Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
gnupg-w32-2.4.7_20241125.exe

Overview

General Information

Sample name:gnupg-w32-2.4.7_20241125.exe
Analysis ID:1671114
MD5:89b24563d66bf8a2dd854af031298e71
SHA1:dc6c234c76747a5ac078fe5d5300c926e2de57e2
SHA256:caf2904c02c02c94cbe137f01b63e5a43dbea92d27ea66e56f0af4af2c70c170
Infos:

Detection

Score:2
Range:0 - 100
Confidence:60%

Compliance

Score:48
Range:0 - 100

Signatures

Creates a process in suspended mode (likely to inject code)
Drops PE files
Found dropped PE file which has not been started or loaded
PE file contains an invalid checksum
PE file contains executable resources (Code or Archives)
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Uses 32bit PE files

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • gnupg-w32-2.4.7_20241125.exe (PID: 7312 cmdline: "C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe" MD5: 89B24563D66BF8A2DD854AF031298E71)
    • notepad.exe (PID: 1348 cmdline: "C:\Windows\system32\NOTEPAD.EXE" C:\Program Files (x86)\gnupg\README.txt MD5: E92D3A824A0578A50D2DD81B5060145F)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Compliance
  • Networking
  • System Summary
  • Data Obfuscation
  • Persistence and Installation Behavior
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion
  • HIPS / PFW / Operating System Protection Evasion
  • Language, Device and Operating System Detection

