes
MD5:83DFDCCAF5311F13350F07A0FACCF13C
SHA1:99169B5B8CDE7A45D88C552A71537ADC0E225105
SHA-256:3F338AA483DFA8489A23ABE429CEA1B0196BC91B8DF1A13053C8C518B783E360
SHA-512:D560E892604E889EC352F59686126AA4AE4E493670DE8DBBE40AD3C044090842656731D11FCEAD0A660217F9E6726431034FBCEFD7FEE5DEEAA730EE27A224E9
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpDownloader.php...-.-$php_module_m05bec5aae8d242c3b336e36f9cf35f29............Unknown...........6.6$php_module_m05bec5aae8d242c3b336e36f9cf35f29_closure0..................................__invoke......__invoke...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpDownloader.php...........................2....6$php_module_m05bec5aae8d242c3b336e36f9cf35f29_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpDownloader.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cac

C:\jar\bundle\http\HttpResponse.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):22558
Entropy (8bit):5.9094873233763785
Encrypted:false
SSDEEP:384:6nE+cxHN1cT9Kv9xcx938x3k59fAo/r5X/KxjnCIf0MX:6C1ca9yYOmnlcs
MD5:3B261FBEC660C49A8A7514865D44D8DA
SHA1:E8B6D3B5384C47E77DCEC736C44B55829DF447D7
SHA-256:42F632A03802E501AD95AAEA85F574CF0DB2004C786D3800DB369F67707565B7
SHA-512:A2F484C7EB79616DFB7E4473E48C094EFEE463F3832127E9FFF50EE70F6294C18ADB207108E4B3C99CFFCD06004D8C03EFF35A2E26F01210E4FE79D9028EF22E
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpResponse.php...-.-$php_module_mb1665afe0c754cbeaae708e3c0354db3............Unknown.................................bundle\http\HttpResponse...4.4$php_module_mb1665afe0c754cbeaae708e3c0354db3_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpResponse.php.......................body...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpResponse.php....................responseCode...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.httpclient.HttpClientBundle\bundle\http\HttpResponse.php............................statusMessage...........C:\Users\........

C:\jar\bundle\jurl\jURL.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):138187
Entropy (8bit):6.2457064368129025
Encrypted:false
SSDEEP:1536:jgWNT1VkLQyQrJsij4ggW1BTsBhf48jEG6YlQG8/expvzgWV+pQRs:jgWV1VkQyQrJ7jQWXsXjE3Yw/enzdbRs
MD5:F7B71C8B4B3F448901AD402D5B0CD2D1
SHA1:3D0D2C711FAFEB61F5B8A0421D34049A7B88ECF5
SHA-256:C5C05ADBE24A222CFCB5BC0F2CB42E51235349395416A05CDAAF32F43E183232
SHA-512:CEFACACBB1FC232124990902E3069E1CF2B11C77A0F002ABE6E358998C1F3CB0455EA8E416DF2FE68C9DC042DC882F2C2BD869071916C8DD53C0C75F3041F4BA
Malicious:false
Preview:..J..3S........|..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURL.php...-.-$php_module_m6ff7b5a661f7496bafa715ff6137dccf............Unknown...........6.6$php_module_m6ff7b5a661f7496bafa715ff6137dccf_closure0..................................__invoke......__invoke........+..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURL.php...........................2.r..6$php_module_m6ff7b5a661f7496bafa715ff6137dccf_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURL.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cac

C:\jar\bundle\jurl\jURLAbortException.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4627
Entropy (8bit):5.7158110435928595
Encrypted:false
SSDEEP:96:JLBKeQO2lMF4zlBOTDOGRKeQO2lMYFS8Hcl/eq+X:xmlUDhaFSXliX
MD5:E546AE91AADA0C9926CCF39BE762B68E
SHA1:4A80264B58106A4B5CDB7FEB24B8145D7417A82F
SHA-256:960EB54612479A9CE2F363200E2AD8DD4CE1204153474BC6A1F3720D48F44DDB
SHA-512:F6D142EE361DB618DAAB5B5345224C6790D8B2B53EB4AF4CC301312C1C3695143C82CC09E55B8157AFEAFEB0D92B6833BEA767F5659B6E39575A89ECDCCFFFAF
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLAbortException.php...-.-$php_module_mb3752954d13a4fa29a91a8e5887c088e............Unknown.................................bundle\jurl\jURLAbortException...4.4$php_module_mb3752954d13a4fa29a91a8e5887c088e_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLAbortException.php......Exception..........................Throwable.......l.......2.U..4$php_module_mb3752954d13a4fa29a91a8e5887c088e_class0......php/runtime/lang/BaseException......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLAbortException.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/run

C:\jar\bundle\jurl\jURLDownloader.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):97969
Entropy (8bit):6.165209736497372
Encrypted:false
SSDEEP:1536:UTuuTrTUP4fWduEIFdWNBzkSy9LfAOJWOR78TW+caZAtmmqbFf40OR+:UTz/UP4fWd7IF2Bq1JJUnBSmmqhALR+
MD5:261F0E09EDEA81F159B51DE5D78E6208
SHA1:3CC6689516567B0174C64D59A0E2C1F83BAF2AF4
SHA-256:D1FAE7DA465F120C2348B35121419E69F67A73CC6B9360D1D32BB1DF2AB3B0F3
SHA-512:90FF97BE97CB9D520BAF47850D3170B94E4C7F477659AF7FDB8E8FEC73102A41FC8F2C1D9DC67B55FA35B5BE0B38A0DB60C06BBA4E3F0197BB6FD890BEBE0F18
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLDownloader.php...-.-$php_module_mcc4d9716e1864777b4f19516129fe206............Unknown...........6.6$php_module_mcc4d9716e1864777b4f19516129fe206_closure0..................................__invoke......__invoke...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLDownloader.php.......................avaliable........%..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLDownloader.php.......................................avaliable........%..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLDownloader.php...........................2.}..6$php_module_mcc4d9716e1864777b4f19516129fe206_closure0

C:\jar\bundle\jurl\jURLException.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4597
Entropy (8bit):5.711873870823269
Encrypted:false
SSDEEP:96:LLmBeeQO2lM/4zlBOTDOGCeeQO2lMYFS8Hcl/eq+X:LQmlUDhpFSXliX
MD5:E2133B933CEE36053D9538919B0095F5
SHA1:0291DD6F015CDBBF347C99E77D7231017A7B23C0
SHA-256:240E4A150FC521EB62670DFDA4E528F84D6DD0EEFBAD8F7A6F97D15D09820987
SHA-512:56E8118110AC889A88561DB8339B35B9DFF7268BEA639D74F33E7E9478C793AD9DA942693FAE576DC56DC12F7E4ECFDD6B072DE09B39BEA0D85C6B0FDF67ED0A
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLException.php...-.-$php_module_m136de05e8832433d8324e83110b76ac0............Unknown.................................bundle\jurl\jURLException...4.4$php_module_m136de05e8832433d8324e83110b76ac0_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLException.php......Exception..........................Throwable.......b.......2.U..4$php_module_m136de05e8832433d8324e83110b76ac0_class0......php/runtime/lang/BaseException......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLException.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/Fu

C:\jar\bundle\jurl\jURLFile.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):12613
Entropy (8bit):5.853058789501782
Encrypted:false
SSDEEP:192:ERM5DSdYrOmszz/XVLyxhl3ngoeEKlaTOwNUrMmFSXliX:AM5GdHXztGxhxngd7+UYMX
MD5:37108D7636EDBA239BC0FF7A6A0FF3F6
SHA1:39BB2F7E34CC8DFEF77BFEE24C46570B603A5DF0
SHA-256:C08D8546B24A84F6A8E0CE522CCF13D75248642BC93549D757F06D6B893E244D
SHA-512:F2537C7706F885BA564933725B3CA04E24F953677D792D1DFEA76743601D71A0B6BA7D251D27CB7DA7E7DD7AF9569830A287B16346EBD32DBAFD99E5F511CE6A
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLFile.php...-.-$php_module_m73f3b7589b094cfcad834259c4313a32............Unknown.................................bundle\jurl\jURLFile...4.4$php_module_m73f3b7589b094cfcad834259c4313a32_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLFile.php.......................filename...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLFile.php....................mimetype...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\bundle\jurl\jURLFile.php....................postname...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.

C:\jar\bundle\zip\ZipFileScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):66821
Entropy (8bit):5.936903066013899
Encrypted:false
SSDEEP:768:9DUNScTXAzGG2kl9cAiaze+kLI2nZNG/QI8JxSp99tMs:9sScTXAzP2kl9990IzQH6cs
MD5:D5CB71B217B582DF107E8838DBBB47D8
SHA1:9A3F4ED05849B13B9D3F5F85F34B5869F72D70DD
SHA-256:F0ED3585D68ABCE939DB1474C6305E27008DAE3AACDD0396A8DA440935726940
SHA-512:88787413556BEE469082D95777569326901BC8B66CBC429779C6F819A4E54541E75E84260A5CCC6D7EBECF05B7FDC2B22C216B17633D28E6241AF46D7FF3045F
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.zip.ZipBundle\bundle\zip\ZipFileScript.php...-.-$php_module_mc72db4ce41af4b74b402593bc5b4b624............Unknown...........6.6$php_module_mc72db4ce41af4b74b402593bc5b4b624_closure0..................................__invoke......__invoke....v......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.zip.ZipBundle\bundle\zip\ZipFileScript.php...................Q.......2....6$php_module_mc72db4ce41af4b74b402593bc5b4b624_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.zip.ZipBundle\bundle\zip\ZipFileScript.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/

C:\jar\cURLFile.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4385
Entropy (8bit):5.742382923180782
Encrypted:false
SSDEEP:96:xtME9eQO2lMvAxHlqOgC9eQO2lMYFS8Hcl/eq+X:Y3OlCOFSXliX
MD5:FB427A391E451A5724A88536F1AFEE8F
SHA1:732C69C994033848A5DECE1BC8A87C9DEE85CC43
SHA-256:9D8631A18D0FCD743A19D9E87691667F0703861195E98D6B6EE0C61972375918
SHA-512:B76AA24F65F96D915332E16D367517083957810EFAC844D6DE7ADE419C77797F9E2B4EC24F82E8EE236F3F947F5C1E1E2E7284168853457B63CF3EA80DAC8B8E
Malicious:false
Preview:..J..3S........t..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\cURLFile.php...-.-$php_module_mef318952de0b41028e5c7ba0068b673a............Unknown.................................cURLFile...4.4$php_module_mef318952de0b41028e5c7ba0068b673a_class0...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\cURLFile.php......bundle\jurl\jURLFile...................................2.Q..4$php_module_mef318952de0b41028e5c7ba0068b673a_class0.....4$php_module_m73f3b7589b094cfcad834259c4313a32_class0......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jurl.jURLBundle\cURLFile.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime

C:\jar\facade\Async.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):11852
Entropy (8bit):5.624968331139341
Encrypted:false
SSDEEP:192:raql6tMohARfliP7vyJmilyrklyA45EFS7GCplP:X0T6lC7vwLcF5gCp
MD5:8D871F17144A743A82B015E496D9AA7C
SHA1:E507F7E9BAEC578D81F05FE71E4A535B9E6AB14E
SHA-256:3BB2B5F9E093361BF1A283536C6BD2D9B0755FE79D76E80A67628496070BC30F
SHA-512:444B455344B1085A2D5511F7B575CD88760ED0F3C6908C530830E03EDEB001CDE62F4A42A98BE089208FA7C5E97616A2AED98524338EE83BDB95F0A1E380D584
Malicious:false
Preview:..J..3S...........-1720113844~653...-.-$php_module_m31f71e20eed441609e5f218322c9efa0............Unknown...........6.6$php_module_m31f71e20eed441609e5f218322c9efa0_closure0..................................__invoke......__invoke........ ..Unknown.......................value........*..Unknown.......................................value........*..Unknown...........................2.b..6$php_module_m31f71e20eed441609e5f218322c9efa0_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/Class

C:\jar\facade\Json.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8464
Entropy (8bit):5.658927683516309
Encrypted:false
SSDEEP:192:aDuGvd78yGmbnZYomlxaa3v6mqqFS7GCplP:aDNvd78pmrDmLH3v61eCp
MD5:4099F9E0FF004DFA0A497DC6ED2374E6
SHA1:4DA4CE641D0BA3749FD2B3836BBD46BBF1ADF1AA
SHA-256:36EA0EFFF27C56A8789E9CA23084555AC11C88D2D9C286F70E6B86A31EDD67DF
SHA-512:9D98FB9D65A462370E43BE51173DFB1E3BAD57FB9831073FC33EF41DD99CC10C59BDB448E4BE1FE9C4FE6F63A387F84D585FE8FADE021ED66FBFD29D3AB4F984
Malicious:false
Preview:..J..3S...........-1314181324~1203...-.-$php_module_m8c0dde677f7f421b954222889b4a0db4............Unknown.................................facade\Json...4.4$php_module_m8c0dde677f7f421b954222889b4a0db4_class0...........Unknown.....................8.@param $data..@param bool $prettyPrint..@return string................................encode......encode$0...........Unknown.......................data...........Unknown...............................prettyPrint........"..Unknown...........true...........@param $string..@return mixed................................decode......decode$1...........Unknown.......................string...........Unknown...................@param $filename.@param $data................................toFile......toFile$2....(......Unknown.......................filename....(......Unknown...............................data....(...&..Unknown.................&.@param $filename..@return array|null................................fromFile......fromFile$3....2......Unknown...

C:\jar\jfoenix-custom.fx.css

Download File
Process:C:\Windows\System32\7za.exe
File Type:ASCII text, with CRLF line terminators
Category:dropped
Size (bytes):1121
Entropy (8bit):4.764180065789272
Encrypted:false
SSDEEP:24:Y0o37beOjUOjwOj4NcfjQCZLTkcdpLnIy5ALlb:ubjUoj5jdaR
MD5:1F9181887037CEAFE289B6158C5145F7
SHA1:BD29320357FEC748EF118265B239272A12FA6BFD
SHA-256:6418D81B04692936670A8AABB8B891A367678E34945FD5BC99F5AF05BF306DBE
SHA-512:72DE3F01E3E5CF2DFF080DD8F424AF822BB2290C4A672B4EDD6B080752E6AF41F4C37BAA6B4447D58B12FA4CFDBE512B0773358E11F8054F7AA851C559BDDB42
Malicious:false
Preview:...jfx-button {.. /*-fx-background-color: white;*/..}.....jfx-password-field {.. -fx-focus-color: transparent;.. -fx-background-insets: 0;.. -fx-background-color: transparent;..}.....jfx-text-area > .scroll-pane {.. -fx-background-color: transparent;.. -fx-background-insets: 0, 0;.. -fx-padding: 0;..}.....jfx-text-area:focused > .scroll-pane {.. -fx-background-insets: 0, 0, 0;.. -fx-background-radius: 0, 0, 0;.. -fx-background-color: transparent;..}.......jfx-tab-pane {..}.....jfx-tab-pane .headers-region {.. -fx-background-color: #4059A9;..}.....jfx-tab-pane .tab-header-background {.. -fx-background-color: #4059A9;.. -fx-background-radius: 0;..}.....jfx-tab-pane .tab-header-area .jfx-rippler {.. -jfx-rippler-fill: white;..}.....jfx-tab-pane .tab-selected-line {.. -fx-background-color: #00e0cb;.. -fx-pref-height: 3;..}.....jfx-tab-pane .tab {.. -fx-cursor: hand;..}.....jfx-tab-pane .tab .tab-label {.. -fx-font-weight: normal;.. -

C:\jar\php\framework\FrameworkPackageLoader.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):9785
Entropy (8bit):5.8366295369261865
Encrypted:false
SSDEEP:192:2PRD36My5pK/yfNllJsmCySl7OknPaZiAMFS7GCplP:iKLlJW5OmPBAICp
MD5:886555C77AD271624C359FD1E0F695B5
SHA1:102D56F81EC48DD331FCFE9C16A18CA21CEA6A51
SHA-256:1B620EF996EF776E25C707077BFD9714738237ABE540C9BF0DA760D1B7608DF7
SHA-512:95698EA42568BF6B44323F13E9CC5374DBB059BD9D609D6216B4195CCACC9199215B0D9DA85565A6E3B54CF46D86C2AF0F3CFD0F1E02227E489982DF860EBE2C
Malicious:false
Preview:..J..3S...........-942753492~2487...-.-$php_module_m600bad1bff554f3986eccbeeb0004482............Unknown..............................$.$php\framework\FrameworkPackageLoader...4.4$php_module_m600bad1bff554f3986eccbeeb0004482_class0...........Unknown......php\lang\PackageLoader.................................................makeFrom......makeFrom$0...........Unknown.......................fileOrStream........$..Unknown.................8.@param string $name.@return Package.@throws \Exception................................load......load$1....S......Unknown.......................name....S......Unknown...................................2.y..4$php_module_m600bad1bff554f3986eccbeeb0004482_class0......php/runtime/ext/core/classes/WrapPackageLoader......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/Metho

C:\jar\php\framework\Logger.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):11577
Entropy (8bit):5.590982010266359
Encrypted:false
SSDEEP:192:SqoUgdhLCAjF9bpWlE7C6D6Iyhe3dooiSgVVO2FSdHl:1VgdhL1tWK7l/73dooiSgVVOB
MD5:38434DF42EA189772895EEAD61F16631
SHA1:D45A949D440026B651EA14EE65A115B246289D20
SHA-256:3AD7C3AC61C65FA11CADA5C5127840D8B312AFCECE3E15176E6C66B7DAF37553
SHA-512:2088D4667685700AE15AA86211E195D7E8E9EB16B3B4EEF0E5EA31BF447C25835CD9F80A0A1C130819508C286AEC9BE461C3D8EF2543CE42881963B9CED7EDCA
Malicious:false
Preview:..J..3S...........-1331144051~2133...-.-$php_module_mfedfc5be8ded41009d1065781a698afa............Unknown.................................php\framework\Logger...4.4$php_module_mfedfc5be8ded41009d1065781a698afa_class0...........Unknown.....................LEVEL_ERROR..............................LEVEL_WARN..............................LEVEL_INFO............d.................LEVEL_DEBUG................................level...........Unknown....................showTime...........Unknown.....................@return int................................getLevel......getLevel$0...........Unknown...........@param int $level................................setLevel......setLevel$1....!......Unknown.......................level....!...$..Unknown...................@return boolean................................isShowTime......isShowTime$2....)......Unknown...........@param boolean $showTime................................setShowTime......setShowTime$3....1......Unknown.......................showTime.