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Compliance

barindex
Source: gnupg-w32-2.4.7_20241125.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, DEBUG_STRIPPED
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeWindow detected: < &Back&Next >CancelNullsoft Install System v3.06.1-1 Nullsoft Install System v3.06.1-1License AgreementThis software is licensed under the terms of the GNU General Public License (GNU GPL).Press Page Down to see the rest of the agreement. GNU GENERAL PUBLIC LICENSE Version 3 29 June 2007 Copyright (C) 2007 Free Software Foundation Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowed. Preamble The GNU General Public License is a free copyleft license forsoftware and other kinds of works. The licenses for most software and other practical works are designedto take away your freedom to share and change the works. By contrastthe GNU General Public License is intended to guarantee your freedom toshare and change all versions of a program--to make sure it remains freesoftware for all its users. We the Free Software Foundation use theGNU General Public License for most of our software; it applies also toany other work released this way by its authors. You can apply it toyour programs too. When we speak of free software we are referring to freedom notprice. Our General Public Licenses are designed to make sure that youhave the freedom to distribute copies of free software (and charge forthem if you wish) that you receive source code or can get it if youwant it that you can change the software or use pieces of it in newfree programs and that you know you can do these things. To protect your rights we need to prevent others from denying youthese rights or asking you to surrender the rights. Therefore you havecertain responsibilities if you distribute copies of the software or ifyou modify it: responsibilities to respect the freedom of others. For example if you distribute copies of such a program whethergratis or for a fee you must pass on to the recipients the samefreedoms that you received. You must make sure that they too receiveor can get the source code. And you must show them these terms so theyknow their rights. Developers that use the GNU GPL protect your rights with two steps:(1) assert copyright on the software and (2) offer you this Licensegiving you legal permission to copy distribute and/or modify it. For the developers' and authors' protection the GPL clearly explainsthat there is no warranty for this free software. For both users' andauthors' sake the GPL requires that modified versions be marked aschanged so that their problems will not be attributed erroneously toauthors of previous versions. Some devices are designed to deny users access to install or runmodified versions of the software inside them although the manufacturercan do so. This is fundamentally incompatible with the aim ofprotecting users' freedom to change the software. The systematicpattern of such abuse occurs in the area of products for individuals touse which is precisely where it is most unacceptable. Therefore wehave designed this version of the
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\README.txtJump to behavior
Source: gnupg-w32-2.4.7_20241125.exeStatic PE information: certificate valid
Source: gnupg-w32-2.4.7_20241125.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: http://crl.globalsign.com/ca/gstsacasha384g4.crl0
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: http://crl.globalsign.com/codesigningrootr45.crl0V
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: http://crl.globalsign.com/gsgccr45codesignca2020.crl0
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: http://crl.globalsign.com/root-r6.crl0G
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drString found in binary or memory: http://http-keys.gnupg.net
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drString found in binary or memory: http://keys.gnupg.net
Source: gnupg-w32-2.4.7_20241125.exeString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: http://ocsp.globalsign.com/ca/gstsacasha384g40C
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: http://ocsp.globalsign.com/codesigningrootr450F
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: http://ocsp.globalsign.com/gsgccr45codesignca20200V
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: http://ocsp2.globalsign.com/rootr606
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: http://secure.globalsign.com/cacert/codesigningrootr45.crt0A
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: http://secure.globalsign.com/cacert/gsgccr45codesignca2020.crt0=
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: http://secure.globalsign.com/cacert/gstsacasha384g4.crt0
Source: notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmp, ksba.h.0.dr, assuan.h.0.drString found in binary or memory: http://www.gnu.org/licenses/
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1478557863.000000000305D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.zlib.net/D
Source: dirmngr.exe.0.drString found in binary or memory: https://bugs.gnupg.org
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1413450306.0000000003054000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1423313869.0000000003053000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1415823291.0000000003057000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1412714413.0000000003057000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1417211685.0000000003050000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1416699830.0000000003054000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1419083461.000000000305A000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1420036109.000000000305E000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1422210475.0000000003052000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1415113641.000000000305B000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1411632295.0000000003052000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1418330425.000000000305B000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1414234142.0000000003053000.00000004.00000020.00020000.00000000.sdmp, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: https://bugs.gnupg.orgGnuPGgpggpgsmgpg-agentgpgtarEMAILGNUPGGPGGPGSMGPG_AGENTSCDAEMONTPM2DAEMONDIRMN
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1493958312.0000000003050000.00000004.00000020.00020000.00000000.sdmp, gpgme.h.0.drString found in binary or memory: https://dev.gnupg.org/T4834
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.gnupg.org/T7030
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.gnupg.org/T7353
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000002.1596590318.000000000091D000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1260066526.0000000003059000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://fsf.org/
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1456517996.0000000003053000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1493958312.0000000003050000.00000004.00000020.00020000.00000000.sdmp, gpgme.h.0.drString found in binary or memory: https://gnu.org/licenses/
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1456517996.0000000003053000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnu.org/licenses/gpl.html
Source: notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/documentation/mailing-lists.html
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/documentation/manuals/gnupg-devel/
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/documentation/manuals/gnupg/
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1552156586.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1553098184.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1593868151.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1553000799.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1553057620.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1551238047.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1553148981.0000000004260000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/donate
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/donate/
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000002.1596590318.000000000091D000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1260066526.0000000003059000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/donateEin
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/download/mirrors.html
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1411632295.0000000003052000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/faq/subkey-cross-certify.html
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1411632295.0000000003052000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/faq/subkey-cross-certify.htmlWARNING:
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/faq/whats-new-in-2.1.html
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/ftp/gcrypt/
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/ftp/gcrypt/libassuan/)
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/ftp/gcrypt/libgcrypt/)
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/ftp/gcrypt/libgpg-error/)
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/ftp/gcrypt/libksba/)
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/ftp/gcrypt/npth/)
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/ftp/gcrypt/pinentry/
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.org/service.html
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: https://gnupg.org0/
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000002.1596590318.000000000091D000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1260066526.0000000003059000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gnupg.orgNoModifyNoRepair
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drString found in binary or memory: https://http-keys.gnupg.net
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drString found in binary or memory: https://keys.gnupg.net
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drString found in binary or memory: https://keys.gnupg.nethkp://keys.gnupg.nethttp://keys.gnupg.nethkps://http-keys.gnupg.nethttp-keys.g
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1416699830.0000000003054000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://openpgpkey.%s/.well-known/openpgpkey/%s/hu/%s?l=%s
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drString found in binary or memory: https://versions.gnupg.org/swdb.lst
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drString found in binary or memory: https://versions.gnupg.org/swdb.lst.sig
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drString found in binary or memory: https://versions.gnupg.org/swdb.lsthttps://versions.gnupg.org/swdb.lst.sig--enable-special-filenames
Source: gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drString found in binary or memory: https://www.globalsign.com/repository/0
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1489361858.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1497964610.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1496719530.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1487857855.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1491307069.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1488391273.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1492949919.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1490318764.0000000000966000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gnu.org/licen
Source: pinentry-basic.exe.0.dr, gcrypt.h.0.drString found in binary or memory: https://www.gnu.org/licenses/
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000002.1596590318.000000000091D000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1374882759.0000000000977000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000002.1596360967.000000000065A000.00000004.00000010.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1480449228.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1405277389.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1260066526.0000000003059000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1484699035.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1489361858.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1497964610.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1457898429.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1449088209.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1496719530.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1487857855.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1404442919.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408757347.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1487042360.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1455367633.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1491307069.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1488391273.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1485963618.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1492949919.0000000000966000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gnu.org/philosophy/why-not-lgpl.html
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1415113641.000000000305B000.00000004.00000020.00020000.00000000.sdmp, gpg-card.exe.0.drString found in binary or memory: https://yubi.co/ysa201701
Source: gpg-card.exe.0.drStatic PE information: Resource name: RT_VERSION type: Hitachi SH little-endian COFF executable, no relocation info, not stripped, 52 sections, symbol offset=0x5f0053, 4522070 symbols, optional header size 82, created Sat Mar 7 05:34:56 1970
Source: zlib1.dll.0.drStatic PE information: Number of sections : 11 > 10
Source: libgpgme-11.dll.0.drStatic PE information: Number of sections : 11 > 10
Source: libnpth-0.dll.0.drStatic PE information: Number of sections : 11 > 10
Source: libgpg-error-0.dll.0.drStatic PE information: Number of sections : 11 > 10
Source: libksba-8.dll.0.drStatic PE information: Number of sections : 11 > 10
Source: libgcrypt-20.dll.0.drStatic PE information: Number of sections : 11 > 10
Source: libntbtls-0.dll.0.drStatic PE information: Number of sections : 11 > 10
Source: libassuan-9.dll.0.drStatic PE information: Number of sections : 11 > 10
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedirmngr.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1413450306.0000000003054000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegpgconf.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1423313869.0000000003053000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamekeyboxd.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1478557863.000000000305D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamezlib1.dll* vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1482245240.0000000003057000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibgcrypt.dll" vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1484737370.00000000057CF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibassuan.dll" vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1415823291.0000000003057000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegpgtar.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegpg.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1412714413.0000000003057000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegpgsm.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1417211685.0000000003050000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedirmngr_ldap.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1479206019.0000000003056000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibnpth.dll" vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1416699830.0000000003054000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegpg-wks-client.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1489627342.0000000003057000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegpgme.dll" vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1498209973.0000000003057000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibntbtls.dll" vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1419083461.000000000305A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegpg-check-pattern.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1456517996.0000000003053000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibgpg-error.dll" vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1420036109.000000000305E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegpg-agent.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1422210475.0000000003052000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamescdaemon.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1415113641.000000000305B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegpg-card.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1411632295.0000000003052000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegpgv.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000002.1596878047.00000000009A3000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameNOTEPAD.EXEj% vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1595899427.00000000009A3000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameNOTEPAD.EXEj% vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1414234142.0000000003053000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegpg-connect-agent.exeT vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1487151843.0000000003051000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibksba.dll" vs gnupg-w32-2.4.7_20241125.exe