C:\jar\php\gui\AbstractFormWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):10424
Entropy (8bit):5.619122584206182
Encrypted:false
SSDEEP:192:6LmDN1Qt8ilqd4BNMIvzXBdDRRSKPlK1FS7GCplP:t2xgd4BNMEXBdjP2Cp
MD5:3C530F23DC0A162D0197206B26B17AA5
SHA1:53AE246513DC43710138883D8AB307DD6630D070
SHA-256:F092976534BD1F2239FD8AFA8888EEBACAFD49B6B2223A6EE62119342A5787D9
SHA-512:8F05C83F0022D074F772DA2CB083B68EE1E52F6E6C3D3D324D13E83810DF8DE8B4605157DDB1FB07624D9FB72FD0A57C8A6D68A98DAA91EF8758DBB6CBC814A0
Malicious:false
Preview:..J..3S...........1170252201~990...-.-$php_module_m2b8efd2545d04235a1788aa9a38c0eff............Unknown...........6.6$php_module_m2b8efd2545d04235a1788aa9a38c0eff_closure0..................................__invoke......__invoke...........Unknown...................Y.......2....6$php_module_m2b8efd2545d04235a1788aa9a38c0eff_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\php\gui\UXButtonWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3852
Entropy (8bit):5.546031772060219
Encrypted:false
SSDEEP:96:9W2WfHeeQO2lM3WtlQWjeQO2lM+FSIWGC4MloO:9W2WfHPWtl9JFS7GCplP
MD5:E40DE30E3E5E08EE46D3D66AF1F6B0B1
SHA1:F1C4BBD00E42E513381A68B47AE9634960334C87
SHA-256:FC8E7CABC9D64D4921256964A504F34148FE5B88B3EA487B5A8B02A6A94BA74A
SHA-512:520774E8AE26D128D0E2C5681463F968F15440E6A39F5F74105F17348EE60244E6C1EC19197E05F40727190A60AAB366831913E6EB146192A34DF3662A215AAE
Malicious:false
Preview:..J..3S...........96195728~156...-.-$php_module_m2c2cbb45c1bb4cbdae969f81393f3d22............Unknown.................................php\gui\UXButtonWrapper...4.4$php_module_m2c2cbb45c1bb4cbdae969f81393f3d22_class0...........Unknown......php\gui\UXLabeledWrapper...........................A.......2.N..4$php_module_m2c2cbb45c1bb4cbdae969f81393f3d22_class0.....4$php_module_m4ff03c09298f4ff1ae69e1fc06a6fa42_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXButtonWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.............

C:\jar\php\gui\UXCheckboxWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3859
Entropy (8bit):5.55826854323043
Encrypted:false
SSDEEP:96:paHeeQO2lMglQWQeQO2lM+FSIWGC4MloO:kHIl9MFS7GCplP
MD5:3C720F86713BD02D368377098C5535E7
SHA1:2F010AEC435B86518BD05157CF4C92F816F68E21
SHA-256:BE6E2B7B4E273BC01AD3C31BFF8856CE7F5947390C7A3991C7BEC1E7A9CC4B63
SHA-512:6F254BBF9B90C59BD10593DF5356EE5CC62E3F08B183E45A95CF8B54B1D1070AD34DFA1000E1251E37BEEA01C699D82EDE5D3A86255F58C62582415370711B99
Malicious:false
Preview:..J..3S...........-1922299090~160...-.-$php_module_m4e9c10c8de0f487395f6b54b68e871d0............Unknown.................................php\gui\UXCheckboxWrapper...4.4$php_module_m4e9c10c8de0f487395f6b54b68e871d0_class0...........Unknown......php\gui\UXLabeledWrapper...........................C.......2.N..4$php_module_m4e9c10c8de0f487395f6b54b68e871d0_class0.....4$php_module_m4ff03c09298f4ff1ae69e1fc06a6fa42_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXCheckboxWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V......

C:\jar\php\gui\UXDatePickerWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):5980
Entropy (8bit):5.641531350712242
Encrypted:false
SSDEEP:96:C3gHvYeQO2lMQB1CD2bQRJrNs6NhH/NteGlvG8+17+VeQO2lM+FSIWGC4MloO:C32e7y6QRs2hl+Vp+fFS7GCplP
MD5:F78D81B66ADEA83D6D1296975118389E
SHA1:797048259747C387247DB949863F3C362C6071FB
SHA-256:94006B2F3F3EE09B44CA79A7EF739224351B522992E45B41D3F1F9D976841169
SHA-512:FE8B789A93D1116F8314F32882B9907C0307061A18FE97CFC1AA18B1577BBAFB1F15530102FF48082DC2B1801727C879A96B427FB8ABB6354E1F1E2787EDE100
Malicious:false
Preview:..J..3S...........1829119534~436...-.-$php_module_m8aac6ca34b424da4b0964c7c2eb903e1............Unknown.................................php\gui\UXDatePickerWrapper...4.4$php_module_m8aac6ca34b424da4b0964c7c2eb903e1_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_m8aac6ca34b424da4b0964c7c2eb903e1_class0.....4$php_module_mf7660dbb23fd401ba729a11421b5db38_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime

C:\jar\php\gui\UXFlatButtonWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3860
Entropy (8bit):5.542623763051149
Encrypted:false
SSDEEP:96:kHeeQO2lMxlQ2jeQO2lM+FSIWGC4MloO:kHJldJFS7GCplP
MD5:8373D3D5B03E1193F159C95127E8036A
SHA1:F53D27AED5894F7347225AB3EC146C9013193F50
SHA-256:B6FEAC2824D6E743ACF72CF5A72A8A092BEE2844966FB7E0AA658FC952193DE0
SHA-512:C515469E929F4AE946C9C69AE641602FFADA7A17B3AF9600990DF1B4E18619C12264E965D76235900DA27407F230A6A5C8EC516AF9AFB2DED02CE66FBF9BC3C1
Malicious:false
Preview:..J..3S...........957692379~81...-.-$php_module_m830ae354486c490985cf13d8cd5e3ae5............Unknown.................................php\gui\UXFlatButtonWrapper...4.4$php_module_m830ae354486c490985cf13d8cd5e3ae5_class0...........Unknown......php\gui\UXLabeledWrapper...........................E.......2.N..4$php_module_m830ae354486c490985cf13d8cd5e3ae5_class0.....4$php_module_m4ff03c09298f4ff1ae69e1fc06a6fa42_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXFlatButtonWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.....

C:\jar\php\gui\UXHyperlinkWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3859
Entropy (8bit):5.565630011634397
Encrypted:false
SSDEEP:96:O9tdHeeQO2lMozlQ2B2eQO2lM+FSIWGC4MloO:wH4ldAFS7GCplP
MD5:6A23D0F81B2F72D9B5702506F377986E
SHA1:25D3821949E48B4869940888A3B60F4729E5DA63
SHA-256:8566A7D4C06E6883A140DD6F51C62D23A1FAC0AE278B3F00740FA3600F9DDDB8
SHA-512:DEDA2CFADA162FB900E95CA071257546762470728B640D597AA347BAAF076EA2B82BF1FBC5B4BB5A787DDD01266BEF0433E50ED3C3918CD29E681BC0B747B20B
Malicious:false
Preview:..J..3S...........1817203090~80...-.-$php_module_m4ee6110f5f14468782d03b74209362b9............Unknown.................................php\gui\UXHyperlinkWrapper...4.4$php_module_m4ee6110f5f14468782d03b74209362b9_class0...........Unknown......php\gui\UXLabeledWrapper...........................D.......2.N..4$php_module_m4ee6110f5f14468782d03b74209362b9_class0.....4$php_module_m4ff03c09298f4ff1ae69e1fc06a6fa42_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXHyperlinkWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V......

C:\jar\php\gui\UXImageAreaWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8711
Entropy (8bit):5.886988356766708
Encrypted:false
SSDEEP:192:pyap9W9NdQOml0+uCPRWOEye71p/xFS7GCplP:0apkNKqFXCp
MD5:CD6CCD12229C8145D92FA0915E18E678
SHA1:66DA7E8ACA6191B5B5FEB684B87D7252B9FA57FC
SHA-256:E720048C73524F6A4D643F07C601C1BE898B4195C7F00CF290F81BE042FBD898
SHA-512:7A317245905958B11AF744233DFD1C693DB086F7681A937154FAFBF8E55705A35BA8E0620C2C5FD0F60B257408066616A35272C54BF3584D95075CC4B7FB3464
Malicious:false
Preview:..J..3S...........2096321284~1233...-.-$php_module_m1000127f15574144af7f64e9a1923d28............Unknown.................................php\gui\UXImageAreaWrapper...4.4$php_module_m1000127f15574144af7f64e9a1923d28_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_m1000127f15574144af7f64e9a1923d28_class0.....4$php_module_mf7660dbb23fd401ba729a11421b5db38_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime

C:\jar\php\gui\UXImageViewWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):21976
Entropy (8bit):5.742324669434184
Encrypted:false
SSDEEP:192:Sn8x9c+Wl3kSBQcuEPylhun8xJ4S/1lLkRuE3lxcpGyap9W9NdQBcilaNniI2cvU:0acWSyZyyIaq8ika+japkNCbUkpeCp
MD5:1125A181B54208506606D9895C083615
SHA1:4EA9AF6CA363A5084B10481FFC7DA26FF08113AF
SHA-256:895A77FBCA521955DA1903CB889649D763CF588100D97625FFC20241738AC6FA
SHA-512:4B8A2D6475D294D7C2B0CE846B0BC648CCEDE031C3626D25CCFDAB1CC2F6322AB862D1005AF540BB45B6AE7AFC3651E4BFAE99A3AEF7A4617233793FEDCBBD89
Malicious:false
Preview:..J..3S...........-1007225520~1472...-.-$php_module_m24ef497ebbe0427dae2f6f79f744e15c............Unknown...........6.6$php_module_m24ef497ebbe0427dae2f6f79f744e15c_closure0..................................__invoke......__invoke........)..Unknown...........................2....6$php_module_m24ef497ebbe0427dae2f6f79f744e15c_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\php\gui\UXLabelExWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3852
Entropy (8bit):5.544993237617455
Encrypted:false
SSDEEP:48:kRHHyn25L6EjoOa/AjsgjNKyeEFzxzgT67wqVhlGl0Q2cq/Hyn25L6EjoOa/Ajsr:YyeQO2lM5lQ2geQO2lM+FSIWGC4MloO
MD5:56467495F7EED5CC668AB50956F0929D
SHA1:7A532FD6F2F9F6E8ED9C196FC5AC7D4F3A92DA4D
SHA-256:247E02FD269B734AF6EA6B81CDE295B6B3317077D67948E54D451D2EEBBE1DC5
SHA-512:52594C49C8459802AF5E7CB7218AAA3B5AF2A3DA01A36B0D0E64E46BE03FB840670F9A3E3615E1DD693CA803EEEFDA85231C0A0245590EB8D37715DCF7792205
Malicious:false
Preview:..J..3S...........135578546~76...-.-$php_module_mbc2bcbfe34e34225aedca647b581f149............Unknown.................................php\gui\UXLabelExWrapper...4.4$php_module_mbc2bcbfe34e34225aedca647b581f149_class0...........Unknown......php\gui\UXLabelWrapper...........................B.......2.N..4$php_module_mbc2bcbfe34e34225aedca647b581f149_class0.....4$php_module_mf67901de893d4b48b8650a8a79eae410_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXLabelExWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.............

C:\jar\php\gui\UXLabelWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3852
Entropy (8bit):5.551523382250633
Encrypted:false
SSDEEP:96:z2SzHeeQO2lMH5lQ204eQO2lM+FSIWGC4MloO:z2SzHP5ld00FS7GCplP
MD5:D11F435E4F0FA26BC103868F1111F5A4
SHA1:0245481B80A9C837F0C049D26A91EB5A0D9597C2
SHA-256:4C68D39FFF38EA5D92439601CDA2280AF4145611F2EAEEA0BBCE7925491F401C
SHA-512:1E6D53A211E7BC9E32680B14D408F3141F15123404AC41C826DC4B94D8001C9474ACBCC844CF4FDB9F83B69B38CA2D79E282B248C654E4455004036B3DD9CD11
Malicious:false
Preview:..J..3S...........-1473722300~76...-.-$php_module_mf67901de893d4b48b8650a8a79eae410............Unknown.................................php\gui\UXLabelWrapper...4.4$php_module_mf67901de893d4b48b8650a8a79eae410_class0...........Unknown......php\gui\UXLabeledWrapper...........................@.......2.N..4$php_module_mf67901de893d4b48b8650a8a79eae410_class0.....4$php_module_m4ff03c09298f4ff1ae69e1fc06a6fa42_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXLabelWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.............

C:\jar\php\gui\UXLabeledWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7702
Entropy (8bit):5.749652120316394
Encrypted:false
SSDEEP:192:XwHlmyH9Hwyap5ff8lhBcllWqoMQgFS7GCplP:XwFmyd9apuwlCMQMCp
MD5:85D3A346510FBE747B19813559E34B3C
SHA1:A21C902775B9A561C37D73936F30A2AC85B58B88
SHA-256:AB0154C1272E3A242436E32089F8258962AE74AAB1F1B29A38E97F9974B5D643
SHA-512:6AEBB14A530C7E19FED872EE189AC2B74901097BEE39C31A865D81A9E3E56E9132D27E5F7598240C40B89B6BF2E70BCDF27111484B4043C057F5F6AA29803078
Malicious:false
Preview:..J..3S...........1625070740~621...-.-$php_module_m4ff03c09298f4ff1ae69e1fc06a6fa42............Unknown.................................php\gui\UXLabeledWrapper...4.4$php_module_m4ff03c09298f4ff1ae69e1fc06a6fa42_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_m4ff03c09298f4ff1ae69e1fc06a6fa42_class0.....4$php_module_mf7660dbb23fd401ba729a11421b5db38_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/in

C:\jar\php\gui\UXListViewWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):5933
Entropy (8bit):5.645044595526212
Encrypted:false
SSDEEP:96:j5WeQO2lMB1CD2bQRJrNdZzcNw/NucGlvQ7o2MRiUeQO2lM+FSIWGC4MloO:5y6QRdNpalWonRiQFS7GCplP
MD5:ABE939A9F9622BBDB125C5E3E845B157
SHA1:38A3FAB9DD2A0AD265638C0FB37079AE3B96539A
SHA-256:20BD92134D80B56F9B1A905FEEAB581FC979F9E1F728C85CE922D97007C8263C
SHA-512:D6E61AB15D005E95C4B3C5599B55356F0576CF2E399B26BB2F98F3D5071078067C600A34B7FBE3A1E1EAF3E746C4126A3566144DFFD78972E5E114ECBC6850C7
Malicious:false
Preview:..J..3S...........-89148622~390...-.-$php_module_m8a3bc42977f14114869fe9e1728caa24............Unknown.................................php\gui\UXListViewWrapper...4.4$php_module_m8a3bc42977f14114869fe9e1728caa24_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_m8a3bc42977f14114869fe9e1728caa24_class0.....4$php_module_mf7660dbb23fd401ba729a11421b5db38_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/in

C:\jar\php\gui\UXMaterialDatePickerWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):6004
Entropy (8bit):5.649769736701028
Encrypted:false
SSDEEP:96:a00eQO2lMO1CD2bQRJrNs6NhH/N8/vYPl7x+1lyeQO2lM+FSIWGC4MloO:0y6QRs2celI36FS7GCplP
MD5:E749C6117CB551084FE38750E82EEA6C
SHA1:ADD86250E65CEA0BB425DF0388431896C4B87883
SHA-256:94EE0EE178A0AE39D312719FBB0270A4874818866B7E99FDE610AEA7308C6B0D
SHA-512:B7ABD0CFD3793CC781F2B69900CFE9975874812892621060FB0738A91065364667B964D2AEAC4B307E12D5DF192AF1C0CA8CCDE4F2C655B536451E17C16C3C75
Malicious:false
Preview:..J..3S...........181846397~392...-.-$php_module_m3ab1a18eb9a440d09537d84cb6838d94............Unknown..............................#.#php\gui\UXMaterialDatePickerWrapper...4.4$php_module_m3ab1a18eb9a440d09537d84cb6838d94_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_m3ab1a18eb9a440d09537d84cb6838d94_class0.....4$php_module_mf7660dbb23fd401ba729a11421b5db38_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/

C:\jar\php\gui\UXMaterialTimePickerWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):6142
Entropy (8bit):5.663943548203198
Encrypted:false
SSDEEP:96:RQ0iJeQO2lMT+1CD2bQRJrNs6NhH/NwZy6wPGlbB+oBQx15zKeQO2lM+FSIWGC4Y:my6QRs22ZaGlorSFS7GCplP
MD5:D92CA05573B9AC5F528C53547FE5D963
SHA1:3C32EA50F70ECA98E6C9DA3AC8F76C2E5EFAB53E
SHA-256:2CFDB949681455F55BAB92A5AB58A61929CF90382B28A5246E19E896927D1E98
SHA-512:D316E4C91B4D67A22E4C878AB4765704056370435B87652359B65DF9A2371AA5313013FC5DC1EAACEEB0E6397FD8F5878ADECBC9DA15BAB595B791E9B51E9986
Malicious:false
Preview:..J..3S...........2126226965~454...-.-$php_module_mb6df9185cce94620a1b30df0fc8ecc6b............Unknown..............................#.#php\gui\UXMaterialTimePickerWrapper...4.4$php_module_mb6df9185cce94620a1b30df0fc8ecc6b_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_mb6df9185cce94620a1b30df0fc8ecc6b_class0.....4$php_module_mf7660dbb23fd401ba729a11421b5db38_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp

C:\jar\php\gui\UXNodeWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):69933
Entropy (8bit):5.846771193253326
Encrypted:false
SSDEEP:1536:NDyNerPFgeAWeEnrgJ82nfEgTD0hMHY3iX6111vLWS:NDyNerPFgeAWeEnrgJ8+fEgTDaMHY3Ck
MD5:41F537AADEB85139FE9CD05C89E18148
SHA1:E499540D8BD7BDB2405CEC063A5427CE2335FFBC
SHA-256:BC1D880F594DFE8D66F4C2C1329BBD3F17BE18273D0736BDC298F01DAC6FB409
SHA-512:583D6E6F610FF9D2028D0A1AEFDE76AA2F874D55CD927DB301C4C6DB31A1CC19C2EF6DD9A4B0419266D7D18B57A61BDAFD9F7A2C9065A01BD711D470BD6F5477
Malicious:false
Preview:..J..3S...........247136857~8928...-.-$php_module_mf7660dbb23fd401ba729a11421b5db38............Unknown...........6.6$php_module_mf7660dbb23fd401ba729a11421b5db38_closure0..................................__invoke......__invoke....[......Unknown...........................2.j..6$php_module_mf7660dbb23fd401ba729a11421b5db38_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\php\gui\UXPaginationWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):12157
Entropy (8bit):5.670991840039479
Encrypted:false
SSDEEP:192:lJRwzsCBYBrblmdUPOlwjnFlj9VRy3EYe0qlfEhFS7GCplP:lJRwiPod6OlWp9VR8EYe1+3Cp
MD5:719BCBCBCC3B34BD54DFDC729D06DFB8
SHA1:E62CE0FBEB78D73A61AFCF0F9EF0E0E6C3D37C39
SHA-256:E2FF2F7FE7215A1AD97ADDCEF634466AD1F7379F5AB6784352902E3F2D91801E
SHA-512:AB11A08F42EA6F7DAF4C6EF60D0540A36404FAC5607CCA447DBD60B58CFFB40EF7708C92B49C8DBAF3EC01DA50D9DBF629F99601AF1CAE0917E85B3AB62CC14B
Malicious:false
Preview:..J..3S...........-1841328868~783...-.-$php_module_mba840480940e464f9762b0e5c9b33495............Unknown...........6.6$php_module_mba840480940e464f9762b0e5c9b33495_closure0..................................__invoke......__invoke...........Unknown...................+.......2.x..6$php_module_mba840480940e464f9762b0e5c9b33495_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\php\gui\UXScrollPaneWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17332
Entropy (8bit):5.700310089752387
Encrypted:false
SSDEEP:192:WDnVQNr26lCZNLlWJOncCSlWpuyJWgO6QdSlyxuRy6QRsrFy+qlztVUWhnFS7GCb:8VQNr5cZxoTGdXQR69qNtVNhNCp
MD5:BAF851B42A68332329D2203B428E0169
SHA1:721B5FD4F59FC36713E8F2D06F4F8706CC4BC225
SHA-256:93197AD182DC474E5697472FD3E7A4A2A70AD9D97832EC194601FD7273D96266
SHA-512:CA26E2D9632942AD93DF196E3CA5ABF4616B11464ABF903E7232434EBA65F59C1667EFDD235B81E963B17FAB25CCAD3227E2DF2C4E63609E519D71F3AA25CC26
Malicious:false
Preview:..J..3S...........618239138~1193...-.-$php_module_m62b3c75c208e485d9e39ba714eaa80de............Unknown...........6.6$php_module_m62b3c75c208e485d9e39ba714eaa80de_closure0..................................__invoke......__invoke...........Unknown...................#.......2....6$php_module_m62b3c75c208e485d9e39ba714eaa80de_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\php\gui\UXTabPaneWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8856
Entropy (8bit):5.864860223417986
Encrypted:false
SSDEEP:192:M4nK4dy6QRJwoY23D7kFllbNPN7HFS7GCplP:BJXQR6oVnkvZLZCp
MD5:198F6FD7AE719CA6FEBA16D4348128B9
SHA1:646E956604993332A3A55F7A6CFDB56521403091
SHA-256:9348C7544501F29AEA906FA7FAC38AD2B7823F410E46584B4C72910520A6A353
SHA-512:0A052FAFF2C6147C50C5E3966D4D42E18E95FC33204BB1BDBE7454D4C4BF0DAAA6C5EEB2A72FFFBB8A948E1EF98FB4FC5D20A5A79E6E02398AC59326737A8128
Malicious:false
Preview:..J..3S...........-754547672~1701...-.-$php_module_m2f5f9240b8a94f0b8b4f8d1f2d6f2b76............Unknown.................................php\gui\UXTabPaneWrapper...4.4$php_module_m2f5f9240b8a94f0b8b4f8d1f2d6f2b76_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...........................2.......2.N..4$php_module_m2f5f9240b8a94f0b8b4f8d1f2d6f2b76_class0.....4$php_module_mf7660dbb23fd401ba729a11421b5db38_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/i

C:\jar\php\gui\UXTableViewWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):5992
Entropy (8bit):5.65297554481138
Encrypted:false
SSDEEP:96:tQ0PJeQO2lM8+1CD2bQRJrNs6NNe/exLKJ+vHbDltc+/cSmYeQO2lM+FSIWGC4MN:qy6QRs+KGH/lH/ciFS7GCplP
MD5:F07E6F4C54E85C1639220F7C61526E46
SHA1:03D4BC78E81465A161DFC9A6BFFE05DBBF03BDCB
SHA-256:DF95373D4538C62885C970829396ABDA4AB3E4A23DA6820E820411BBD515B0F4
SHA-512:1E54AAABB975BF56DD43F56934A6E12A4CC5C2392AE54249289F087C998FF98BC33F4D5354DCF73C422C3975D3045080C6548D22FFC3D664581F293C84787D4A
Malicious:false
Preview:..J..3S...........1589161237~495...-.-$php_module_ma5c69ac4bf164e17a7b64bb817c3fe8b............Unknown.................................php\gui\UXTableViewWrapper...4.4$php_module_ma5c69ac4bf164e17a7b64bb817c3fe8b_class0...........Unknown......php\gui\UXNodeWrapper.................................................applyData......applyData$5...........Unknown..............php\gui\UXData...........data........%..Unknown...................................2....4$php_module_ma5c69ac4bf164e17a7b64bb817c3fe8b_class0.....4$php_module_mf7660dbb23fd401ba729a11421b5db38_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/

C:\jar\php\gui\UXTitledPaneWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3861
Entropy (8bit):5.563932955826837
Encrypted:false
SSDEEP:96:UjfHeeQO2lMWtlQ29eQO2lM+FSIWGC4MloO:oH+ldHFS7GCplP
MD5:0A111CCEF529A678CD24F30E272B5F65
SHA1:97BABA787B80F9B2CDCDB4408D1ADE1261C21F67
SHA-256:6F7F6F17F02F6F1EC8E6FEB4D89CD56146007377E9AF8F6939C19D37D6A0512F
SHA-512:F7D5852E4143EF667886EBDE8239C61EDFEC3E46081D4A64D661E05C70ABC1433C9D37F68EFDC7DAE8B690982C277ABE4B13ECE305C9817573857A05E4FF4D63
Malicious:false
Preview:..J..3S...........1132070130~81...-.-$php_module_m059c66012210497580f727564014e4db............Unknown.................................php\gui\UXTitledPaneWrapper...4.4$php_module_m059c66012210497580f727564014e4db_class0...........Unknown......php\gui\UXLabeledWrapper...........................E.......2.N..4$php_module_m059c66012210497580f727564014e4db_class0.....4$php_module_m4ff03c09298f4ff1ae69e1fc06a6fa42_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXTitledPaneWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V....

C:\jar\php\gui\UXToggleButtonWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3865
Entropy (8bit):5.551114283410947
Encrypted:false
SSDEEP:96:LAvAHeeQO2lMhClQ2xneQO2lM+FSIWGC4MloO:LAvAH5Cldx9FS7GCplP
MD5:260107D22248F2887F13C6EB59D2E353
SHA1:8F93680ECEB315E784B1260A3BBE6E52A0FFE03F
SHA-256:8E23B3A61290AB97503C0184C3A590EED95281A308450C5439F9A7E7C2ACF6A9
SHA-512:04427142CFD5F83AEBCFC384AF84A320EA39F3246D2D6AB3E29FA225AC589917BCE4B948823D7141081B89AB5BD85452332F386C29A8AC086E85E186110D3294
Malicious:false
Preview:..J..3S...........-362880672~83...-.-$php_module_m8bde0b6b4c804681ba87da491276fe0e............Unknown.................................php\gui\UXToggleButtonWrapper...4.4$php_module_m8bde0b6b4c804681ba87da491276fe0e_class0...........Unknown......php\gui\UXLabeledWrapper...........................G.......2.N..4$php_module_m8bde0b6b4c804681ba87da491276fe0e_class0.....4$php_module_m4ff03c09298f4ff1ae69e1fc06a6fa42_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...php\gui\UXToggleButtonWrapper......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V

C:\jar\php\gui\UXWebViewWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):20299
Entropy (8bit):5.698341769426825
Encrypted:false
SSDEEP:192:vgfSnlBgX3WLmVN1QL8ilqXpIVTMmlScByLiPLi6jp6clFdomy6QRsY/vcMlwNFF:YfSnYgxgXpIzZLbdomXQR8MCaLCp
MD5:CB2C626C8156CEDF317E35EC560CF6AB
SHA1:C3129362DBD7994DCD482E60B76D5D088E71A027
SHA-256:C893015C3715DCB969719A867E976D4969069726C085A85AB5F699132626C1FE
SHA-512:05EDF8F18D28C1D0E73488BC4DE564CC1C255F4AF86280158009C0071666CAF98DB08C26D9750A2C2D119D31539977A7E1A4042A55EC653CC77671A0D5645F80
Malicious:false
Preview:..J..3S...........-396388753~1407...-.-$php_module_m0fdd5588bbb649ffb50b7485b9b2fa53............Unknown...........6.6$php_module_m0fdd5588bbb649ffb50b7485b9b2fa53_closure0..................................__invoke......__invoke........#..Unknown...........................2....6$php_module_m0fdd5588bbb649ffb50b7485b9b2fa53_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\php\gui\framework\AbstractFactory.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):29780
Entropy (8bit):5.9407025238458315
Encrypted:false
SSDEEP:768:QDsID8MMTMftwvpf61ASOSC/Q2nPI4lp:QootMKapspyAo
MD5:0535986DCB6FF0692D2B8B49493E5C9F
SHA1:B40CDC505A97CD43325238BA8B14E8F824C8751A
SHA-256:DDC7A892B0E8CB17A7ECD97C5D85CF1CAC65356EC80B634C38BA2E99EF7ACC7E
SHA-512:CD0CDA04576BDA5EF28D664630FB59A3ECA4E64C649450FE7901A246FE6DB7BD00CBABC1A81CF71B90FA4D8E990369513C6BD9CFA3D989BFE441F3A4C5F5D995
Malicious:false
Preview:..J..3S...........-1081657529~8128...-.-$php_module_m14c830247f1e4216a081ede1f353a3a5............Unknown...........6.6$php_module_m14c830247f1e4216a081ede1f353a3a5_closure0..................................__invoke......__invoke........ ..Unknown..............php\io\Stream...........stream........1..Unknown..............................php\io\Stream...........stream........1..Unknown...........................2.a..6$php_module_m14c830247f1e4216a081ede1f353a3a5_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environm

C:\jar\php\gui\framework\AbstractForm.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):93476
Entropy (8bit):5.95248307503989
Encrypted:false
SSDEEP:1536:v21YnPrxRFtYtcph3fctg459c+2OpmKlqzSBeuZce4mvBgId:v216DnfYkhPggyc+2O/lqTuz4mvBgId
MD5:67D0D4449E14975D01513828F65B33C9
SHA1:F04FA675A2A5E140204D9ED61A1BD2F11B9C9899
SHA-256:945E60D2604FF646698F1D0F4BECBB468644F4AA8A2C4417859FD2A850BEE60C
SHA-512:51A9C85F9B6E51A61413D782B2C2C25532714F09A74A57EED6FADF9D6CE43F1017000E88A70501EEFEC956A0DB26989A2FC3C50A2F811263E0C27DD75DED6536
Malicious:false
Preview:..J..3S...........-1514365766~23238...-.-$php_module_m01cc42fca55e493692ca0c8b9f446ad7............Unknown...........6.6$php_module_m01cc42fca55e493692ca0c8b9f446ad7_closure0..................................__invoke......__invoke....p......Unknown...................>.......2....6$php_module_m01cc42fca55e493692ca0c8b9f446ad7_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...L

C:\jar\php\gui\framework\AbstractFormArea.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):14262
Entropy (8bit):5.67524190746057
Encrypted:false
SSDEEP:192:k2tYlw6MR8I/8yx0GasgssrZ/7zl6qrMby/2UfATFS7GCplP:BYHMXUyx0rjxtzEqI2OUECp
MD5:2EF3ABB0E4C03C8DA35D5954E61372C5
SHA1:CDD0803136B3C132D3236DC836CC2A192C11954B
SHA-256:5EFB5483CEB7F4012899A48296018C0C1805A58091FD40A118187103E14A47C0
SHA-512:4F510391AD098959CFA64E70691C02DD2CCFD2DB40998D8C4642EB409AED475312AD48A24529A6D43B92249E067DB912C4FED2870A6CE5A56E6677BC4C740B98
Malicious:false
Preview:..J..3S...........284623688~1797...-.-$php_module_m9d1598e140594c43a2c0585ddc4ed515............Unknown...........6.6$php_module_m9d1598e140594c43a2c0585ddc4ed515_closure0..................................__invoke......__invoke....0......Unknown..............php\gui\UXNode...........context....0...+..Unknown...............................id....0...5..Unknown..............................php\gui\UXNode...........context....0...+..Unknown...............................id....0...5..Unknown...........................2....6$php_module_m9d1598e140594c43a2c0585ddc4ed515_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCach

C:\jar\php\gui\framework\AbstractModule.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):25046
Entropy (8bit):5.8163247050741145
Encrypted:false
SSDEEP:384:9kLUdGe/E2lpFB6PKFJRJWv2t+bNw6ung3H1f:9kYdEuzJRJWv2t+xkMf
MD5:5DE35E1C2B7EEC0B1DD0DF07993887E2
SHA1:DF8A65B314872D3E098A0CA346533F10C8C46401
SHA-256:8C31A34EE14EEB573E1C9097D04D7F4ED4CF79A2B3ACD224F3CCC4AA9D0F4C41
SHA-512:C557C8FCACE26ABBDB2CBE1185A3931D15062580E2D79D6F7DD15F6A175B846994118EECE78A8F271919A164F1A60F8E6D07FFBF87CEBE74D44460EFE86C960A
Malicious:false
Preview:..J..3S...........518022837~5899...-.-$php_module_m8f586844b706476f9beaddeac9d5e140............Unknown.............................. . php\gui\framework\AbstractModule...4.4$php_module_m8f586844b706476f9beaddeac9d5e140_class0...........Unknown... . php\gui\framework\AbstractScript...................__behaviourManager...........Unknown....................__scripts....#......Unknown........................__modules....(......Unknown........................singleton....-......Unknown.............".....M.AbstractModule constructor..@param bool $mock.@throws IllegalStateException................................__construct......__construct$14....4......Unknown.......................mock....4... ..Unknown...........false.........................................loadModule......loadModule$15....E......Unknown.........................................loadScript......loadScript$16....n......Unknown........... . php\gui\framework\AbstractScript...........script....n.../..Unknown....................