Source: gnupg-w32-2.4.7_20241125.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, DEBUG_STRIPPED
Source: classification engineClassification label: clean2.winEXE@3/101@0/0
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupgJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeMutant created: \Sessions\1\BaseNamedObjects\gnupg
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Users\user\AppData\Local\Temp\nsh4785.tmpJump to behavior
Source: gnupg-w32-2.4.7_20241125.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile read: C:\Users\desktop.iniJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: create table if not exists encryptions (binding INTEGER NOT NULL, time INTEGER);create index if not exists encryptions_binding on encryptions (binding);
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: create table version (version INTEGER);
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: insert into version values (1);
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: select count(*) from sqlite_master where type='table';
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1497233101.0000000003059000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: select ((select count(*) from ultimately_trusted_keys where (keyid in (%s))) == %d) and ((select count(*) from ultimately_trusted_keys where keyid not in (%s)) == 0);
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: select user_id, policy from bindings where fingerprint = ?;
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1497233101.0000000003059000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: select fingerprint || case sum(conflict NOTNULL) when 0 then '' else '!' end from bindings where email = ? group by fingerprint order by fingerprint = ? asc, fingerprint desc;
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1497233101.0000000003059000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: insert into ultimately_trusted_keys values ('%s');
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1497233101.0000000003059000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: create table if not exists ultimately_trusted_keys (keyid);
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1497233101.0000000003059000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: UPDATE %Q.%s SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: create table version (version INTEGER);error initializing TOFU database: %s
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1497233101.0000000003059000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: select version from version;
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1497233101.0000000003059000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: create table signatures (binding INTEGER NOT NULL, sig_digest TEXT, origin TEXT, sig_time INTEGER, time INTEGER, primary key (binding, sig_digest, origin));
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: update bindings set effective_policy = %d, conflict = %Q where email = %Q and fingerprint = %Q and effective_policy != %d;
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: select count(*) from sqlite_master where type='table';error reading TOFU database: %s
Source: gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: update bindings set effective_policy = ? where fingerprint = ?;
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile read: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe "C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe"
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess created: C:\Windows\SysWOW64\notepad.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Program Files (x86)\gnupg\README.txt
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess created: C:\Windows\SysWOW64\notepad.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Program Files (x86)\gnupg\README.txtJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: shfolder.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: riched20.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: usp10.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: msls31.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: slc.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: sppc.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: mrmcorer.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: efswrt.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile written: C:\Users\user\AppData\Local\Temp\nss47C5.tmp\homegpgbuilderbgnupg-2.4distPLAY-releasegnupg-w32-2.4.7build-auxspeedow32inst-options.iniJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeAutomated click: OK
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeAutomated click: Next >
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeAutomated click: Next >
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeAutomated click: Install
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeAutomated click: Next >
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeWindow detected: < &Back&Next >CancelNullsoft Install System v3.06.1-1 Nullsoft Install System v3.06.1-1License AgreementThis software is licensed under the terms of the GNU General Public License (GNU GPL).Press Page Down to see the rest of the agreement. GNU GENERAL PUBLIC LICENSE Version 3 29 June 2007 Copyright (C) 2007 Free Software Foundation Inc. <https://fsf.org/> Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowed. Preamble The GNU General Public License is a free copyleft license forsoftware and other kinds of works. The licenses for most software and other practical works are designedto take away your freedom to share and change the works. By contrastthe GNU General Public License is intended to guarantee your freedom toshare and change all versions of a program--to make sure it remains freesoftware for all its users. We the Free Software Foundation use theGNU General Public License for most of our software; it applies also toany other work released this way by its authors. You can apply it toyour programs too. When we speak of free software we are referring to freedom notprice. Our General Public Licenses are designed to make sure that youhave the freedom to distribute copies of free software (and charge forthem if you wish) that you receive source code or can get it if youwant it that you can change the software or use pieces of it in newfree programs and that you know you can do these things. To protect your rights we need to prevent others from denying youthese rights or asking you to surrender the rights. Therefore you havecertain responsibilities if you distribute copies of the software or ifyou modify it: responsibilities to respect the freedom of others. For example if you distribute copies of such a program whethergratis or for a fee you must pass on to the recipients the samefreedoms that you received. You must make sure that they too receiveor can get the source code. And you must show them these terms so theyknow their rights. Developers that use the GNU GPL protect your rights with two steps:(1) assert copyright on the software and (2) offer you this Licensegiving you legal permission to copy distribute and/or modify it. For the developers' and authors' protection the GPL clearly explainsthat there is no warranty for this free software. For both users' andauthors' sake the GPL requires that modified versions be marked aschanged so that their problems will not be attributed erroneously toauthors of previous versions. Some devices are designed to deny users access to install or runmodified versions of the software inside them although the manufacturercan do so. This is fundamentally incompatible with the aim ofprotecting users' freedom to change the software. The systematicpattern of such abuse occurs in the area of products for individuals touse which is precisely where it is most unacceptable. Therefore wehave designed this version of the
Source: gnupg-w32-2.4.7_20241125.exeStatic PE information: certificate valid
Source: gnupg-w32-2.4.7_20241125.exeStatic file information: File size 5625560 > 1048576
Source: gnupg-w32-2.4.7_20241125.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: gnupg-uninstall.exe.0.drStatic PE information: real checksum: 0x56a732 should be: 0x2eaa1
Source: System.dll.0.drStatic PE information: real checksum: 0x0 should be: 0xeb24
Source: UserInfo.dll.0.drStatic PE information: real checksum: 0x0 should be: 0x510e
Source: LangDLL.dll.0.drStatic PE information: real checksum: 0x0 should be: 0xe9bd
Source: InstallOptions.dll.0.drStatic PE information: real checksum: 0x0 should be: 0x11b09
Source: libassuan-9.dll.0.drStatic PE information: section name: /4
Source: libksba-8.dll.0.drStatic PE information: section name: /4
Source: libgpgme-11.dll.0.drStatic PE information: section name: /4
Source: gpgme-w32spawn.exe.0.drStatic PE information: section name: /4
Source: gpg.exe.0.drStatic PE information: section name: /4
Source: libsqlite3-0.dll.0.drStatic PE information: section name: /4
Source: gpgv.exe.0.drStatic PE information: section name: /4
Source: gpgsm.exe.0.drStatic PE information: section name: /4
Source: gpgconf.exe.0.drStatic PE information: section name: /4
Source: gpg-connect-agent.exe.0.drStatic PE information: section name: /4
Source: gpg-card.exe.0.drStatic PE information: section name: /4
Source: gpgtar.exe.0.drStatic PE information: section name: /4
Source: gpg-wks-client.exe.0.drStatic PE information: section name: /4
Source: dirmngr_ldap.exe.0.drStatic PE information: section name: /4
Source: g4wihelp.dll.0.drStatic PE information: section name: /4
Source: gpg-preset-passphrase.exe.0.drStatic PE information: section name: /4
Source: gpg-check-pattern.exe.0.drStatic PE information: section name: /4
Source: gpg-agent.exe.0.drStatic PE information: section name: /4
Source: dirmngr.exe.0.drStatic PE information: section name: /4
Source: scdaemon.exe.0.drStatic PE information: section name: /4
Source: keyboxd.exe.0.drStatic PE information: section name: /4
Source: libgpg-error-0.dll.0.drStatic PE information: section name: /4
Source: libntbtls-0.dll.0.drStatic PE information: section name: /4
Source: pinentry-basic.exe.0.drStatic PE information: section name: /4
Source: zlib1.dll.0.drStatic PE information: section name: /4
Source: libnpth-0.dll.0.drStatic PE information: section name: /4
Source: libgcrypt-20.dll.0.drStatic PE information: section name: /4
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\zlib1.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpg-check-pattern.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\dirmngr.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\libassuan-9.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpgconf.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\libgpgme-11.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Users\user\AppData\Local\Temp\nss47C5.tmp\UserInfo.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpgtar.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpg-agent.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Users\user\AppData\Local\Temp\nss47C5.tmp\LangDLL.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\pinentry-basic.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Users\user\AppData\Local\Temp\nss47C5.tmp\g4wihelp.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpg.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpgsm.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\libksba-8.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\libgcrypt-20.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\libsqlite3-0.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\gnupg-uninstall.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\scdaemon.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpg-wks-client.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\libntbtls-0.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\libgpg-error-0.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpgme-w32spawn.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\libnpth-0.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpg-preset-passphrase.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpg-card.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Users\user\AppData\Local\Temp\nss47C5.tmp\InstallOptions.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\keyboxd.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpgv.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Users\user\AppData\Local\Temp\nss47C5.tmp\System.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\gpg-connect-agent.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\bin\dirmngr_ldap.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeFile created: C:\Program Files (x86)\gnupg\README.txtJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\zlib1.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\dirmngr.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpg-check-pattern.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\libassuan-9.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpgconf.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\libgpgme-11.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss47C5.tmp\UserInfo.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpgtar.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpg-agent.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss47C5.tmp\LangDLL.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\pinentry-basic.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss47C5.tmp\g4wihelp.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpg.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpgsm.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\libksba-8.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\libgcrypt-20.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\libsqlite3-0.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\gnupg-uninstall.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\scdaemon.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpg-wks-client.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\libntbtls-0.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\libgpg-error-0.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\libnpth-0.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpgme-w32spawn.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpg-preset-passphrase.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpg-card.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss47C5.tmp\InstallOptions.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\keyboxd.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpgv.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss47C5.tmp\System.dllJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\gpg-connect-agent.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeDropped PE file which has not been started: C:\Program Files (x86)\gnupg\bin\dirmngr_ldap.exeJump to dropped file
Source: C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exeProcess created: C:\Windows\SysWOW64\notepad.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Program Files (x86)\gnupg\README.txtJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeQueries volume information: C:\Program Files (x86)\gnupg\README.txt VolumeInformationJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
DLL Side-Loading		11
Process Injection		1
Masquerading		OS Credential Dumping2
File and Directory Discovery		Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
DLL Side-Loading		11
Process Injection		LSASS Memory11
System Information Discovery		Remote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
DLL Side-Loading		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveSteganographyAutomated ExfiltrationData Encrypted for Impact