C:\jar\php\gui\framework\AbstractPrototype.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):5529
Entropy (8bit):5.535859091676469
Encrypted:false
SSDEEP:96:w1eQhCisbeQO2lM60z1Iq4mJ6NgDpYkldVDPrc5PaeQO2lM+FSIWGC4MloO:w1mpmxHllfDPciFS7GCplP
MD5:9E390526DD857FB46D1FB938DE3C51B1
SHA1:77548A2B7E376DD4484A419B5864A8E83A0238C0
SHA-256:AD3D325B27A027621D42915D0EABF3BCBCE7DEFC8B16279C5F5ABDA61E7E57D3
SHA-512:0CAA7C6B01F1578F4EADC48AA13FE2AE39E52ADAD10F0FE1B056321E03DC176D330B26D0D17F6E5D23564BA77B15700DCB195B33073678500BFDB7E5D19DA096
Malicious:false
Preview:..J..3S...........2075653332~439...-.-$php_module_m717b18bcbf344fef9e9247c78fc603d0............Unknown..............................#.#php\gui\framework\AbstractPrototype...4.4$php_module_m717b18bcbf344fef9e9247c78fc603d0_class0...........Unknown.......................@return mixed................................newInstance......newInstance$0...........Unknown.........................................makeInstance......makeInstance$1...........Unknown.........................................bindEvents......bindEvents$2...........Unknown.......................instance........+..Unknown...................................2....4$php_module_m717b18bcbf344fef9e9247c78fc603d0_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,L

C:\jar\php\gui\framework\AbstractScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):19982
Entropy (8bit):5.6990729913078715
Encrypted:false
SSDEEP:384:x7WY2EfM1ppu65LthizmdYP4jgmHnESXgOmJ3RoCp:hon1CsphiydYP4jnHESXoJ7p
MD5:58C055B6332E2B5E60641992D805CB0D
SHA1:9472F3301D9FA14981934101E1B84FF30F661C17
SHA-256:A606FF1F4046E5E03CBFB7D48B26490E1EBE58751135DA44A3C0368BAA55B60C
SHA-512:35C2EDA1648225A1BF29E707221561B1E5FB6E539E460BE201A9FC4026B9DF415476951423F2D94A8176CF4429F8342C0A7A8A6676547D93BF702FC3C3EB8610
Malicious:false
Preview:..J..3S...........652534489~4185...-.-$php_module_m2ce99743e3ea410da5c52ac080395aeb............Unknown...........6.6$php_module_m2ce99743e3ea410da5c52ac080395aeb_closure0..................................__invoke......__invoke....O......Unknown...................P.......2.r..6$php_module_m2ce99743e3ea410da5c52ac080395aeb_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\php\gui\framework\Application.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):53541
Entropy (8bit):5.823941873640488
Encrypted:false
SSDEEP:768:v0Riw6Q4jTMpCyKePcnb/pgSx3g5yPkabYEPey1DZVDwp:sRiw6Q4WCCcDpROE8abl7I
MD5:9055F6431873623AE87D93A27A78DC01
SHA1:2F059DDC2DD54027CE060B93319668581B8C5528
SHA-256:E6E970F7BFAD13CBF4CE03DD645B7A9942AFEA6D5147979B4427BB08FB361439
SHA-512:D368C46B55946D8F098A3B243F6832F73973026F6E99DED07AC30F47A5428DE7499C78A6F3A021F9404F5ECB5C907DECFAB06863E1787F7B420A913C514B20C9
Malicious:false
Preview:..J..3S...........-1731484288~15583...-.-$php_module_m450ed1339a3240a4bd35a1e06075b899............Unknown...........6.6$php_module_m450ed1339a3240a4bd35a1e06075b899_closure0..................................__invoke......__invoke....\......Unknown...........................2....6$php_module_m450ed1339a3240a4bd35a1e06075b899_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...L

C:\jar\php\gui\framework\ApplicationTrait.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):6593
Entropy (8bit):5.5692249758511
Encrypted:false
SSDEEP:96:81iUkExpi6eQO2lMbmis1CD2fKQJ6NGqDI4lWQwP1e7b6YqeQO2lM+FSIWGC4MlP:81ioi/miey5QqDlsy6YyFS7GCplP
MD5:D324577C9F8D06A801EFC986062485B2
SHA1:78B19CE698B60C039B3CFA22BA9EF89D0344904F
SHA-256:17A113C6ED3B2EC7C2B004AE203BC717F2BA6F0D860D63311FD22530FD1DF10B
SHA-512:02BE2EDCA90CC3B5CAE10F3D30A1D8ACEB48F18B4F91F908BA27E2EFAD673932DD019FDE8637878E48E71AEDB3EDC29FA9CFE488848C85B722E4B535D8D972FF
Malicious:false
Preview:..J..3S...........1807178409~897...-.-$php_module_m5c88e86641354712a17bf9a76f8af87f............Unknown.............................."."php\gui\framework\ApplicationTrait...4.4$php_module_m5c88e86641354712a17bf9a76f8af87f_class0...........Unknown.....................X.@param string $name.@return AbstractFactory.@throws \php\lang\IllegalArgumentException................................factory......factory$0...........Unknown.......................name...........Unknown.................H.@return null|AbstractModule.@return-dynamic $package\modules\AppModule................................appModule......appModule$1...........Unknown.........L.@param string $name.@return AbstractForm.@return-dynamic $package\forms\$0................................form......form$2....#......Unknown.......................name....#......Unknown.................#.@param $name.@return AbstractForm................................originForm......originForm$3....,......Unknown.......................name....,......

C:\jar\php\gui\framework\DataUtils.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17645
Entropy (8bit):5.8836729071548435
Encrypted:false
SSDEEP:192:ZMsJ/pwjfBfd9wPHuesCNeh09Zl3sHpCC2ZMGx2PcQ0lkv6BsCCU0WBQFS7GCplP:ZMsJ/pwjfJdtes6xccQ0+WdBcCp
MD5:209C6EE084D990B53D7CFB825A118FE7
SHA1:48D8E4E280687E23F4A890337899D87F550D9B8E
SHA-256:C758247AAF812CFE576ECA776C862CBA47877308C90D6FA8333B8266A3DAF86F
SHA-512:88DA2BE4A7278B73B5A19DD8ADCF98EADFAC2D6EA2989FE0FB8A451AC92336C9AE1D8295DA91EB25B7CA4E541D0B56141ABBAABBD60207AA03D2FCFDFD1BC012
Malicious:false
Preview:..J..3S...........-78606280~6403...-.-$php_module_m6a391e0c4be44a779fe0f4a4fb21776c............Unknown.................................php\gui\framework\DataUtils...4.4$php_module_m6a391e0c4be44a779fe0f4a4fb21776c_class0...........Unknown.....................................................__construct......__construct$0...........Unknown.........................................scanAll......scanAll$1...........Unknown..............php\gui\UXParent...........layout........,..Unknown...............................callback........>..Unknown.................O.@param UXParent $layout.@param callable $callback (array $data, UXNode $node)................................scan......scan$2....8......Unknown..............php\gui\UXParent...........layout....8...)..Unknown...............................callback....8...;..Unknown...................@param UXParent $parent................................cleanup......cleanup$3....U......Unknown..............php\gui\UXParent...........parent....U...,..Un

C:\jar\php\gui\framework\EventBinder.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):21841
Entropy (8bit):5.916035527440903
Encrypted:false
SSDEEP:384:mMYBNAaCSkPxe0SLCZtnUOogjI30Bw7qn/whsBmPGeiHorXfNZdLbvd7vzZdE/1P:mMYkaqxsoU1n0GqnIhsBm+e7DXc9Bp
MD5:58012F1476F0152D60FB0F47928EF4CA
SHA1:3B5D9F098AB2925E2BD6155944F29FDEA5654B0D
SHA-256:326D26A02E4558C53065279F97013C8D96CD1866181B26FE34D3AD2C052969E8
SHA-512:CA63BB7BA35F5C1C5EA81576EAECCA474AE1AD9B0F2AA6E1968215D4F770E5C0F3797C602158116D42695B146478B3FEC421C0B2447F668E4A76F44FF348284B
Malicious:false
Preview:..J..3S...........1704592071~7179...-.-$php_module_m5047413bf0904e01a90c989373898d70............Unknown.................................php\gui\framework\EventBinder...4.4$php_module_m5047413bf0904e01a90c989373898d70_class0...........Unknown.......................context...........Unknown....................handler...."......Unknown....................binds....'......Unknown........................lookup....,......Unknown..................:.EventBinder constructor..@param $context.@param $handler................................__construct......__construct$0....3......Unknown.......................context....3... ..Unknown...............................handler....3...*..Unknown..........null...........@param callable|null $lookup................................setLookup......setLookup$1....>......Unknown.......................lookup....>......Unknown.................2.@return callable[].@throws IllegalStateException................................loadBinds......loadBinds$2....G......Unk

C:\jar\php\gui\framework\GUI.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):9908
Entropy (8bit):5.7510098236596505
Encrypted:false
SSDEEP:192:UQ46KeCIf9TZoMXPsWVlBb3/+g5VwmmzFS7GCplP:blKe5+u0WVrrXnCCp
MD5:BEBD811FCCDA4FC779049A4585503585
SHA1:F601E9229E72D6B91FE7CA0168F61D8AC00E8C9B
SHA-256:425B77B0B70CB3B5EDCBA7C8A1136BA01A8CECA716CD57BB706231B7171BAB9D
SHA-512:81ADB4453CA3FFBB635EAA78406B6695F19172B148DEF769D65FD2A0D88374528C60F704626575001F196007A2EC124353DF7519158873A4BA34C77E88B5975D
Malicious:false
Preview:..J..3S...........-2111447365~2349...-.-$php_module_m9483975b049b4d418e60526cc6ecf86d............Unknown.................................php\gui\framework\GUI...4.4$php_module_m9483975b049b4d418e60526cc6ecf86d_class0...........Unknown.....................F.@param Traversable|array $nodes.@param string $prefix..@return array................................getValues......getValues$0...........Unknown.......................nodes...........Unknown...............................prefix........&..Unknown...................L.@param Traversable|array $nodes.@param array $values.@param string $prefix................................setValues......setValues$1....0......Unknown.......................nodes....0......Unknown...............................values....0...,..Unknown...............................prefix....0...5..Unknown...................;.@param UXNode $node..@return bool|int[]|mixed|null|string................................getValue......getValue$2....B......Unknown..............php\g

C:\jar\php\gui\framework\Instances.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):15251
Entropy (8bit):5.483870178728093
Encrypted:false
SSDEEP:384:1zMtEwphvqpNpz4u2kjBAselQAkUxeV6InwCp:1zMtEKqpNpz4u2kX6Inxp
MD5:3E034E7C840AD0A6FA64CCEDAE6FBB45
SHA1:B82B787FCD501F7D0120223A69DB941A8E4EBDB8
SHA-256:EEECB25D3F4931EE5D221E4F3A86B076DC132CFEFD94BAD163A62A547FA00EE2
SHA-512:F6E825158EBAA16FD73C25E30564B83172071EAC565BCBD6AAD11877CD7D2B630567123B2044958E4F581765010E997FC569157845DE94770577693E78D81CFF
Malicious:false
Preview:..J..3S...........-1164723965~2530...-.-$php_module_m71e6fc2b6cf14fea85bc10b57223b24f............Unknown.................................php\gui\framework\Instances...4.4$php_module_m71e6fc2b6cf14fea85bc10b57223b24f_class0...........Unknown.......................instances...........Unknown........................cur...........Unknown............................@param array $instances................................__construct......__construct$0...........Unknown.......................instances........&..Unknown...................@param $name.@param $value................................__set......__set$1....&......Unknown.......................name....&......Unknown...............................value....&...!..Unknown................. .@param $name.@return Instances................................__get......__get$2....1......Unknown.......................name....1......Unknown................./.@param $name.@param array $args.@return array................................__call......__

C:\jar\php\gui\framework\Preloader.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):18936
Entropy (8bit):5.771815686017141
Encrypted:false
SSDEEP:384:qZdM3r3THSkdCMOJHw3yBO5vymeV9J8/BDNnFCp:kdMb3GkdCMSHf0ReV9JoD1gp
MD5:A3D27FEFF799D1A0527A4F5501486F2E
SHA1:0E6727955FEB9995564C478E9876F69D056D694E
SHA-256:BCF385F303694008CC9A24D20DEA38C22556E3451013A3DAD8AEE654CEFF69B8
SHA-512:F4403A2EBE601C1883F119EBF66B1242A3FB6A099EF606D96E643BCB5F7207C3709201186CC6FB3248B7282473AE119927518F14934A861F5E0E403DAF32A3E4
Malicious:false
Preview:..J..3S...........-306331794~2743...-.-$php_module_mdd2bd76c53ff45d7a4c8052d4e13e3ba............Unknown...........6.6$php_module_mdd2bd76c53ff45d7a4c8052d4e13e3ba_closure0..................................__invoke......__invoke....B......Unknown...........................2....6$php_module_mdd2bd76c53ff45d7a4c8052d4e13e3ba_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\php\gui\framework\ScriptEvent.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7145
Entropy (8bit):5.496815837775924
Encrypted:false
SSDEEP:96:K7KMzrneQO2lMGc0iJx/Naf5NX0ac9N/lTzk+0k7SPkeQO2lM+FSIWGC4MloO:QKMRBiDEHFI/l/kk7MgFS7GCplP
MD5:9BB910268361A6C84F31CDBE2683A047
SHA1:898CAA35B0D0265AAF4E2DB66170D4786ED19857
SHA-256:CFCCE15070D6E7B38CB4790BF2E479E9A02C1D7E232C0EF08F2A1FB4D1E09007
SHA-512:F590B065E61E5685F6027422FC8FA49FF0A2149BA4AD68BE052C9051DB3F31AC7EC6A9203CF1AB602FF0C659E357406CDA0434323D12AE3FF749C3F9BC49FD62
Malicious:false
Preview:..J..3S...........642455018~1071...-.-$php_module_mc6fa11466d38451b92f3d51356417e21............Unknown.................................php\gui\framework\ScriptEvent...4.4$php_module_mc6fa11466d38451b92f3d51356417e21_class0...........Unknown......stdClass...................sender...........Unknown....................target...........Unknown....................usage...........Unknown............................consumed...........Unknown...................L.ScriptEvent constructor..@param AbstractScript $sender.@param null $target................................__construct......__construct$0....%......Unknown........... . php\gui\framework\AbstractScript...........sender....%.../..Unknown..........null.......................target....%...?..Unknown..........null.........................................done......done$1....,......Unknown.........................................isDone......isDone$2....1......Unknown...........Consume event.................................consume......consume

C:\jar\php\gui\framework\StandaloneFactory.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):6551
Entropy (8bit):5.6947094186180935
Encrypted:false
SSDEEP:96:LAM/dV4MLcyeQO2lMUWEkoyDAJpNQ/NpNiOzarlNxIaLxG8eQO2lM+FSIWGC4MlP:r/daMmjAi0O4lPIuxVFS7GCplP
MD5:D01C58208F97AE4026DB29ED4D79D838
SHA1:58A474A5A3E4EF989550232E2A94C15AA5DDA635
SHA-256:4CE3CD506DDC1F0048E8DF39441F94CC71B2F052D28793C218562292D7BD0410
SHA-512:50E0578A2A1EA5B584B2A758B1892D3720F913431D6C0B634582F9B3C6D4EC5C73143E4A4B125C90ACCBB7E3095B8965EF46BA391DE93D50CB892E4E28AE3DBE
Malicious:false
Preview:..J..3S...........-1189001877~795...-.-$php_module_m4b3b284d33514b9fa2a597769f3ca53f............Unknown..............................#.#php\gui\framework\StandaloneFactory...4.4$php_module_m4b3b284d33514b9fa2a597769f3ca53f_class0...........Unknown...!.!php\gui\framework\AbstractFactory...................StandaloneFactory constructor..@param AbstractForm $form.@param $fxmlFile.@param BehaviourManager $manager.@param EventBinder $eventBinder................................__construct......__construct$8...........Unknown..............php\gui\framework\AbstractForm...........form........-..Unknown...............................fxmlFile........4..Unknown...................3.3php\gui\framework\behaviour\custom\BehaviourManager...........manager........P..Unknown......................php\gui\framework\EventBinder...........eventBinder........f..Unknown...........................y.......2....4$php_module_m4b3b284d33514b9fa2a597769f3ca53f_class0.....4$php_module_m14c830247f1e4216a081ede1f353a3a

C:\jar\php\gui\framework\View.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7521
Entropy (8bit):5.805927486162416
Encrypted:false
SSDEEP:96:vhOeQO2lMokonKJ9NEIDwxcN/lQx5cNtelNsuJG6BaUUUUW/B7MK0EneQO2lM+F6:veKT0xYeluu86BHtzFS7GCplP
MD5:401974BE2CE3F05AE2AEBE718241A758
SHA1:061A9151E5E8AFE6146068B9CD3FFAA8D332E57C
SHA-256:B9FD7ED8BD6A5DE1E71F4F74CEEDC29F77A056387A49A2C49C3AB69D3D048557
SHA-512:BC5B17AEF9213113C0B3AEB251D28ECB22D1125A4C23D4FC04C4CF68F09C9173BFEBE72D66E87F1963431EA85331D62E4A76C854E26BE673075523D226CBDA65
Malicious:false
Preview:..J..3S...........1150629622~1387...-.-$php_module_mea4d1bd350a5471e81d009234322a81d............Unknown.................................php\gui\framework\View...4.4$php_module_mea4d1bd350a5471e81d009234322a81d_class0...........Unknown.....................#.@param UXNode $node.@return array................................bounds......bounds$0...........Unknown..............php\gui\UXNode...........node........"..Unknown...................................2....4$php_module_mea4d1bd350a5471e81d009234322a81d_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCall

C:\jar\php\gui\framework\behaviour\PositionableBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2881
Entropy (8bit):5.248350210574815
Encrypted:false
SSDEEP:48:H5UZm4PmtD0/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgj2dR+iGN:Z0m4iZeQO2lM+FSIWGC4MloO
MD5:8D1A55D52463A1DC86BB0A72E40FE8FC
SHA1:64F947B17FC015767E1ACAFE32C5B7C4B04F2954
SHA-256:8E9BEA2B466CCD7B902D2AD29C1E474020CB2BA9BB0EB0957C3A4F06BFEDE17A
SHA-512:FB6671FDFE64DB60E948DC2BF163B034A0EDCD4A5C0567346231F4E1001C0E58CD6186927D1F35BF83BB6B1D4FECDFC58242CD60CC88238E7A4ECB1A6D660311
Malicious:false
Preview:..J..3S...........562918567~345...-.-$php_module_md3e45e3493d948cb8f09f8c3cfb7099e............Unknown..............................1.1php\gui\framework\behaviour\PositionableBehaviour...4.4$php_module_md3e45e3493d948cb8f09f8c3cfb7099e_class0...........Unknown.....................................................getX......getX$0...........Unknown.........................................getY......getY$1...........Unknown.........................................setX......setX$2...........Unknown.......................x...........Unknown.................................................setY......setY$3...........Unknown.......................y...........Unknown.................................................getPosition......getPosition$4...........Unknown.........................................setPosition......setPosition$5...........Unknown.......................xy...........Unknown...........................................2.]..-$php_module_md3e45e3493d948cb8f09f8c3cfb7099e......php/runt

C:\jar\php\gui\framework\behaviour\TextableBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2343
Entropy (8bit):5.498115963952501
Encrypted:false
SSDEEP:48:Z8JclMn/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgj2dR+iGKNQnb:kSreQO2lM+FSIWGC4MloO
MD5:5572BCEAEE667B41E0385DFFD10E24F6
SHA1:EA58F518E797AC68FAA021ED6743B5E47B73D1F0
SHA-256:12A50D558F2828881DEF8393B90C17F3F5FD5FBA6A7A81CBE9AF55916AC4E45A
SHA-512:5FD834423F08EC28D5EB71FE7F153CD9A79DDD77AB175C232CA3951E67DF8D87C73F0DEA176EF7B0BB0DC920CD79B92EDC6A61D3C36EF54297FDBB9422881EFB
Malicious:false
Preview:..J..3S...........-1750278774~213...-.-$php_module_m8d25284c47634843a029c03f05778c6b............Unknown..............................-.-php\gui\framework\behaviour\TextableBehaviour...4.4$php_module_m8d25284c47634843a029c03f05778c6b_class0...........Unknown.....................................................getObjectText......getObjectText$0...........Unknown...................................2.]..-$php_module_m8d25284c47634843a029c03f05778c6b......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL......<init>..D(Lphp/runtime/env/Environment;Lphp/runt

C:\jar\php\gui\framework\behaviour\ValuableBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):2649
Entropy (8bit):5.388902681053661
Encrypted:false
SSDEEP:48:c8J+Emh/Hyn25L6EjoOa/AjsgjNKueEFkaTEqTGUad3qdYcd3dFgj2dR+iGKNQnb:cq+EmIeQO2lM+FSIWGC4MloO
MD5:8A82E96283BDE11EF9333CE0C2E58199
SHA1:D008FD947D1A9198A566554558B87E5278EB3E58
SHA-256:D6F0AD68495888BB0E623CD07BBCAA275F6B91AD75C77F8D59C227BD98CD3C27
SHA-512:B45E61BB7647DBCA7361011F9EFCF48536838437DB433F01B85E9452C1DAED375D0102F9DBD896B0E7F8BBC275E21E1B98B9FA9D4A6287524078F7DAACB85D3B
Malicious:false
Preview:..J..3S...........-1187298460~292...-.-$php_module_m2a54e3bae20247658fbbb559d910e5fb............Unknown..............................-.-php\gui\framework\behaviour\ValuableBehaviour...4.4$php_module_m2a54e3bae20247658fbbb559d910e5fb_class0...........Unknown.....................................................getObjectValue......getObjectValue$0...........Unknown.........................................setObjectValue......setObjectValue$1...........Unknown.......................value...........Unknown.................................................appendObjectValue......appendObjectValue$2...........Unknown.......................value...........Unknown...........................................2.]..-$php_module_m2a54e3bae20247658fbbb559d910e5fb......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_C

C:\jar\php\gui\framework\behaviour\custom\AbstractBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):25841
Entropy (8bit):5.731532406508648
Encrypted:false
SSDEEP:384:4W+K7muM2L5JuGX/DOYOoiQLphgEeu8N1wzgCp:HHmuM27uA/BiQLphet1mBp
MD5:F1E3C865D668E768698019B2BDBC6FE6
SHA1:7508752EC8EE409642B802AC95F991A456250A35
SHA-256:F78AF3D546B1196B38A008E216B17B712D751C5A14E9C2359010D891BBC7DDD7
SHA-512:9D3127DD5F8B260BD7F1051681679626E82AA6503C47B616186633661B4B1511529A7FBC1858205EE6CCA3EBA4A3DD39E21A1474982A6632E20818F4DBEC0520
Malicious:false
Preview:..J..3S...........437964507~5652...-.-$php_module_m774deb115ef046738683c3664d80593b............Unknown...........6.6$php_module_m774deb115ef046738683c3664d80593b_closure0..................................__invoke......__invoke........4..Unknown.......................old........>..Unknown...............................new........D..Unknown.......................................old........>..Unknown...............................new........D..Unknown...................Q.......2.t..6$php_module_m774deb115ef046738683c3664d80593b_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/

C:\jar\php\gui\framework\behaviour\custom\AnimationBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):19619
Entropy (8bit):5.696872088076121
Encrypted:false
SSDEEP:384:ty1/OWML5SLEIr/OQAv0BDZf/PkyuAIjYmo2uCp:8VOvwoaBXnmo2/p
MD5:CE5F0807192F87BB5EE9D6117A58A3E1
SHA1:7D4B679D8B253670895026D06153B151EDDD791C
SHA-256:3CE6B20733886576E54C7BC6F69B6F253818EC12BC1EBC246FD3AF724B5B63A9
SHA-512:24184194B8DCE55413FE4A42D85D2E47F78FB55EF5B30B11F4445DB57887479414E26CAE347A780E9B05FC6FEE74139B125F1A0A6060F73BFF404E4752A06C2E
Malicious:false
Preview:..J..3S...........1855478274~2450...-.-$php_module_m25a5fa58fb3c4e7f81540b5c192d5522............Unknown...........6.6$php_module_m25a5fa58fb3c4e7f81540b5c192d5522_closure0..................................__invoke......__invoke....,...#..Unknown...........................2.o..6$php_module_m25a5fa58fb3c4e7f81540b5c192d5522_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\php\gui\framework\behaviour\custom\BehaviourLoader.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):17858
Entropy (8bit):5.853753346722073
Encrypted:false
SSDEEP:192:oU7FliKKr6ymdNRwF990hU0CUlE8cFOc+CaN8fpwRZMYVvaLFS7GCplP:37FIKKpeXwF9FSqscqbLMYOCp
MD5:B8F451712B00D1C03726D9D813F979E1
SHA1:F17DAB18093DD468070C80F8502ED7F14A39D5FE
SHA-256:73585779CE71408E82A998C36B1BFD611EA6E1D42F4FF33B433A01C11500BCA8
SHA-512:9B11694331B6DB73CCE884CB04DED9C094BA4F46CD0B3366057E9A6CD539BD1F2C50401396FF43218EAA05A61928AEEA899B2EEFFEB21408867F9FCB9AA5C818
Malicious:false
Preview:..J..3S...........1781186620~4402...-.-$php_module_mdba483996389403180d4796907ea6a86............Unknown...........6.6$php_module_mdba483996389403180d4796907ea6a86_closure0..................................__invoke......__invoke....Z...,..Unknown.......................a....Z...6..Unknown...............................b....Z...:..Unknown.......................................a....Z...6..Unknown...............................b....Z...:..Unknown...........................2....6$php_module_mdba483996389403180d4796907ea6a86_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/

C:\jar\php\gui\framework\behaviour\custom\BehaviourManager.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8288
Entropy (8bit):5.714206217140316
Encrypted:false
SSDEEP:192:zA+5mQzC9foWHjpmc6zolXs02tNFDFS7GCplP:8+6foWHAc68dsJPJCp
MD5:FAA306F2259FB19255CB2BC32488DF0C
SHA1:99ED9926EAF2F9532074A67CAD0A42C9F1CCA9A5
SHA-256:D167FB6E1D620F1B1E96975906B17F081D42691CA704CDA32A19FBB03EB8F0CF
SHA-512:7C574664DE41D2A501BD78AFEDD8A9FE7BBC28334B0968B57610C89937674ACEE5C44C1B6375E0C095F6F37B3A6515B52A822D330F48ED1DCBC36C521E2B6705
Malicious:false
Preview:..J..3S...........728623523~1211...-.-$php_module_me03a05a6639148049caae7da02081e40............Unknown..............................3.3php\gui\framework\behaviour\custom\BehaviourManager...4.4$php_module_me03a05a6639148049caae7da02081e40_class0...........Unknown.....................D.@param $targetId.@param AbstractBehaviour $behaviour.@return mixed................................apply......apply$0...........Unknown.......................targetId........#..Unknown...................4.4php\gui\framework\behaviour\custom\AbstractBehaviour...........behaviour........@..Unknown.................7.@param $target.@param $type.@return AbstractBehaviour................................getBehaviour......getBehaviour$1...........Unknown.......................target........!..Unknown...............................type........*..Unknown...........................Y.......2....4$php_module_me03a05a6639148049caae7da02081e40_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...

C:\jar\php\gui\framework\behaviour\custom\EffectBehaviour.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):18166
Entropy (8bit):5.738753367559547
Encrypted:false
SSDEEP:384:fXPmXtUAhkXnM9ihzl6zgFhzvEE+6a15IlWuniLDmzXhwTTsCp:fXP0t/+XnM0hogfDEE015IlHSoXhwTTr
MD5:796E4EFB34DD9BB8D2A6DC56C859F626
SHA1:DC4DDF9E2A045D201C1DC09CF29E2DAE2CC2E745
SHA-256:56907F6CFF2D38E3B1424AA2257DB89ED7EEDF08B6401952B12DEF410D70C2A5
SHA-512:CC0028F9C44985FDF2DAFB8214239A76F0CF511A22B340E4F5B67971717C68BEEADBC813CC67C781035F0EA9FFE7E217808008F163B98354A3EB2B0C76AD912B
Malicious:false
Preview:..J..3S...........-1260466381~2942...-.-$php_module_m84a45a4acf004db9a3fccd37944eb85d............Unknown...........6.6$php_module_m84a45a4acf004db9a3fccd37944eb85d_closure0..................................__invoke......__invoke....(..."..Unknown...........................2.k..6$php_module_m84a45a4acf004db9a3fccd37944eb85d_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lp

C:\jar\php\gui\framework\behaviour\custom\FactoryBehaviourManager.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):8066
Entropy (8bit):5.639309556923194
Encrypted:false
SSDEEP:96:+MFb85WEseQO2lMlq0aJx/N9NDLNEPl714h+laGNpf+xbGlsoqyNu1aJeQO2lM+U:+Ml85D3PaDlWUyOylk0u+FS7GCplP
MD5:132437FE30EFDCC7E993A3C3558B0912
SHA1:03E7583CC8751FEA253B24D8536068783254C589
SHA-256:32EC52A3AE28C3493DEC217270C8E2E3906FA36AB128A361AE9D29EC523C3DBA
SHA-512:8D740164004068E4D2F8DE28A901623EE730069F5D0D0B2F8D4E4A6E9E51394F83AD8D7C62FD9DBF129932E29F315FE354E88EE773E2265FF47E1249E01DFA68
Malicious:false
Preview:..J..3S...........-1752137432~1141...-.-$php_module_mf297c791154249aea90a34c294d3a45f............Unknown..............................:.:php\gui\framework\behaviour\custom\FactoryBehaviourManager...4.4$php_module_mf297c791154249aea90a34c294d3a45f_class0...........Unknown...3.3php\gui\framework\behaviour\custom\BehaviourManager...................factory...........Unknown....................behaviours...........Unknown......................C.FormBehaviourManager constructor..@param AbstractFactory $factory................................__construct......__construct$2...........Unknown...........!.!php\gui\framework\AbstractFactory...........factory........0..Unknown.................................................apply......apply$3....!......Unknown.......................targetId....!......Unknown...................4.4php\gui\framework\behaviour\custom\AbstractBehaviour...........behaviour....!...7..Unknown.................................................applyForInstance......applyForIns

C:\jar\php\gui\framework\behaviour\custom\FormBehaviourManager.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):9649
Entropy (8bit):5.727383990778009
Encrypted:false
SSDEEP:192:NMkS5DdJPdDlud1TlotiDK336Q9lFS7GCplP:NMkSBPdUT9DWqQ9rCp
MD5:70B42638614F06ABE722CBAEC34CD826
SHA1:196135AAF7FB0138AAB08E2B72A191FF8605EE77
SHA-256:167F60D12AA6B32E1D97CB8FE061D978E1B5B5C1A5271D2639408D4A25815D9B
SHA-512:C4358164612BA47A2A342FA27DA9ED15EC5EED6E960FFC2602E3F2F6D5E6432DD57DE6386B7C25C8AEF2E69AAFD04DBC0EC31E19D65DE4BF58FF0611B08B5830
Malicious:false
Preview:..J..3S...........1355316104~1609...-.-$php_module_mae52a2a94a3c46a5b26a19f475696afb............Unknown..............................7.7php\gui\framework\behaviour\custom\FormBehaviourManager...4.4$php_module_mae52a2a94a3c46a5b26a19f475696afb_class0...........Unknown...3.3php\gui\framework\behaviour\custom\BehaviourManager...................form...........Unknown....................behaviours...........Unknown......................=.FormBehaviourManager constructor..@param AbstractForm $form................................__construct......__construct$2...........Unknown..............php\gui\framework\AbstractForm...........form........-..Unknown.................................................apply......apply$3...."......Unknown.......................targetId...."......Unknown...................4.4php\gui\framework\behaviour\custom\AbstractBehaviour...........behaviour...."...7..Unknown.................................................applyForInstance......applyForInstance$4....4......U