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1671114 Sample: gnupg-w32-2.4.7_20241125.exe Startdate: 22/04/2025 Architecture: WINDOWS Score: 2 5 gnupg-w32-2.4.7_20241125.exe 14 232 2->5         started        file3 10 C:\Users\user\AppData\Local\...\g4wihelp.dll, PE32 5->10 dropped 12 C:\Users\user\AppData\Local\...\UserInfo.dll, PE32 5->12 dropped 14 C:\Users\user\AppData\Local\...\System.dll, PE32 5->14 dropped 16 29 other files (none is malicious) 5->16 dropped 8 notepad.exe 5 5->8         started        process4

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
gnupg-w32-2.4.7_20241125.exe0%ReversingLabs
gnupg-w32-2.4.7_20241125.exe1%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Program Files (x86)\gnupg\bin\dirmngr.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\dirmngr_ldap.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpg-agent.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpg-card.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpg-check-pattern.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpg-connect-agent.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpg-preset-passphrase.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpg-wks-client.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpg.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpgconf.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpgme-w32spawn.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpgsm.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpgtar.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\gpgv.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\keyboxd.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\libassuan-9.dll0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\libgcrypt-20.dll0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\libgpg-error-0.dll0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\libgpgme-11.dll0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\libksba-8.dll0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\libnpth-0.dll0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\libntbtls-0.dll0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\libsqlite3-0.dll0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\pinentry-basic.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\scdaemon.exe0%ReversingLabs
C:\Program Files (x86)\gnupg\bin\zlib1.dll0%ReversingLabs
C:\Program Files (x86)\gnupg\gnupg-uninstall.exe0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nss47C5.tmp\InstallOptions.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nss47C5.tmp\LangDLL.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nss47C5.tmp\System.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nss47C5.tmp\UserInfo.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nss47C5.tmp\g4wihelp.dll0%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://dev.gnupg.org/T73530%Avira URL Cloudsafe
http://keys.gnupg.net0%Avira URL Cloudsafe
https://versions.gnupg.org/swdb.lst.sig0%Avira URL Cloudsafe
https://gnupg.orgNoModifyNoRepair0%Avira URL Cloudsafe
https://bugs.gnupg.org0%Avira URL Cloudsafe
https://versions.gnupg.org/swdb.lst0%Avira URL Cloudsafe
https://gnupg.org0/0%Avira URL Cloudsafe
https://yubi.co/ysa2017010%Avira URL Cloudsafe
https://versions.gnupg.org/swdb.lsthttps://versions.gnupg.org/swdb.lst.sig--enable-special-filenames0%Avira URL Cloudsafe
https://dev.gnupg.org/T70300%Avira URL Cloudsafe
https://dev.gnupg.org/T48340%Avira URL Cloudsafe
http://http-keys.gnupg.net0%Avira URL Cloudsafe
https://keys.gnupg.net0%Avira URL Cloudsafe
https://http-keys.gnupg.net0%Avira URL Cloudsafe
https://keys.gnupg.nethkp://keys.gnupg.nethttp://keys.gnupg.nethkps://http-keys.gnupg.nethttp-keys.g0%Avira URL Cloudsafe
https://bugs.gnupg.orgGnuPGgpggpgsmgpg-agentgpgtarEMAILGNUPGGPGGPGSMGPG_AGENTSCDAEMONTPM2DAEMONDIRMN0%Avira URL Cloudsafe
https://openpgpkey.%s/.well-known/openpgpkey/%s/hu/%s?l=%s0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

No contacted domains info
NameSourceMaliciousAntivirus DetectionReputation
https://gnupg.org/faq/subkey-cross-certify.htmlWARNING:gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1411632295.0000000003052000.00000004.00000020.00020000.00000000.sdmpfalse
    		high
    https://gnupg.org/documentation/mailing-lists.htmlgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
      		high
      https://gnupg.org/donateEingnupg-w32-2.4.7_20241125.exe, 00000000.00000002.1596590318.000000000091D000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1260066526.0000000003059000.00000004.00000020.00020000.00000000.sdmpfalse
        		high
        https://gnupg.org/ftp/gcrypt/libgcrypt/)gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
          		high
          https://gnupg.org/ftp/gcrypt/pinentry/gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
            		high
            https://versions.gnupg.org/swdb.lst.siggnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drfalse
            • Avira URL Cloud: safe
            		unknown
            https://gnupg.org/ftp/gcrypt/libassuan/)gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
              		high
              https://www.gnu.org/philosophy/why-not-lgpl.htmlgnupg-w32-2.4.7_20241125.exe, 00000000.00000002.1596590318.000000000091D000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1374882759.0000000000977000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000002.1596360967.000000000065A000.00000004.00000010.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1480449228.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1405277389.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1260066526.0000000003059000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1484699035.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1489361858.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1497964610.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1457898429.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1449088209.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1496719530.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1487857855.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1404442919.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408757347.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1487042360.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1455367633.0000000000987000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1491307069.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1488391273.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1485963618.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1492949919.0000000000966000.00000004.00000020.00020000.00000000.sdmpfalse
                		high
                https://dev.gnupg.org/T7353gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                https://gnupg.org0/gnupg-w32-2.4.7_20241125.exe, pinentry-basic.exe.0.dr, libassuan-9.dll.0.dr, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drfalse
                • Avira URL Cloud: safe
                		unknown
                https://www.gnu.org/licenses/pinentry-basic.exe.0.dr, gcrypt.h.0.drfalse
                  		high
                  https://dev.gnupg.org/T7030gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://gnupg.org/ftp/gcrypt/libgpg-error/)gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                    		high
                    http://nsis.sf.net/NSIS_ErrorErrorgnupg-w32-2.4.7_20241125.exefalse
                      		high
                      https://bugs.gnupg.orgdirmngr.exe.0.drfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://gnupg.org/documentation/manuals/gnupg-devel/gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                        		high
                        http://keys.gnupg.netgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://gnupg.org/ftp/gcrypt/gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                          		high
                          https://gnupg.orgNoModifyNoRepairgnupg-w32-2.4.7_20241125.exe, 00000000.00000002.1596590318.000000000091D000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1260066526.0000000003059000.00000004.00000020.00020000.00000000.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://versions.gnupg.org/swdb.lstgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://gnupg.org/faq/subkey-cross-certify.htmlgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1411632295.0000000003052000.00000004.00000020.00020000.00000000.sdmpfalse
                            		high
                            https://versions.gnupg.org/swdb.lsthttps://versions.gnupg.org/swdb.lst.sig--enable-special-filenamesgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://yubi.co/ysa201701gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1415113641.000000000305B000.00000004.00000020.00020000.00000000.sdmp, gpg-card.exe.0.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://dev.gnupg.org/T4834gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1493958312.0000000003050000.00000004.00000020.00020000.00000000.sdmp, gpgme.h.0.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://gnupg.org/faq/whats-new-in-2.1.htmlgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                              		high
                              https://gnupg.org/ftp/gcrypt/npth/)gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                                		high
                                http://http-keys.gnupg.netgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drfalse
                                • Avira URL Cloud: safe
                                		unknown
                                https://http-keys.gnupg.netgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drfalse
                                • Avira URL Cloud: safe
                                		unknown
                                http://www.zlib.net/Dgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1478557863.000000000305D000.00000004.00000020.00020000.00000000.sdmpfalse
                                  		high
                                  https://gnupg.orgnotepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                                    		high
                                    https://gnupg.org/documentation/manuals/gnupg/gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                                      		high
                                      https://keys.gnupg.netgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://keys.gnupg.nethkp://keys.gnupg.nethttp://keys.gnupg.nethkps://http-keys.gnupg.nethttp-keys.ggnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, dirmngr.exe.0.drfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://gnu.org/licenses/gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1456517996.0000000003053000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1493958312.0000000003050000.00000004.00000020.00020000.00000000.sdmp, gpgme.h.0.drfalse
                                        		high
                                        https://gnupg.org/donategnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1552156586.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1553098184.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1593868151.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1553000799.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1553057620.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1551238047.0000000004260000.00000004.00000800.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1553148981.0000000004260000.00000004.00000800.00020000.00000000.sdmpfalse
                                          		high
                                          https://gnupg.org/download/mirrors.htmlgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                                            		high
                                            https://gnupg.org/ftp/gcrypt/libksba/)gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		high
                                              https://gnu.org/licenses/gpl.htmlgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1456517996.0000000003053000.00000004.00000020.00020000.00000000.sdmpfalse
                                                		high
                                                https://www.gnu.org/licengnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1489361858.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1497964610.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1496719530.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1487857855.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1491307069.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1488391273.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1492949919.0000000000966000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1490318764.0000000000966000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		high
                                                  https://fsf.org/gnupg-w32-2.4.7_20241125.exe, 00000000.00000002.1596590318.000000000091D000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1260066526.0000000003059000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://gnupg.org/donate/gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      		high
                                                      https://gnupg.org/service.htmlgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1408806151.000000000305B000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://openpgpkey.%s/.well-known/openpgpkey/%s/hu/%s?l=%sgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1416699830.0000000003054000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://bugs.gnupg.orgGnuPGgpggpgsmgpg-agentgpgtarEMAILGNUPGGPGGPGSMGPG_AGENTSCDAEMONTPM2DAEMONDIRMNgnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1421234681.0000000003053000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1413450306.0000000003054000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1423313869.0000000003053000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1415823291.0000000003057000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1410358086.0000000003058000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1412714413.0000000003057000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1417211685.0000000003050000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1416699830.0000000003054000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1419083461.000000000305A000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1420036109.000000000305E000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1422210475.0000000003052000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1415113641.000000000305B000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1411632295.0000000003052000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1418330425.000000000305B000.00000004.00000020.00020000.00000000.sdmp, gnupg-w32-2.4.7_20241125.exe, 00000000.00000003.1414234142.0000000003053000.00000004.00000020.00020000.00000000.sdmp, scdaemon.exe.0.dr, gpg-connect-agent.exe.0.dr, gpg-card.exe.0.dr, gpg-agent.exe.0.dr, dirmngr.exe.0.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        http://www.gnu.org/licenses/notepad.exe, 00000007.00000002.2515488017.000000000053E000.00000004.00000020.00020000.00000000.sdmp, ksba.h.0.dr, assuan.h.0.drfalse
                                                          		high