C:\jar\php\gui\framework\behaviour\custom\ModuleBehaviourManager.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):7834
Entropy (8bit):5.69497987905163
Encrypted:false
SSDEEP:192:hPMlUa5Dn8PZDl9qfnsQI/rlmiFMFS7GCplP:hPMlUat8PZfqUP/rAKICp
MD5:5184EBFA2B9EBD54EB7B473F24708C6B
SHA1:94E3025DF478DAD26DE6DF2B000D6FA6F5BC1A3F
SHA-256:9788D436809CDEB3E9B8B5BAC99E088066967C899F27F3FD149E3F2DB5091399
SHA-512:78115ECDF377B7614AABF971E75125F062ABE0110D78CFA55E3627E68EA92F9C4DDE22FE4141033A2B900E987AD912EFA7F75811CC0861D538DB4C737C325C39
Malicious:false
Preview:..J..3S...........-1140026310~1006...-.-$php_module_maa75c2d255c14806ae75b8b13bc0f0fe............Unknown..............................9.9php\gui\framework\behaviour\custom\ModuleBehaviourManager...4.4$php_module_maa75c2d255c14806ae75b8b13bc0f0fe_class0...........Unknown...3.3php\gui\framework\behaviour\custom\BehaviourManager...................module...........Unknown..................C.ModuleBehaviourManager constructor..@param AbstractModule $module................................__construct......__construct$2...........Unknown........... . php\gui\framework\AbstractModule...........module......../..Unknown.................................................apply......apply$3...........Unknown.......................targetId...........Unknown...................4.4php\gui\framework\behaviour\custom\AbstractBehaviour...........behaviour........7..Unknown...........................w.......2....4$php_module_maa75c2d255c14806ae75b8b13bc0f0fe_class0.....4$php_module_me03a05a6639148049caae7da02

C:\jar\php\gui\framework\event\AbstractEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4380
Entropy (8bit):5.500443512370762
Encrypted:false
SSDEEP:96:HDZdj+geQO2lMseSPMlZxjeQO2lM+FSIWGC4MloO:jZdj+KelxFS7GCplP
MD5:826FF601CB2EE82E972A23B07A62BE87
SHA1:DFBC054533145CE6B05AC9529B7F73BE972FEF44
SHA-256:424EF4C38DE38177C29765C3C774E4341418CEC42EBD8849A55666813002CAB0
SHA-512:37529ACF15F679508D4F198553095B425201564C75C896B172AE1D70D6DD3C56B8B6AE4D093B6DABC5178D392DD8CE673BCF541375F7035413FE983201711BF4
Malicious:false
Preview:..J..3S...........-172470994~272...-.-$php_module_m6bd0d4c881a846e6bfd0141808f85c29............Unknown..............................,.,php\gui\framework\event\AbstractEventAdapter...4.4$php_module_m6bd0d4c881a846e6bfd0141808f85c29_class0...........Unknown.....................M.@param $node.@param callable $handler.@param string $param.@return callable................................adapt......adapt$0...........Unknown.......................node........#..Unknown...............................handler........3..Unknown...............................param........=..Unknown...................................2.U..4$php_module_m6bd0d4c881a846e6bfd0141808f85c29_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/i

C:\jar\php\gui\framework\event\AbstractEventType.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):4364
Entropy (8bit):5.499799540126558
Encrypted:false
SSDEEP:96:Gsvxu9AeQO2lMMSPMlZxWeQO2lM+FSIWGC4MloO:1vI9+l2FS7GCplP
MD5:3A63CD9B05B8D0D7147759839C7CF71B
SHA1:4B23C4BCC7794513605AA048F27831F2C9B54D28
SHA-256:37162BF7DD72A23B6DF07BAA3C2384C56A47FC4DAAABF4CDEC48DC6032E52F98
SHA-512:9CF40606B905461A22A95E1486BC4AA2652658A2021921132201703EE87F8C2A2E3AFF7BABF1123596BA7A74CFD4B4CB65B6382BB6DE02A86921700B8AA7D718
Malicious:false
Preview:..J..3S...........-1857457545~331...-.-$php_module_ma6197b53926f499a9f557f861ce2a4ec............Unknown..............................).)php\gui\framework\event\AbstractEventType...4.4$php_module_ma6197b53926f499a9f557f861ce2a4ec_class0...........Unknown.....................D.@param $event.@param callable $handler.@param $group.@return mixed................................bind......bind$0...........Unknown.......................event........"..Unknown...............................handler........3..Unknown...............................group........=..Unknown...................................2.U..4$php_module_ma6197b53926f499a9f557f861ce2a4ec_class0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/

C:\jar\php\gui\framework\event\ClickEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3909
Entropy (8bit):5.55406529069976
Encrypted:false
SSDEEP:96:hueeQO2lMP3xlQ2AYeQO2lM+FSIWGC4MloO:huX3xldFFS7GCplP
MD5:7325A01A0E455532D5F973B75C6DEBC9
SHA1:829BB274F60FBB9EF2C28C408B38098AD2653621
SHA-256:B3A2C9D2C04B9DEE86CBE9B9E9C854D3B4F1F7EA79330F903FA253C85FAC31A9
SHA-512:601B6C92687B74F91B206A19CAF91ADC2CE640E89D1A67270A5C9BDCD8296E6BD614CD425308E56B7B974F175EF7432576125E8BBF0D411C192DC3B06DE45BF7
Malicious:false
Preview:..J..3S...........22594538~101...-.-$php_module_mb25db95a6c1a42c689c96037a27b172f............Unknown..............................).)php\gui\framework\event\ClickEventAdapter...4.4$php_module_mb25db95a6c1a42c689c96037a27b172f_class0...........Unknown...-.-php\gui\framework\event\MousedownEventAdapter...........................S.......2.N..4$php_module_mb25db95a6c1a42c689c96037a27b172f_class0.....4$php_module_m57c4be4be35d48098bef380b0630c8d2_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL..)php\gui\framework\event\ClickEventAdapter......<init>..D(Lphp/runtime/env/Enviro

C:\jar\php\gui\framework\event\KeydownEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):34815
Entropy (8bit):5.709197010380863
Encrypted:false
SSDEEP:384:VB/bbqvIR08z9cN8zniNUpeyVWt0ySEyyJHX9zI7rnCp:z/bbqvB8B88uaEyV5ySjyNtyOp
MD5:5A73375B4062B991D9B994F2EEB4F842
SHA1:E4FAF5B484AE42D8E282AD00CF7B091FB8FC8BFE
SHA-256:02F0DA84782D75283815C0C12200A24842F2D863BA1833AB3A42B1029E46B838
SHA-512:6472F9B37AA658BFCC0A3012E380E3F7C32DE5DE3F6BA8D00138C136D898DEB1FFA25ECE34F5745A1096979D3886E3097DEC4B04C809542B215618E81C38FAF2
Malicious:false
Preview:..J..3S...........1504338311~3753...-.-$php_module_m43573b06279d46bc9bf5197bb993292c............Unknown...........6.6$php_module_m43573b06279d46bc9bf5197bb993292c_closure0..................................__invoke......__invoke....+......Unknown..............php\gui\event\UXKeyEvent...........event....+...,..Unknown..............................php\gui\event\UXKeyEvent...........event....+...,..Unknown...........................2....6$php_module_m43573b06279d46bc9bf5197bb993292c_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/r

C:\jar\php\gui\framework\event\KeyupEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3907
Entropy (8bit):5.551884937913484
Encrypted:false
SSDEEP:96:onMXeQO2lM5qSlQ273eQO2lM+FSIWGC4MloO:+lldBFS7GCplP
MD5:8A8419822A8C8C6ABE0D0D3F3A96462E
SHA1:2586858D0912A90B63CAB1CF8097FBBE974D27CC
SHA-256:BA6CF4EAF3B383C970D707BA42CECFC50D6DC3AE0378E4767134CD419EEF3FA2
SHA-512:D99F29418D3F3E7E7CA5C8EF54FE43DAC25AE4C90A5C8683081D401078A2B8623EFE3629DCEECD1738D83DB426D4616A3104475ACC5E57151F0093414BD248B1
Malicious:false
Preview:..J..3S...........187729494~99...-.-$php_module_mcf42b677661e4a46877debc949a537f1............Unknown..............................).)php\gui\framework\event\KeyupEventAdapter...4.4$php_module_mcf42b677661e4a46877debc949a537f1_class0...........Unknown...+.+php\gui\framework\event\KeydownEventAdapter...........................S.......2.N..4$php_module_mcf42b677661e4a46877debc949a537f1_class0.....4$php_module_m43573b06279d46bc9bf5197bb993292c_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL..)php\gui\framework\event\KeyupEventAdapter......<init>..D(Lphp/runtime/env/Environm

C:\jar\php\gui\framework\event\MousedownEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):21702
Entropy (8bit):5.623007020068624
Encrypted:false
SSDEEP:192:TYf7nK4Tplq+0isdp7nK/Trl9BS82j7gKltldKxjf7gK7zlw/WE67gK7xlfYWvi3:74FTJv/nuPkXlFW0TXlCp
MD5:E5AD41425BF9A1AC7B5C8739BDD0B773
SHA1:E353649C5E4893F534A0FA4A9CE33E3B2BB8F47B
SHA-256:799F4F32C178C62A4B6964A0C2F7352E808FB99AE3CFC2B58A54AFDDB9903290
SHA-512:26C17FB5362B56788F9E045AC96095EAC20CE0CCDB027722C94AB42A71F006B1988D4544F9A7E806B72B25FB97B57F69EE455500F234DC08B333354658923C32
Malicious:false
Preview:..J..3S...........-739127059~1610...-.-$php_module_m57c4be4be35d48098bef380b0630c8d2............Unknown...........6.6$php_module_m57c4be4be35d48098bef380b0630c8d2_closure0..................................__invoke......__invoke...........Unknown..............php\gui\event\UXMouseEvent...........event...........Unknown..............................php\gui\event\UXMouseEvent...........event...........Unknown...........................2....6$php_module_m57c4be4be35d48098bef380b0630c8d2_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lp

C:\jar\php\gui\framework\event\MouseupEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):3914
Entropy (8bit):5.551310089331633
Encrypted:false
SSDEEP:96:l6rIeeQO2lMvc3lQ2ByeQO2lM+FSIWGC4MloO:l6rIXc3ldB6FS7GCplP
MD5:FFAA47075DCB71DF7868E1530584D26A
SHA1:1A15C95233FE8E968450E3AE250CB04BA04322AB
SHA-256:6D7D38FB65352BFA8A48856E51BBEC6128346360EB279BAED1974FD7253CC587
SHA-512:DCAC01025E4C1F83209439D705DFF182BB31C00929274175524853B5A325584B824FDBD2FD00EDF7FE7F8794E2DB799BA3E906F42A0FD3280FC8271AE911700A
Malicious:false
Preview:..J..3S...........236205538~103...-.-$php_module_m6055cb9247fc40d7b0b7a94f0abd00b7............Unknown..............................+.+php\gui\framework\event\MouseupEventAdapter...4.4$php_module_m6055cb9247fc40d7b0b7a94f0abd00b7_class0...........Unknown...-.-php\gui\framework\event\MousedownEventAdapter...........................U.......2.N..4$php_module_m6055cb9247fc40d7b0b7a94f0abd00b7_class0.....4$php_module_m57c4be4be35d48098bef380b0630c8d2_class0......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL..+php\gui\framework\event\MouseupEventAdapter......<init>..D(Lphp/runtime/env/E

C:\jar\php\gui\framework\event\ScrollEventAdapter.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):22196
Entropy (8bit):5.636586284164544
Encrypted:false
SSDEEP:384:YZ7ztD3352OzJSx4JLtMJUx4NLAH5SCp:YZfV33crx4JLLx4Na5bp
MD5:052BB91F3DC1A89C70BED267D604A39E
SHA1:12BAB3CDFAAF3A9421A7949E534701743B6314A4
SHA-256:F05555D625D41C7D03DFF32C0558FD16A1EA883D3FE21C7F6D0255928ADE986E
SHA-512:84235008E53B01EB4655F800758740DB45D14E78CF03CC7620BCD3B494E76658F42006C4C944C6DD9C5CBAE8D6C095F8D9F712DF9EEF2B871AADC181A4ADF345
Malicious:false
Preview:..J..3S...........-293439028~1744...-.-$php_module_m4c778ef8636b4443aff79a2d8eb09bfa............Unknown...........6.6$php_module_m4c778ef8636b4443aff79a2d8eb09bfa_closure0..................................__invoke......__invoke...........Unknown..............php\gui\event\UXScrollEvent...........event......../..Unknown..............................php\gui\event\UXScrollEvent...........event......../..Unknown...........................2....6$php_module_m4c778ef8636b4443aff79a2d8eb09bfa_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(

C:\jar\php\gui\framework\functions.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):48359
Entropy (8bit):5.663538349169591
Encrypted:false
SSDEEP:768:qMfePeOfM0l7zbyk6YQRezA3EOd+/k2Mp:qMf4egMcbyk3EezqEOd+s2E
MD5:455C93CEEB209CC215C7F39221DD6B21
SHA1:458A35FCDFEBD456727F3A2E28D6FE3E5EA4ED03
SHA-256:138D1160C64A2F0D4DF73E303E0722035613EDAC6A7A472A9D7D351F9C71C535
SHA-512:8833D68932590FCD5D2EB1E7CD24F304C1F37BCD049710BAD2FA3996D4E5154E60E58E111E64FB8B15AF2223A4A78E376DB438111467A5EB3FC3C00E141DECD0
Malicious:false
Preview:..J..3S...........-620545250~4217...-.-$php_module_m88efc49d814c436fba2e0f5f0b6b08dc............Unknown.......................app...3.3$php_module_m88efc49d814c436fba2e0f5f0b6b08dc_func0............................Unknown...............2.r..3$php_module_m88efc49d814c436fba2e0f5f0b6b08dc_func0......php/runtime/lang/BaseObject......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...$CL...app......<init>..D(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;)V.............~this...Lnull;...~env...Lphp/runtime/env/Environment;...~class...__invoke..H(Lphp/runtime/env/Environment;[

C:\jar\php\gui\layout\UXFragmentPaneWrapper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):12907
Entropy (8bit):5.786378387368849
Encrypted:false
SSDEEP:192:L6RFx5Ek/QlDdMqvUyy6QRswOxB5l0T1E/FS7GCplP:eRvv/QxBv7XQRTW56T1yCp
MD5:EB6F1116CDB52DCDF3070F85374614C9
SHA1:EBA760F64C1378044AF9AF239CA168E673237683
SHA-256:AB664EE69F24C196E047858BA0383FEB80F2DD2E2174A1A84A74B66D73392666
SHA-512:C7472D51F0B49F3137178976B4C611A9003B264C23EF4476D7994D54A8B053A89835835B5918D43184A07B2D2B3F597FB69BECFDA00AA8ABAA139C6052C6F0F7
Malicious:false
Preview:..J..3S...........1828757610~1622...-.-$php_module_mbccb0b8a12f14b86abc45a4d9b6fc41a............Unknown...........6.6$php_module_mbccb0b8a12f14b86abc45a4d9b6fc41a_closure0..................................__invoke......__invoke........1..Unknown.......................value........;..Unknown.......................................value........;..Unknown...................5.......2....6$php_module_mbccb0b8a12f14b86abc45a4d9b6fc41a_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/Class

C:\jar\script\DirectoryChooserScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):16896
Entropy (8bit):5.768758621881189
Encrypted:false
SSDEEP:192:2GA3lskKbD4KGsLucXYSnguFtTubcQHPpielHYzsYKs6IjpJEkuD3JJXMDY/o01S:302knKGshnfIxiecExzx/+Z
MD5:D8FA3B9FC6514B28A2021C77B00A2A90
SHA1:DADA967C49B284EF58259977DA94E278C325F625
SHA-256:4AC81DF1C75ABE3BCD14A00846A887B5788CE303C58601243434D26BDDB28514
SHA-512:C49FB4E3AD93AEEABF7983473AC0DED26387B396F57F63DC925F7DEE3D291F541D55A0BD83440B94103D983A0EF9631671A5ECD2EBA9FC34F13FD447CDE8F637
Malicious:false
Preview:..J..3S...........27769203~2078...-.-$php_module_m9c46abf740cd4f93bee957a4de3c5b38............Unknown...........6.6$php_module_m9c46abf740cd4f93bee957a4de3c5b38_closure0..................................__invoke......__invoke....e...,..Unknown...........................2.k..6$php_module_m9c46abf740cd4f93bee957a4de3c5b38_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp/

C:\jar\script\FileChooserScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):22308
Entropy (8bit):5.820583978079675
Encrypted:false
SSDEEP:384:spYiekwJsnKPAiPoEzN1wZeKHqJN8+lf5b0C:riekwJmjMom1/ua8Ef5b0C
MD5:0F842300F9C880BD479A17B74302CB05
SHA1:87E8F7FECBF7D269FB44E3FCCB7755076CD66781
SHA-256:2F469D62D55478B8DBB606FFDC0E2018F14E52C301C200A9B3C3A55D2C2E818C
SHA-512:6A44E108935C4FC15448155AC270012180BC7A300B5625168F321CF7112A68F64DB573214008A08AB0002EE7AFC4C1D05E5B182520EF911C8E1504C23A7B4441
Malicious:false
Preview:..J..3S...........-958029419~4047...-.-$php_module_m1345b96b13304733848c1f730c3b9969............Unknown...........6.6$php_module_m1345b96b13304733848c1f730c3b9969_closure0..................................__invoke......__invoke........,..Unknown...........................2.k..6$php_module_m1345b96b13304733848c1f730c3b9969_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

C:\jar\script\FileScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):28722
Entropy (8bit):5.764255488167005
Encrypted:false
SSDEEP:384:LJmmR4mfrsf0oJJxrqVZeIu0/pe6xNeP8FCp:ViwfohrqVzH/9xNg8gp
MD5:348637DF46C7F410C75E714D22D2BFFF
SHA1:E59FBEDF043514C296B1A47EE49BA576A2512409
SHA-256:EC014244464B473C746AFE7D150C7B8A4DAB72C90701301D7B80AA4EC03EE2AF
SHA-512:62614646457C9720379BEC67B6CB710E9B93376A702090F551CAEA9CF7FB0E2BF43CCF666D78DD6F92E0B3AE6A094E935D9BCB1AD8AFE5B9A92B31D160529954
Malicious:false
Preview:..J..3S...........206343712~4622...-.-$php_module_m0fdb849e7b674a83a85175b233b24c44............Unknown...........6.6$php_module_m0fdb849e7b674a83a85175b233b24c44_closure0..................................__invoke......__invoke....C... ..Unknown...................K.......2.r..6$php_module_m0fdb849e7b674a83a85175b233b24c44_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\script\HotKeyScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):12393
Entropy (8bit):5.8354096921285725
Encrypted:false
SSDEEP:192:+PkeD8lxlb/j5+YEatwG2jkGcGUflMIghesgFSXliX:+Pkq87t5+YEkacGwiI8espMX
MD5:F6650FE0F4AEFDC0601CFFD81A66AEDD
SHA1:37F7BFE42B782E9F75E16E8AE0E4123CD9B5864F
SHA-256:1ABB7046AAC6B1A7FBA2EA8D94C5F418D0E528EB2D4653CD36082FB853A42E19
SHA-512:847A643A135EA7572E5E0C68EDC839ACC445109ADAC31E7AEA70CC68C3325D642E101EC9A3AD5C3A3126454CE244DC7C727E2D99B952CC17855A547F7A97A649
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.hotkey.HotKeyBundle\script\HotKeyScript.php...-.-$php_module_m1b88c2a5eeeb4879a125989edc5418f6............Unknown...........6.6$php_module_m1b88c2a5eeeb4879a125989edc5418f6_closure0..................................__invoke......__invoke....G...-..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.hotkey.HotKeyBundle\script\HotKeyScript.php...........................2.v..6$php_module_m1b88c2a5eeeb4879a125989edc5418f6_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.hotkey.HotKeyBundle\script\HotKeyScript.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lp

C:\jar\script\JsoupScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):48714
Entropy (8bit):5.99910622491254
Encrypted:false
SSDEEP:768:8vvDg+nlMl5zbLLJiUDGrQTAEcUNJBra5s:8vvDg+lCbLtFDAQTAEcUNJY5s
MD5:B043EFDD68468814478ED8FC613F2FD5
SHA1:35ACE22BBD2BF54BC8B66F089EF52E3412B67827
SHA-256:3794556BD1DF1F05B9B3777467EEC1982157E1D376E80ED3541C17075E17C533
SHA-512:75B1E47C054F047FEC24D35CFBF52FCABCDA8EA4EE3EE946F860CD50EC05CB92D18AD5FA4650FD160EA8EFC8442C99E043480777F73684C43B73CA8E6C2C31F5
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jsoup.JsoupBundle\script\JsoupScript.php...-.-$php_module_m1ad7eff3e5b24adf8e343eb863176634............Unknown...........6.6$php_module_m1ad7eff3e5b24adf8e343eb863176634_closure0..................................__invoke......__invoke...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jsoup.JsoupBundle\script\JsoupScript.php...................P.......2....6$php_module_m1ad7eff3e5b24adf8e343eb863176634_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.jsoup.JsoupBundle\script\JsoupScript.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtim

C:\jar\script\MacroScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):22235
Entropy (8bit):5.773354697452554
Encrypted:false
SSDEEP:192:ronEQBLcolM8VbP5fl5QWzP5vlVQS7EDeK4oZwlqYK4zT3gVr3ZZilKpXilEOpI4:knEs71hNN1xttbzTgZreNABCp
MD5:580041187AD7367238BBCBEF69A558DA
SHA1:AFA409D9589F0C827B194C8865BA5D11CF5E3C6F
SHA-256:8007C7FC9A90C6F2B5E9336B156163270F9E958332C672D1805C2D4BDBC50877
SHA-512:CF44FC968A61EF8FB436A771C6920C95A509847BB80951C9CBA7B32AB8576F10AA3856D837FDD02ECF172E8D10182C8E9562CE1D80CBA1B98F746185BDA4E4EC
Malicious:false
Preview:..J..3S...........-33397036~3218...-.-$php_module_mb3514af8aeb84a62a2fbebfb29bf78b3............Unknown...........6.6$php_module_mb3514af8aeb84a62a2fbebfb29bf78b3_closure0..................................__invoke......__invoke....d......Unknown...........................2....6$php_module_mb3514af8aeb84a62a2fbebfb29bf78b3_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\script\MailScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):31091
Entropy (8bit):5.9522321291899365
Encrypted:false
SSDEEP:384:Z1LW6DlMnx+jFEuHQBqjpqLef232gLHYcfT9ZRV8VsArSGMX:L7BexaEuw8aw23/HhRZR2Vs2SGs
MD5:953BB72CD594E586678952515EB04722
SHA1:131561D55EB32CD587A745CF9FC8C3B1BED9D049
SHA-256:6BFAA81CFB9B67F0BA3975EB1F4EE12255E93604E89F5F513D547AAD51FB8970
SHA-512:B1D811321F65C526D11105CFE657C4C9D7D41D20523085DBB11F2020FC7EA964B8D5F7EE73E8E41775A0777C05FE5AEE59626971DAE8072458FDD6C6650C67D6
Malicious:false
Preview:..J..3S........}..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.mail.MailBundle\script\MailScript.php...-.-$php_module_m54f74b814c1d4856af9275fd875364fa............Unknown...........6.6$php_module_m54f74b814c1d4856af9275fd875364fa_closure0..................................__invoke......__invoke...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.mail.MailBundle\script\MailScript.php...................N.......2....6$php_module_m54f74b814c1d4856af9275fd875364fa_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.mail.MailBundle\script\MailScript.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/

C:\jar\script\MediaPlayerScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):37739
Entropy (8bit):5.725376413543266
Encrypted:false
SSDEEP:384:sLsTHyOFOkzN78Fd7y+C9v77mK1V+PbcvE20Sqf7zKZIwa22LqQSJKPT4B5IIstr:enOFOkR7S9aBvJsTb1Ue4B5IIGnr
MD5:A09E3AF0FB1F3780B7AD0E9971D1A592
SHA1:FC65D4FF2929CADF1B0B9B6BAF5010F978A58CD3
SHA-256:46185925FF844A682EEE6165326961A1D828A304A7B7F4367DEB1DE320725C75
SHA-512:242D27228D972604A24A11B9ACE3E34A0CD395A0B35DC94DB6AB038B52CA4747381BCAF7A7C5D297A909A67CB51D06140D27745C4B7D96B61CD10FD2F7A71FC4
Malicious:false
Preview:..J..3S...........441929738~8876...-.-$php_module_mb29ecaa9827a44959db19227acba428d............Unknown...........6.6$php_module_mb29ecaa9827a44959db19227acba428d_closure0..................................__invoke......__invoke....`...5..Unknown...........................2.m..6$php_module_mb29ecaa9827a44959db19227acba428d_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lphp

C:\jar\script\PrinterScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):13840
Entropy (8bit):5.835876089449861
Encrypted:false
SSDEEP:192:H8gxhk4UQVLwn7DOS93gXIjRzZrr+d8ypYbp1xlmq1Q/UCX+Q8AXMGROFS7GCplP:cgxhk1QVA7rdRxmK1xIX8YQA8GoCp
MD5:53F1B38B0BBC49CFD371E0FF8EDF8B75
SHA1:51A3AFD79278E51797E7FEA432A931CDD18600FD
SHA-256:0274CB2511C8F9074BF1A2E403CF6EF436C161F30D58D41BF6A185E7B0650677
SHA-512:21BD767906256E37ED06610C9071D5901995EE7DACE7C49548434A534E0BF80ED28DF8E37012BFD53A94DE8CF38BD82A883DCAF206C94A843682838F14DDE956
Malicious:false
Preview:..J..3S...........-1944139242~4645...-.-$php_module_m88a2dd0d2b9046d1b1a41c6319516282............Unknown.................................script\PrinterScript...4.4$php_module_m88a2dd0d2b9046d1b1a41c6319516282_class0...........Unknown... . php\gui\framework\AbstractScript...................printerName...........Unknown....................dialogEnabled....#......Unknown.....................jobName....(......Unknown.......Printer Job...............copies....-......Unknown............................printColor....6......Unknown.......DEFAULT...............printQuality....?......Unknown.......DEFAULT...............printSides....H......Unknown.......DEFAULT...............lastPrinterJob....M......Unknown....................RobotScript constructor.................................__construct......__construct$14....R......Unknown...........@param $target.@return mixed................................applyImpl......applyImpl$15....Z......Unknown.......................target....Z...!..Unknown......

C:\jar\script\RobotScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):16471
Entropy (8bit):5.650032513710323
Encrypted:false
SSDEEP:192:E0kogC2LbAKF2kgstb0kePlABK5kCrJ9G9j9wd8s4tmvyRNglABhFS7GCplP:E0k9C40KkIROi45kk4BRe+3Cp
MD5:1D822597630B9A307C37DA449A866935
SHA1:F4A6B4A057EDE1BF16989ED24341EEF48DE9B26D
SHA-256:B5BF9220BD5F35B286B096C188E267FA9349DBAD9D9CFBD97458E10D138AAB79
SHA-512:82214BE8E264BE78A7124EA4D324388ED4011551629D01F128FEEA815B13343404DB23EF6E2739BB26D0860A59569109E437BD1FF850CBC93F0D3FD5AC3DFB1C
Malicious:false
Preview:..J..3S...........-197591762~3565...-.-$php_module_m71775a77259041ada5c134a0c685bb23............Unknown.................................script\RobotScript...4.4$php_module_m71775a77259041ada5c134a0c685bb23_class0...........Unknown... . php\gui\framework\AbstractScript...................robot...........Unknown............!.......RobotScript constructor.................................__construct......__construct$14...........Unknown...........@param $target.@return mixed................................applyImpl......applyImpl$15....'......Unknown.......................target....'...!..Unknown.................................................getX......getX$16....0......Unknown.........................................getY......getY$17....5......Unknown.........................................setX......setX$18....:......Unknown.......................x....:......Unknown.................................................setY......setY$19....?......Unknown.......................y....?......Unkno

C:\jar\script\ScoreScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):20660
Entropy (8bit):5.678137657419637
Encrypted:false
SSDEEP:192:TJy4vn5PCl9uy4gnlm8PwAX3C6PsD2cwfE8W2lwecuMHk2PNU1FS7GCplP:AoPCfdUGnFs7yi1HwCp
MD5:2976D44CD076B2535976EAC1776E530F
SHA1:BFCF5A2EEB4A1AAFF1D99136710D72BA77E4FF8D
SHA-256:5CCD6C7CFCF4B10560F37E63E5DB136A1CFB23EA47999A01F63EEADAABD93C4E
SHA-512:E61D0BFD5B4F68F42409D1110A1133E4D0842C1AA72DAC9078AB345377337D997BA6D864E042416A3C90BA1B8EC139096C2E31929E3FFE97905DB66F7EB0522B
Malicious:false
Preview:..J..3S...........2104900453~2913...-.-$php_module_m65b34e6fb43b4145bb4040e3aea9c449............Unknown...........6.6$php_module_m65b34e6fb43b4145bb4040e3aea9c449_closure0..................................__invoke......__invoke....'...6..Unknown.......................name....'...@..Unknown...............................old....'...G..Unknown...............................new....'...M..Unknown.......................................name....'...@..Unknown...............................old....'...G..Unknown...............................new....'...M..Unknown...................~.......2....6$php_module_m65b34e6fb43b4145bb4040e3aea9c449_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCa

C:\jar\script\SystemTrayScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):42445
Entropy (8bit):5.94426968749432
Encrypted:false
SSDEEP:384:nn3klvPqlvbKlvXFlv0EJUUY2Rpw8TSZkFeDDJuPup9P9To3QS67hMX:nUlvilvWlvVlvjJzYEpw8T7Ga67hs
MD5:8FB2023C8F96A96BF95EB73646923F65
SHA1:6AB55132BBB7CEBE5E6D5486972B914EB7E3C18D
SHA-256:F04F915D9FBE86AA336737F217880C06B8A8858804DB5C09A55F4D1D161A8F33
SHA-512:28A21372BDBF150CF96D0DAB8C5D828E36AC1A2A57C1B543F19D7284DD47B780131C433F6A9D4A3464D0E2F20C0F81E2CD86E6CA7E32395306107FA55154856A
Malicious:false
Preview:..J..3S...........C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.systemtray.SystemTrayBundle\script\SystemTrayScript.php...-.-$php_module_m4eb3c0fcbf384e7ea22718f75ce616e8............Unknown...........6.6$php_module_m4eb3c0fcbf384e7ea22718f75ce616e8_closure0..................................__invoke......__invoke....C...!..C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.systemtray.SystemTrayBundle\script\SystemTrayScript.php...........................2.~..6$php_module_m4eb3c0fcbf384e7ea22718f75ce616e8_closure0......php/runtime/lang/Closure......C:\Users\.............\Desktop\LAUNC1HER\LAUNCHER\Exe+zip+NOgui\vendor\develnext.bundle.systemtray.SystemTrayBundle\script\SystemTrayScript.php...$FN...Ljava/lang/String;......$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/Functi

C:\jar\script\TimerScript.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):25150
Entropy (8bit):5.658829031183725
Encrypted:false
SSDEEP:384:OCZKvGRupqIk6j6Z0pK+GxCdYSvf+ARXBIO+wqVLAvfCp:10eERkmrpKGdvpB+p
MD5:EAEFBEDFD3E3970BFA31C76FDE41C6C2
SHA1:284FF239250DA0523B20F3146B3CE6702E5A705D
SHA-256:0A1CE6922E4A9B027201B4D8F35DBA7C756BFF036047BCD88A60DCDD5847F8AD
SHA-512:2FCAF3E29E354BC5795C4EC0ED014C74283A81F559C6C8EEA287B1E164B7A3FA1A8D749E74D4EC713F13ABE9AD18B6662136081828F53F76BA1DCE54000430F8
Malicious:false
Preview:..J..3S...........-330087377~5481...-.-$php_module_m5da11e96b5f34445a5ec073cfa9468ca............Unknown...........6.6$php_module_m5da11e96b5f34445a5ec073cfa9468ca_closure0..................................__invoke......__invoke....Z......Unknown..............php\time\Timer...........self....Z...$..Unknown..............................php\time\Timer...........self....Z...$..Unknown...........................2....6$php_module_m5da11e96b5f34445a5ec073cfa9468ca_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment

C:\jar\script\storage\AbstractStorage.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):13954
Entropy (8bit):5.7651868055258095
Encrypted:false
SSDEEP:192:FPJqMqgk6sGReLmKhpDtk8Igey4By5MWqKXVgflGM3Gf9GYXF9cOmwejFS7GCplP:FYM7eK2G3yN5MjCgf7wGUc6GCp
MD5:9AD6A7825C9DDA8653527DAD0CF6AD3E
SHA1:0FB1591BD1230A9A478333302640D76C4001F050
SHA-256:AAEEAAF11FF2FD87DFFD2EF8F3DF2308F05DDF0C5C6A15E99B43D3EBEFFE4D1A
SHA-512:72EA0269A08300740F51EB48C7C6510B8FCDEF946CBB15167E909B82A8D0F1AFBB038D7DB40D222500BEDCFAC59D026949DF91DC77497DCA7B00981DA4C55FDC
Malicious:false
Preview:..J..3S...........-1456093176~3512...-.-$php_module_mc587003d22ac4ef8a756a6d547d252ab............Unknown.................................script\storage\AbstractStorage...4.4$php_module_mc587003d22ac4ef8a756a6d547d252ab_class0...........Unknown... . php\gui\framework\AbstractScript...................data...........Unknown........................autoSave...........Unknown...................................................load......load$14...........Unknown.........................................save......save$15...........Unknown.........................................applyImpl......applyImpl$16...........Unknown.......................target........!..Unknown...................Returns value of key and section..--RU--........... ........ .. ..... (. ......, .... ........)..@param $key.@param string $section.@return mixed................................get......get$17....+......Unknown.......................key....+......Unknown................