                                                          World Map of Contacted IPs

                                                          No contacted IP infos

                                                          General Information

                                                          Joe Sandbox version:42.0.0 Malachite
                                                          Analysis ID:1671114
                                                          Start date and time:2025-04-22 16:48:07 +02:00
                                                          Joe Sandbox product:CloudBasic
                                                          Overall analysis duration:0h 5m 28s
                                                          Hypervisor based Inspection enabled:false
                                                          Report type:full
                                                          Cookbook file name:default.jbs
                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                          Number of analysed new started processes analysed:11
                                                          Number of new started drivers analysed:0
                                                          Number of existing processes analysed:0
                                                          Number of existing drivers analysed:0
                                                          Number of injected processes analysed:0
                                                          Technologies:
                                                          • EGA enabled
                                                          • AMSI enabled
                                                          Analysis Mode:default
                                                          Analysis stop reason:Timeout
                                                          Sample name:gnupg-w32-2.4.7_20241125.exe
                                                          Detection:CLEAN
                                                          Classification:clean2.winEXE@3/101@0/0
                                                          Cookbook Comments:
                                                          • Found application associated with file extension: .exe
                                                          • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                                          • Excluded IPs from analysis (whitelisted): 184.29.183.29, 52.149.20.212
                                                          • Excluded domains from analysis (whitelisted): c2a9c95e369881c67228a6591cac2686.clo.footprintdns.com, ax-ring.msedge.net, fs.microsoft.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, c.pki.goog, fe3cr.delivery.mp.microsoft.com
                                                          • Not all processes where analyzed, report is missing behavior information
                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                          • Report size getting too big, too many NtQueryValueKey calls found.

                                                          Simulations

                                                          Behavior and APIs

                                                          No simulations

                                                          Joe Sandbox View / Context

                                                          IPs

                                                          No context

                                                          Domains

                                                          No context

                                                          ASNs

                                                          No context

                                                          JA3 Fingerprints

                                                          No context

                                                          Dropped Files

                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                          C:\Program Files (x86)\gnupg\bin\gpg-agent.exeVirtManage.exeGet hashmaliciousUnknownBrowse
                                                            VirtManage.exeGet hashmaliciousUnknownBrowse
                                                              VirtManage.exeGet hashmaliciousUnknownBrowse
                                                                VirtManage.exeGet hashmaliciousUnknownBrowse

                                                                  Created / dropped Files

                                                                  C:\Program Files (x86)\gnupg\README.txt

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:Generic INItialization configuration [T7351]
                                                                  Category:dropped
                                                                  Size (bytes):34898
                                                                  Entropy (8bit):5.116832675030297
                                                                  Encrypted:false
                                                                  SSDEEP:768:nOouHHPB/AYwKCMWXWpqAoUl6kTKjFpkP6wrZlrvtre+dA9rr5uM2gZrN/8fSeG8:nMH1FwKCMWXWpoUqBp8DRCPh1eGwOS3V
                                                                  MD5:DD67B31D8397579B0F33BF344FFD6A58
                                                                  SHA1:C5C7A30E0B47E987A09C442D8A91D623C91F937F
                                                                  SHA-256:D4EC221377D9359E5E59558967635DA1FBA7D6A26612CD25A25A6EFE72194F5D
                                                                  SHA-512:A99772C3114FC237396634B67B00DE85D4B9B184D7E40BDC1642835E30F62037854AD201F9F39C60C5959800746A905E838E4912A7138B55F5DB0670194EA7A5
                                                                  Malicious:false
                                                                  Reputation:moderate, very likely benign file
                                                                  Preview:.... GNU Privacy Guard for Windows.. ===============================....This is GnuPG for Windows, version 2.4.7.....Content:.... 1. Important notes.. 2. Changes.. 3. GnuPG README file.. 4. Package versions.. 5. Legal notices......1. Important Notes..==================....This is the core part of the GnuPG system as used by several other..frontend programs. This installer does not provide any graphical..frontend and thus almost everything needs to be done on the command..line. However, a small native Windows GUI tool is included which is..used by GnuPG to ask for passphrases. It provides only the basic..functionality and is installed under the name "pinentry-basic.exe"...Other software using this core component may install a different..version of such a tool under the name "pinentry.exe" or configure the..gpg-agent to use that version.....See https://gnupg.org for latest news. HowTo documents and manuals..can be found there b

                                                                  C:\Program Files (x86)\gnupg\VERSION

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:ASCII text, with CRLF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):14
                                                                  Entropy (8bit):3.2359263506290334
                                                                  Encrypted:false
                                                                  SSDEEP:3:t1PLgy:tZgy
                                                                  MD5:ABDCF81DD03DC09832968FE69964B678
                                                                  SHA1:08FF640618D7EDB2E67043C07EA0430D7E16C83D
                                                                  SHA-256:4F40F32A374ADBBEB66B2C0237F66567D01468AF96F5CC449E106C5E183C7E24
                                                                  SHA-512:8510EBD4AA30C78B5AFC577369B069EB6221FB1D116C5D34EAE0D4CAAA0C25FDC6ECF2035958901C3ECEF443ACFE42B1A2399335B66FCE16B42C345EF3BEF00B
                                                                  Malicious:false
                                                                  Reputation:moderate, very likely benign file
                                                                  Preview:gnupg..2.4.7..