C:\jar\script\storage\IniStorage.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):14850
Entropy (8bit):5.848435055332306
Encrypted:false
SSDEEP:192:ik9SR8sDntk2C5j4Ar193PUGNlWwxlikXgGjKsdplzixFCE0MuUAXtEvjJFS7GCb:iki8sbkxr7UGNlWCiG57lM0z/9EvjCp
MD5:FA2FD1D2D263E0F674FE6C5D1C590D4F
SHA1:37D8645C08A562E1BF6BAA5EFED703FDEF33FAD2
SHA-256:B7C2EA71B75872C4B9BBF3974C666F5EB6F40126E203B97D330601C2658C3C1F
SHA-512:82F23967DD69AD13F0234F2ED2BE3C161AB8A8085FDC902B1BB3A33E1EBCE331DC425A3B646938A47D7AF1B7A732864A582A01047F458E634529EE896D6508D5
Malicious:false
Preview:..J..3S...........1783086926~3958...-.-$php_module_mde06fc0e9a46489f920dafa5a8e08ce1............Unknown.................................script\storage\IniStorage...4.4$php_module_mde06fc0e9a46489f920dafa5a8e08ce1_class0...........Unknown......script\storage\AbstractStorage..................._path...........Unknown....................trimValues...........Unknown.....................multiLineValues...........Unknown...................-.IniStorage constructor..@param string $path................................__construct......__construct$25....#......Unknown.......................path....#... ..Unknown..........null.........................................load......load$26....,......Unknown.........................................save......save$27....f......Unknown...........@return string................................getPath......getPath$28...........Unknown...........@param string $source................................setPath......setPath$29...........Unknown.......................s

C:\jar\script\support\NodeHelper.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):14073
Entropy (8bit):5.917906758789596
Encrypted:false
SSDEEP:384:kPMu4W4d7FWeto6b7cFFGaNXCufde/mqCp:kPMu4WkWWPcDGaZVp
MD5:AD0C5E33BE3B9A7090699AFDEF0A9076
SHA1:9074DDAD78CEE40DE661B0B5F616B59455F77B0A
SHA-256:0BA44719D43929C6D87A2D580A35180BA8046D34CC3B989074E69AA960EFF501
SHA-512:E52377016D7FE69507AB82336DBEC41854C3C7E814335CCF62B8688286A6949934D3BA08EEA537DB8E0C7C5C09A893C5B92A0700393E0D87BF7AE35FC3BA6B88
Malicious:false
Preview:..J..3S...........1231039404~3497...-.-$php_module_m4edfb56e953a4cf68ec4e35f7e945b05............Unknown.................................script\support\NodeHelper...4.4$php_module_m4edfb56e953a4cf68ec4e35f7e945b05_class0...........Unknown.......................root...........Unknown....................options...........Unknown..................D.NodeHelper constructor..@param mixed $context.@param string $input................................__construct......__construct$0....$......Unknown.......................context....$... ..Unknown...............................input....$...*..Unknown.................................................isValid......isValid$1....@......Unknown...........@return UXNode................................getRoot......getRoot$2....H......Unknown.........................................bindAction......bindAction$3....M......Unknown.......................handle....M...(..Unknown.................................................adaptValue......adaptValue$4....Z...

C:\jar\script\support\ScriptHelpers.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):16315
Entropy (8bit):5.7053641789141585
Encrypted:false
SSDEEP:192:IecUKlKFQvlKS+GRy9+LZ9dK0DHw8EH4AleDPDEFKY//FS7GCplP:IoKTv5G+H4FnfYXeKcCp
MD5:AFA96F44244198058485E9C65974A966
SHA1:9C7A15081C2FB1100D2DFD7EC479D25BF6AEC7FF
SHA-256:77FBE0EA716E709DE0041BE51D9FD62FFA2AA9F60FE2BA26AE20FB9F3CF7ABD5
SHA-512:16FC40C27E18A74B7609064A290D63EC8C95B003CC7FDB4E88967D1AD1230FD56CCE2A52060745D893F3927AD1C67D14AEF0BE07D6917E1E724B5A29ABD0FDEB
Malicious:false
Preview:..J..3S...........-2024789997~1822...-.-$php_module_mcc4b3daacfcc477d9f62aadd156f8fa2............Unknown...........6.6$php_module_mcc4b3daacfcc477d9f62aadd156f8fa2_closure0..................................__invoke......__invoke....F...!..Unknown..............script\support\NodeHelper...........node....F...6..Unknown..............................script\support\NodeHelper...........node....F...6..Unknown...................K.......2.r..6$php_module_mcc4b3daacfcc477d9f62aadd156f8fa2_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/

C:\jar\timer\AccurateTimer.phb

Download File
Process:C:\Windows\System32\7za.exe
File Type:data
Category:dropped
Size (bytes):19321
Entropy (8bit):5.676997413377479
Encrypted:false
SSDEEP:192:JG7lLGVq5FIpE931l3dMT6g4d63giMWZYMRQg+AEETHuDkk1VlHoPa+7K8cRRMd0:Ug2TTMlgc/+ZKHuYQVSzCp
MD5:2995BEE0D704DB45101D3A11513C5CB4
SHA1:BF861FE145E83C3612C6887EA1DD91E4F21DF418
SHA-256:68EFAD768C6F7AEEB5BE4F8C07936EE8AB38008F21F2B00A21F1A4FE4A6AA477
SHA-512:6299083A56F8CA75E171FF685D93B065C0FD0527A526A3965F689A3150824D780A9EA744A54EB765C25A271C8B181552EC7F094F7ECB63027FC799F6D3FFD59B
Malicious:false
Preview:..J..3S...........2075802040~3706...-.-$php_module_m33ae3f47b0d44b3697ee0a11e66d4b2c............Unknown...........6.6$php_module_m33ae3f47b0d44b3697ee0a11e66d4b2c_closure0..................................__invoke......__invoke...........Unknown...........................2.i..6$php_module_m33ae3f47b0d44b3697ee0a11e66d4b2c_closure0......php/runtime/lang/Closure......$FN...Ljava/lang/String;...$TRC...[Lphp/runtime/env/TraceInfo;...$MEM...[Lphp/runtime/Memory;...$AMEM...[[Lphp/runtime/Memory;...$CALL_FUNC_CACHE..,Lphp/runtime/invoke/cache/FunctionCallCache;...$CALL_METH_CACHE..*Lphp/runtime/invoke/cache/MethodCallCache;...$CALL_PROP_CACHE..,Lphp/runtime/invoke/cache/PropertyCallCache;...$CALL_CONST_CACHE..,Lphp/runtime/invoke/cache/ConstantCallCache;...$CALL_CLASS_CACHE..)Lphp/runtime/invoke/cache/ClassCallCache;...<init>...(Lphp/runtime/env/Environment;Lphp/runtime/reflection/ClassEntity;Lphp/runtime/Memory;Ljava/lang/String;[Lphp/runtime/Memory;)V.............~this...Lnull;...~env...Lph

Static File Info

General

File type:Java archive data (JAR)
Entropy (8bit):7.993880863309534
TrID:
  • Java Archive (13504/1) 62.80%
  • ZIP compressed archive (8000/1) 37.20%
File name:dn-compiled-module.jar
File size:1'062'441 bytes
MD5:8fb7fc08191a2f03551c14710978d6cc
SHA1:56688549826dd365486d4d22493a76edb9c9c8d6
SHA256:9b0235346eab00432f9220809726ed295c464af1361889cdefc27bf59084e8f3
SHA512:b827a729ecdfd1338d906cb26e7832eb0997e770624fab8e5d414e2267a1c297130abbe60c5a81cddc1269a9ad1bf522e6c816ce3b4db48a8748e8a0c1b8df6a
SSDEEP:24576:GrgucJ7x8wqQTA6aNc30PwbhXPRx90CRyn+HLg0DP8D:OcJx1qwA5NcOwb9PR/0C0+HskPo
TLSH:A435237300F03864E5772633B72E74E1783EC07CA42FA511545CE75A78B2E1E8BC6A9A
File Content Preview:PK...........X................META-INF/....PK...........Xc...\...h.......META-INF/MANIFEST.MF.M..LK-...K-*....R0.3..r.C.q,HL.HU...%-..y...R.KRSt.*A.-......u....4....sR........K..h.r.r..PK...........X.................inc/PK...........X.................pack

File Icon

Icon Hash:d08c8e8ea2868a54

Network Behavior

No network behavior found

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

General

Target ID:0
Start time:05:32:19
Start date:27/07/2024
Path:C:\Windows\System32\7za.exe
Wow64 process (32bit):true
Commandline:7za.exe x -y -oC:\jar "C:\Users\user\Desktop\dn-compiled-module.jar"
Imagebase:0xfc0000
File size:289'792 bytes
MD5 hash:77E556CDFDC5C592F5C46DB4127C6F4C
Has elevated privileges:false
Has administrator privileges:false
Programmed in:C, C++ or other language
Reputation:high
Has exited:true

General

Target ID:1
Start time:05:32:19
Start date:27/07/2024
Path:C:\Windows\System32\conhost.exe
Wow64 process (32bit):false
Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:0x7ff6d64d0000
File size:862'208 bytes
MD5 hash:0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:false
Has administrator privileges:false
Programmed in:C, C++ or other language
Reputation:high
Has exited:true

General

Target ID:3
Start time:05:32:20
Start date:27/07/2024
Path:C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exe
Wow64 process (32bit):true
Commandline:java.exe -jar "C:\Users\user\Desktop\dn-compiled-module.jar"
Imagebase:0xbe0000
File size:257'664 bytes
MD5 hash:9DAA53BAB2ECB33DC0D9CA51552701FA
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:moderate
Has exited:true

General

Target ID:4
Start time:05:32:20
Start date:27/07/2024
Path:C:\Windows\System32\conhost.exe
Wow64 process (32bit):false
Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:0x7ff6d64d0000
File size:862'208 bytes
MD5 hash:0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:high
Has exited:true

General

Target ID:5
Start time:05:32:21
Start date:27/07/2024
Path:C:\Windows\SysWOW64\icacls.exe
Wow64 process (32bit):true
Commandline:C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
Imagebase:0x2c0000
File size:29'696 bytes
MD5 hash:2E49585E4E08565F52090B144062F97E
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:high
Has exited:true

General

Target ID:6
Start time:05:32:21
Start date:27/07/2024
Path:C:\Windows\System32\conhost.exe
Wow64 process (32bit):false
Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:0x7ff6d64d0000
File size:862'208 bytes
MD5 hash:0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:true
Has administrator privileges:true
Programmed in:C, C++ or other language
Reputation:high
Has exited:true

Disassembly

Reset < >

    Executed Functions

    Function 021CD9A5 Relevance: .2, Instructions: 199COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000003.00000002.2026028667.00000000021C2000.00000040.00000800.00020000.00000000.sdmp, Offset: 021C2000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_3_2_21c2000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: 49c35bae2537ca964cf380656e43491a448d6be92f29304d2b7c76b9fe56952c
    • Instruction ID: dcde9493ddd56b78221e8d6cbff21eca91166fdce1bb1ee65848f459ab1a395d
    • Opcode Fuzzy Hash: 49c35bae2537ca964cf380656e43491a448d6be92f29304d2b7c76b9fe56952c
    • Instruction Fuzzy Hash: 6481EFB9A44605DFDB18CF24E594BA9F7B1FF69314F2881ADC81A4B381DB34A844CF90
    Function 021C0672 Relevance: .1, Instructions: 57COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000003.00000002.2026028667.00000000021C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 021C0000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_3_2_21c0000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: a7e4eee3e5689eb702dc45d6b35afbbf9c9f047148026065e38a1fa0ff645a76
    • Instruction ID: aaed3f5f3cb1ae2b1515a3827f0f9dae275b08e249285382db2263db1a673098
    • Opcode Fuzzy Hash: a7e4eee3e5689eb702dc45d6b35afbbf9c9f047148026065e38a1fa0ff645a76
    • Instruction Fuzzy Hash: 00113ABAD4023ADFCF18DF88C4855AEB7B1FBAC314B664529DC69A3341D3346960CB90
    Function 021C0722 Relevance: .0, Instructions: 22COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000003.00000002.2026028667.00000000021C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 021C0000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_3_2_21c0000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: 8ca73e3b12adeafbfdd02c17f6c199276fc4e241b23a09e3f1e1bc8b75b2543b
    • Instruction ID: 967f91c11ef2519e23534baa5098b4800642b36e598646daf5b70c21a1d17692
    • Opcode Fuzzy Hash: 8ca73e3b12adeafbfdd02c17f6c199276fc4e241b23a09e3f1e1bc8b75b2543b
    • Instruction Fuzzy Hash: F7F01C7AC40229DB8B18DF84C4400ADF771EB18218B2A849ADC6C37241D3326D51CF81
    Function 021D4B78 Relevance: .0, Instructions: 21COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000003.00000002.2026028667.00000000021C2000.00000040.00000800.00020000.00000000.sdmp, Offset: 021C2000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_3_2_21c2000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: 5022083279ba92975487d9f3858008055caabfe0df9312cd094856b835221dc5
    • Instruction ID: e3212b7770be5f3d6daf5e483f175eb1fb1194f9793db414a38eba5c618f9f08
    • Opcode Fuzzy Hash: 5022083279ba92975487d9f3858008055caabfe0df9312cd094856b835221dc5
    • Instruction Fuzzy Hash: 3FF07FB5900A16EBDB15CF61C0047DAFBB4FB98718F15421AD42C57750D778B4658BD0
    Function 021CDA35 Relevance: .0, Instructions: 18COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000003.00000002.2026028667.00000000021C2000.00000040.00000800.00020000.00000000.sdmp, Offset: 021C2000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_3_2_21c2000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: a2d70bec46f424126eff0d4e608f4ed335e6a7acb1a9d4e5df9cdd64cce69865
    • Instruction ID: 31d34327e4ebc7e2950c56ee5791ac75b0276fb8785c72bbadcfa5d6cb8eabb8
    • Opcode Fuzzy Hash: a2d70bec46f424126eff0d4e608f4ed335e6a7acb1a9d4e5df9cdd64cce69865
    • Instruction Fuzzy Hash: 93F0CAB6D01A1AEBDB24CFA1C4047DAFBB5BB98714F19461AC42C63760D378B469CBC0
    Function 021D3C76 Relevance: .0, Instructions: 18COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000003.00000002.2026028667.00000000021C2000.00000040.00000800.00020000.00000000.sdmp, Offset: 021C2000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_3_2_21c2000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: 3133ac400ed14356674f291b893db3aa169cf96852637a20984721007da4627e
    • Instruction ID: 143d56fe4c168dd9f762de365894dd43ed4a2cccdb701bd1e534d97d76f5b841
    • Opcode Fuzzy Hash: 3133ac400ed14356674f291b893db3aa169cf96852637a20984721007da4627e
    • Instruction Fuzzy Hash: 6FF0C2B6D00A16EBDB24CF61C4047CAFBB4BB58714F15461AC42C67320D378B465CBC0
    Function 021D45E9 Relevance: .0, Instructions: 18COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000003.00000002.2026028667.00000000021C2000.00000040.00000800.00020000.00000000.sdmp, Offset: 021C2000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_3_2_21c2000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: ab54070a04bd0c8831e147d350a41b4d5c57632731afb8a0293badbc4a1a3fbb
    • Instruction ID: 0193b5ceb5b34a68abd5139d6a85861c617ac2475c0d2211c39341cfc68d3620
    • Opcode Fuzzy Hash: ab54070a04bd0c8831e147d350a41b4d5c57632731afb8a0293badbc4a1a3fbb
    • Instruction Fuzzy Hash: 7EF0C2B6D00A16EBDB24CF65C4047CAFBB5BB58714F19461AC52C63320D378B465CBD0

    Non-executed Functions

    Function 021C03C0 Relevance: .1, Instructions: 70COMMON
    Download Yara Rule
    Memory Dump Source
    • Source File: 00000003.00000002.2026028667.00000000021C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 021C0000, based on PE: false
    Joe Sandbox IDA Plugin
    • Snapshot File: hcaresult_3_2_21c0000_java.jbxd
    Similarity
    • API ID:
    • String ID:
    • API String ID:
    • Opcode ID: a012a9fb5cf5d9e1554885d89a3030425dd9bcc3e3bcfa4e280c99466c7885fc
    • Instruction ID: b254b146749be61e1fe5dbc20e3bb311a25bc4119259db1cde018d78147fa0a0
    • Opcode Fuzzy Hash: a012a9fb5cf5d9e1554885d89a3030425dd9bcc3e3bcfa4e280c99466c7885fc
    • Instruction Fuzzy Hash: D121F2BA5482568FDB358F1888407DAB7A5EB18314F21492EDEC9EB710D3306A898B90