                                                                  C:\Program Files (x86)\gnupg\bin\dirmngr.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):728816
                                                                  Entropy (8bit):6.397324963407398
                                                                  Encrypted:false
                                                                  SSDEEP:12288:e3E4UwrnvqNlMVImTF5VrPZZZWbB5mCVexFFaSOqrEfGJfM0QnMgrKyA2av42G8j:e04UwrnvqNyVjTTVrPZZZWbB5mCaFFa6
                                                                  MD5:B4E1EE7F8654AF3534975D12F36F8639
                                                                  SHA1:A947FE768FF6B296A674ECCE61FC22AB45A5F42C
                                                                  SHA-256:EF1A6E5F5DB983E2E08195222EE22DA1701F3A06904C957F9155CCFFA9EB2589
                                                                  SHA-512:1CBB1CCD029359A62FB14CC1BCE27DED82016A0707BA615410DA33DC792AAA86DD1A3D983F36589D8D561BC842C3E1F5B3B16E290953F134CA2CE16AC31CF03E
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Reputation:moderate, very likely benign file
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......................#..........................@..........................p................ ..................................G...0...2...............(...................................^......................p...0............................text...............................`.P`.data...............................@.`..rdata...X... ...Z..................@.`@/4...... ............\..............@.0@.bss....4.............................`..idata...G.......H...v..............@.0..CRT....4...........................@.0..tls......... ......................@.0..rsrc....2...0...4..................@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\dirmngr_ldap.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):147696
                                                                  Entropy (8bit):6.424744187444643
                                                                  Encrypted:false
                                                                  SSDEEP:3072:THkQTSIaH5yIvAsYRBWB+jdddddiWl4VIrmm/b:TrTlaZyI7YqkiIrmY
                                                                  MD5:1C667DFCB9A36737797500EAD82D499C
                                                                  SHA1:768CFC180ED4D89B982667C2388394F02F33FE10
                                                                  SHA-256:0F7A9EAAC02BF5F0A58ABF18614A4601E6E64F6BBA4A985986BB7B14B6B88D3F
                                                                  SHA-512:572BB171176C4BE3F4F3D729C52FF3E3343BAC0B5D45DD0ACD2E6D06EAA3B702A1A3B764D0A8F87FA12ACF7DC653428FC699CF5DDB83AFB6E510220D44A0AA6B
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Reputation:moderate, very likely benign file
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......................#.\...................p....@.................................<......... .................................\....@...2...............(.........................................................0...|............................text...d[.......\..................`.P`.data........p.......`..............@.`..rdata...,...........b..............@.`@/4......L5.......6..................@.0@.bss....4.............................`..idata..\...........................@.0..CRT....4.... ......................@.0..tls.........0......................@.0..rsrc....2...@...4..................@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpg-agent.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):487152
                                                                  Entropy (8bit):6.377688706333829
                                                                  Encrypted:false
                                                                  SSDEEP:6144:UnHLRreP1YS0/E9anAWBC0XYPOX5KoLiYbUNA0isyFiDKVKqRffwpl4yZ2zTVjsz:qdztOCACYP3o+Yb/1bRyMTV40orL
                                                                  MD5:6BE1B23B45010B148615174E3B10089A
                                                                  SHA1:140D85AB5C476819D9FA83194735180A0B30040A
                                                                  SHA-256:010ACD536B643B7930B9F769D15D907E46905A84E2F9C5966C8D6DA7D13A77C2
                                                                  SHA-512:BF308B105ED5A1C2FF059C27F40C9301E7833AF844BF22D49A55EA06CFD0094F4D74E6DDF42967EB36DE074F06A06206D40434DD498873EA4AAB63F9C6F836E6
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Joe Sandbox View:
                                                                  • Filename: VirtManage.exe, Detection: malicious, Browse
                                                                  • Filename: VirtManage.exe, Detection: malicious, Browse
                                                                  • Filename: VirtManage.exe, Detection: malicious, Browse
                                                                  • Filename: VirtManage.exe, Detection: malicious, Browse
                                                                  Reputation:moderate, very likely benign file
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........F.............#.....B............... ....@.................................f......... .............................. ..@6.......2...........F...(..................................,*.......................'...............................text...............................`.P`.data........ ......................@.`..rdata.......0......................@.`@/4...........@......."..............@.0@.bss....T.............................`..idata..@6... ...8..................@.0..CRT....4....`......................@.0..tls.........p......................@.0..rsrc....2.......4..................@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpg-card.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):347376
                                                                  Entropy (8bit):6.383290780466343
                                                                  Encrypted:false
                                                                  SSDEEP:6144:ShYhcHxznbbInR6qJcVOzBzOySj7a8gaA6Wju4VrmY:bmEnSVOzBzOyYdivVr9
                                                                  MD5:5A08FA26E00FB277017038834E320E9F
                                                                  SHA1:056AD61C9CA2C354AA07E27B9DB13C136C8F032D
                                                                  SHA-256:0C0AF5489AB338D550D17A8ED9342F327C4C09BD8CEAE7130BFBA15B0C38C36C
                                                                  SHA-512:7EC9E3960DF9A0226D09F07BB6F5A301536DF89F86B9E10D7868134610B5891EB35438F7D3608A5486CC3147DBB4535AB08A2F5C557A0566EB3A52858A2A6AA4
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........$.............#..... ....................@........................................... ..................................$...`...2...........$...(..................................\U.......................................................text...T...........................`.P`.data...............................@.`..rdata..............................@.`@/4.......z...p...|...J..............@.0@.bss..................................`..idata...$.......&..................@.0..CRT....4....@......................@.0..tls.........P......................@.0..rsrc....2...`...4..................@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpg-check-pattern.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):153840
                                                                  Entropy (8bit):6.469625109734696
                                                                  Encrypted:false
                                                                  SSDEEP:3072:dqjYQeoPFqgdXEyqyMNBC+ijdddddiWlp52rm8//h:dqjYMtXVEyKNI+iD2rm8R
                                                                  MD5:445405648E5FF6E37CDCE2BE6C3F7CD5
                                                                  SHA1:4BB3981426D98289A5A7A88CE77CF40890477922
                                                                  SHA-256:FD453D103EA20DADCA5FEF678076BB98D6DBA702E881847FB104B7241E0A8CA3
                                                                  SHA-512:7C7BD293A6EDDA046FD9157CEDA8590D4CDB0EA4F4EC720943722B5124AE8615300605FD7B46CC9F41A75F8F50486879FA00EB5FF8245249402DB67283834460
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........0.............#.f...,....................@.......................................... ..............................0.......p...2...........0...(..................................$........................3..D............................text....d.......f..................`.P`.data................j..............@.`..rdata...@.......B...l..............@.`@/4.......1.......2..................@.0@.bss......... ........................`..idata.......0......................@.0..CRT....4....P......................@.0..tls.........`......................@.0..rsrc....2...p...4..................@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpg-connect-agent.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):187120
                                                                  Entropy (8bit):6.40129986958723
                                                                  Encrypted:false
                                                                  SSDEEP:3072:ANj0uQX00IxidxWmwnzPUD+QGl4hNeqzFzabpMjdddddiWlSAGrmfY/O:MwuRvZmwbUD+QPhNnzaNMlGrmf/
                                                                  MD5:C5FFE474681E357C5DA0E5E00F65AB1D
                                                                  SHA1:92169973F1AAE70A243AFD5D50DC692E69B29BF0
                                                                  SHA-256:B2E2F26A67285BA7EF0C5F016D833674903D633AC84E6B8435DE19EBF1193627
                                                                  SHA-512:73A178FCA33EC785005124DB98F3D665A20036829FDA95D74A0B5C28827C98A83E7FC2EA2DDCED992FBCED87E5C8F182DF65754EE3FE0AD707371C99B9B29A3E
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......................#..........................@..........................0................ .................................P........2...............(..................................L).......................................................text...T...........................`.P`.data...t...........................@.`..rdata...G.......H..................@.`@/4.......D...@...F..................@.0@.bss..................................`..idata..P............\..............@.0..CRT....4............z..............@.0..tls.................|..............@.0..rsrc....2.......4...~..............@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpg-preset-passphrase.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):116976
                                                                  Entropy (8bit):6.5030373952492555
                                                                  Encrypted:false
                                                                  SSDEEP:1536:seSqaafNmGQ3AB/Z05OHXcJ0vR52JBIoQQtWzK7ldUyYtrmTH/m6O:seSqaUO3SBvz2JGlQkzK7lTWrmL/HO
                                                                  MD5:1CC1BE3235BD83DD3695319AEE8D5B45
                                                                  SHA1:59CBE5177E277A3DDD1EEB043CB1AB14640425D2
                                                                  SHA-256:AF8A4C96170DB75C94FB4156A17B072BDE2D1F9E585344F0BD8A5C1495EA6DCF
                                                                  SHA-512:BC757EC2A4947401DEA1083DD5332C24F0C929F19F7F9E6861B8BEEB41194DFCFFE64BBF698B400960510F8B5219EB49A7AE4A93B8FD548315B8B0158840AA55
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......................#.*...................@....@..................................L........ ..........................................................(...................................g.......................................................text....(.......*..................`.P`.data........@......................@.`..rdata..x%...P...&...0..............@.`@/4.......-...........V..............@.0@.bss..................................`..idata..............................@.0..CRT....4...........................@.0..tls................................@.0.................................................................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpg-wks-client.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):274672
                                                                  Entropy (8bit):6.4287223762400805
                                                                  Encrypted:false
                                                                  SSDEEP:6144:ab5URaW5qvd6GbRwm4aKELssKbX+h38Lrmt:1RaWcj6m4LFbFLrs
                                                                  MD5:22A211B9CA718B5A36F3D6043A36D832
                                                                  SHA1:9B54B9D4558F42BD37019AF188D695923DDCF1D7
                                                                  SHA-256:C73B486B63A0D718D25639F29F885616A395A06A162FC18F9C71FE47FF0E69D3
                                                                  SHA-512:67B6020D8CA21A094779D904D7858F234F701A15830461387878C7E8249DC573D83BFA045EED933203A48B7AB08EF6A7388C1958AD1DAD279EA635015F7EFEB7
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......................#..........................@..........................p......7......... .................................H....0...3...............(...................................C..........................D............................text..............................`.P`.data...............................@.`..rdata..8t.......v..................@.`@/4......`q...`...r...>..............@.0@.bss....T.............................`..idata..H........ ..................@.0..CRT....4...........................@.0..tls......... ......................@.0..rsrc....3...0...4..................@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpg.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):1357552
                                                                  Entropy (8bit):6.408449099347203
                                                                  Encrypted:false
                                                                  SSDEEP:24576:V/4K636/4LPhS6Rc17DhggJeAuskOSxOQD6DD+ezN2p/3uLW+QHBmZ892F+TIYQR:+9PhS6Rc17DhggJeDdS0pfs8BmZ8i+9i
                                                                  MD5:2F5BFF434DC70BF6C2C24219F7EEA756
                                                                  SHA1:F91D1EEF0AD4A5CE8CFBCC0BCE3DC8CDCEB2551C
                                                                  SHA-256:E97BF1D1B36E11C028FD8B7DFA25B37C932271ACC36457F853A38A6291135E8D
                                                                  SHA-512:054C60EB216244F9D8719FBE81BABF7E2420787807FC65172B59F15BBE4FA3F3678D1560408C40BFFC5C40535BA8CC05974A9BC12388C6273CF9C764B2987B5D
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......................#.D.......0...........`....@.......................... ....../......... .................................l:.......2...............(..........................................................................................text...$C.......D..................`.P`.data....3...`...4...H..............@.`..rdata...............|..............@.`@/4......,...........................@.0@.bss....t....P........................`..idata..l:.......<..................@.0..CRT....4............V..............@.0..tls.................X..............@.0..rsrc....2.......4...Z..............@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpgconf.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):211184
                                                                  Entropy (8bit):6.383037752949038
                                                                  Encrypted:false
                                                                  SSDEEP:3072:L5n7bH4wmVxgVTwUbHO8DBI+YPvHOieEYK2BQEUExsb7y87b1jdddddiWlCyjrmK:NH4we+VMMrDBIVPvHA9/6EbLK1BjrmK
                                                                  MD5:DE8AE49F5EF55085B3906540A7851BEE
                                                                  SHA1:5747D51D1EEF46AE4E3C740DDA7E823C0552748A
                                                                  SHA-256:18172E8D58B091CF5B21BD7769F4C75C5D39C025E7FD8B37A98BD7348F2B9B82
                                                                  SHA-512:113DF07EEF9A1A76579885656F319A5FFB35B86DDA18F54D85C9BED925F378586F6B8F02A92F760C4ADD6A3F5EC3262395D061E587D50210281D1B72B2866CBF
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......................#..........................@..........................p.......G........ ................................. ....0...2...............(..................................ps......................P................................text...............................`.P`.data...............................@.`..rdata...a... ...b..................@.`@/4......HG.......H...t..............@.0@.bss..................................`..idata.. ...........................@.0..CRT....4...........................@.0..tls......... ......................@.0..rsrc....2...0...4..................@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpgme-w32spawn.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):64240
                                                                  Entropy (8bit):6.564430787518633
                                                                  Encrypted:false
                                                                  SSDEEP:768:T3+xyH2hv4i9Wfk4bZhIub6x5WPjYWEaJUYffwH5Yyc4WnHGVKQUhxMg6LqT/S+T:r+xy+vjJ4bseA+UawyoDrmT/mE
                                                                  MD5:1199660287EEB4F199E38A64760EFA7A
                                                                  SHA1:B6AD26E318DE2C512E320CFD50BC3945CAF3E8AD
                                                                  SHA-256:66A1044131B41FAA3CE7A0105818664CED6DF37006BF87DFBF4F3AA1723E84AF
                                                                  SHA-512:56C2C915EF74781FC6C2E5B0BCA3FE841F74CB568EA9F05B71C9F9C8F7F764FAB2145535BF18517F9F91D1EF7512C3934F5DB015DD5A2F5D178A371F861103F5
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......................#..........................@..........................0................ ..........................................................(.................................. .......................h...,............................text...............................`.P`.data...p...........................@.0..rdata..X...........................@.`@/4..................................@.0@.bss..................................`..idata..............................@.0..CRT....4...........................@.0..tls......... ......................@.0.................................................................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpgsm.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):688880
                                                                  Entropy (8bit):6.378122662036133
                                                                  Encrypted:false
                                                                  SSDEEP:12288:dH4bGnwlcj+L6Frt+iDsbjGrSR424svPQbCyjGxgqOAF98ZVP1drm:dH4b62cjK6Frt+qsbjGrSR424svPmjGh
                                                                  MD5:97A4E4F66F42F2B7E91803BB799B7643
                                                                  SHA1:1CB46358B2762482EB085EBF6C3C5CE58991224C
                                                                  SHA-256:63FEBB20DA24B16FFCBF1C6F03CD867290D8FA4C6C2EC00AF1DC0F5F2A2EB1ED
                                                                  SHA-512:613F4EBC222713B2618CB1F3EFBDB8903C9848762C95A4BC93D134894C3E63936D819F2D0CA29FD0FD0CCF1187A78D0533DE6700939BE9D9F5BD7D166C0BC74E
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........Z.............#.n...V....................@.................................E<........ ..................................C.......2...........Z...(..................................p.......................\................................text....l.......n..................`.P`.data...p............r..............@.`..rdata...|.......~..................@.`@/4..................................@.0@.bss....t.............................`..idata...C.......D..................@.0..CRT....4....`......."..............@.0..tls.........p.......$..............@.0..rsrc....2.......4...&..............@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpgtar.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):189680
                                                                  Entropy (8bit):6.420075056875882
                                                                  Encrypted:false
                                                                  SSDEEP:3072:WWErOQZgiQAKhtuk+vlIJuY/OtS8wcHNaNOmQpjdddddiWlGCerm9/J:FEr7CAKGk+vlIJuoOtAUpNermv
                                                                  MD5:7DAC60B8EC896BEE36BDC8AA85E6077A
                                                                  SHA1:E9533889145CF5AAE7203B4725E7EB8366F6AAFA
                                                                  SHA-256:C0E840A95D197CF6CECF5C16C5CFC2E93760770C3F9B3611BFC00284BA0A9DD5
                                                                  SHA-512:39F94745B54844CA0813BDAE216B5A1B66F6B3FFAEEDE2E044F58F60A31405FFF6520AABAAB6A636BE551C1EC2413C9E8633FE74193A6F246362531CD8EC9A74
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......................#..........................@..........................@................ .................................\........2...............(...................................2......................4................................text...d...........................`.P`.data...............................@.`..rdata..8A.......B..................@.`@/4......|F...P...H... ..............@.0@.bss....4.............................`..idata..\............h..............@.0..CRT....4...........................@.0..tls................................@.0..rsrc....2.......4..................@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\gpgv.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):690928
                                                                  Entropy (8bit):6.405943648311201
                                                                  Encrypted:false
                                                                  SSDEEP:12288:HOaITIgAo/j8JgUTSHLNCZ4KfqTqwqkTkiLiMlPuKXWXgfLIKUrtErjtPi6aQYKh:nITIgAo/j8JgUTSHLNyVbkYciMlPlWXU
                                                                  MD5:40FE10C1D4026C71BD6F13275A0E0C82
                                                                  SHA1:30955285A4AF86391B0C1BBAA8270AB94648E102
                                                                  SHA-256:BB103E3A886A96AA3CA9B712D57308DF0C952FE20FA4CA273C9A8ADEA05F189F
                                                                  SHA-512:863FC94727CC7C3829E28F07E02BC0BDCCA1A4652C2CE2EF708351B5C2AEFA51F0B2E9657517C30E6EB7B127AD9CB41359F171E71CF736006A834801893BEDAF
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........b.............#.....^...,................@........................................... ..............................P...0.......2...........b...(..........................................................LW..p............................text...t...........................`.P`.data...0...........................@.`..rdata...*.......,..................@.`@/4........... ......................@.0@.bss.....+... ........................`..idata...0...P...2..................@.0..CRT....4............*..............@.0..tls.................,..............@.0..rsrc....2.......4..................@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\keyboxd.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):350960
                                                                  Entropy (8bit):6.424215027812645
                                                                  Encrypted:false
                                                                  SSDEEP:6144:DK40Q1NeHjHT+rEQmPhSfkQ0vsJ9e9fp5EzsqMVis3lVZJNT/9dC6J1vQIvVKoc2:DKiYfMm5YHEsJkVuLr+
                                                                  MD5:C2ED2745927F1225A14F2ACCAF030AA8
                                                                  SHA1:73E7E086186E93FAF9C830CEBA5758CE19700F81
                                                                  SHA-256:3C51C551BD0D7DB6599904FB3A55C99F127AF7555D24630B5C36F3AC4D59DB9D
                                                                  SHA-512:2EF6D3B89785D8BB660BE297C5EC862650A303D85CFE9B645FBCC7376AE1CEDAA0882807071EB811D5F3F11E0F6DBFE8657AD0DD255A5382D4980A483D46EDD2
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........2.............#..........................@.................................@S........ .................................(-...`...2...........2...(...................................N.......................................................text...T...........................`.P`.data...............................@.`..rdata.............................@.`@/4...........`.......D..............@.0@.bss..................................`..idata..(-..........................@.0..CRT....4....@......................@.0..tls.........P......................@.0..rsrc....2...`...4..................@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\libassuan-9.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):163080
                                                                  Entropy (8bit):6.417752386059103
                                                                  Encrypted:false
                                                                  SSDEEP:3072:au/oLrUI5VXu4C5mJB6P/v8A7G4iUMzeCml6hjhL93UcfrmW/U:7/eD1C5mJB6P/v8A7GdeVl6NB9DfrmD
                                                                  MD5:C3338F8EF0E60FC5425A763484B51BD1
                                                                  SHA1:DD8492D6BC84059586F47B3EFC71C902AEB2D364
                                                                  SHA-256:77006F7CCEF7BDB79B20DD13B88C50B9D4BBDE4DE909DEE94A2BFF5C4D31AF53
                                                                  SHA-512:770BD390E7F9BE0759B40A60234F243E14D2FE627FB334BDAA8EF9508B898E15C6A2824CCA94D74B92D0612EC676B08AA0E829B54F44D92B69B67135BB0FEE65
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........@.........#...#.....<.....................o.................................Z........ ......................P.......`..|....... ...........(T...(..........................................................|b...............................text...t...........................`.P`.data...............................@.`..rdata...*.......,..................@.`@/4.......%.......&..................@.0@.bss....P....@........................`..edata.......P......................@.0@.idata..|....`......................@.0..CRT....,....p.......*..............@.0..tls.................,..............@.0..rsrc... ...........................@.0..reloc...............4..............@.0B........................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\libgcrypt-20.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):1673528
                                                                  Entropy (8bit):6.43616893742251
                                                                  Encrypted:false
                                                                  SSDEEP:49152:xBUmor7GLIa7WKGmSFcAn8p3m242DFo7eofbLY+XOkDnQAgXSfY9kRb3UPZ5:DUmor7GLIa7WKGmSFcAn8p3m242DFo7Y
                                                                  MD5:D9A35394B623757FC38FF80AD8A64768
                                                                  SHA1:CE577E85F26834AA619703D44B98264DC8CC290D
                                                                  SHA-256:B9887C5FDE78C3D398731B76994198E56F82A7DC0EF1297CC677780BD9871DCF
                                                                  SHA-512:1E5615E0BA91B60CEA3C49E9AEE42754D301E4911DE528958D15F2455F98A0B36A8CC1343601912EEF8FBB924BB151B8A8608F7EBF5B39555A29EF1A8C6B4D47
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........J.........#...#.4...F...............P....\e.................................E........ .................................X....@..X...........X`...(...P...d..........................D@..........................,............................text....2.......4..................`.P`.data....v...P...x...8..............@.p..rdata..............................@.p@/4......Xu...`...v...:..............@.0@.bss..................................`..edata..............................@.0@.idata..X...........................@.0..CRT....,.... ......................@.0..tls.........0......................@.0..rsrc...X....@......................@.0..reloc...d...P...f..................@.0B........................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\libgpg-error-0.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):258032
                                                                  Entropy (8bit):6.576555818013393
                                                                  Encrypted:false
                                                                  SSDEEP:6144:pfvI5kMt33C0YvzVf1JJKDo7wvKx6ST+rmw:pfvIak0/JT+rB
                                                                  MD5:42932F9872A7A54A9DC6F73AD0CC0D8E
                                                                  SHA1:FF400F3A35A9AE429DEDE059996159B4F55B569E
                                                                  SHA-256:C127A350B6D581FB0B2178BF39903CE3653AAC170C81144D5F54334A76A17A8E
                                                                  SHA-512:833D5363CD604B5A23BAFA8E746295A5279047CE90A81849BCF3A1D02236F137F78A75F7D833B5C78FF4E8BD3B4D8FA7873B2C7A91A49433836997FA1F1EB8F9
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...#.X...................p....Hk.........................@............... ..........................................................(......D ......................................................|............................text....W.......X..................`.P`.data........p.......\..............@.`..rdata...............`..............@.`@/4.......c... ...d..................@.0@.bss..................................`..edata...............X..............@.0@.idata...............n..............@.0..CRT....,...........................@.0..tls................................@.0..rsrc...............................@.0..reloc..D ......."..................@.0B........................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\libgpgme-11.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):423232
                                                                  Entropy (8bit):6.261368684355729
                                                                  Encrypted:false
                                                                  SSDEEP:6144:LNpmS9S2K7wxC/FMqtCPvOGbnEMw7Q6julgPgE2xaIxrmF:LNpmS9S2K7wxC9DtpGRwsDgPgE2xaWrw
                                                                  MD5:84D8EA4173FED262BA98A354C75F4EA1
                                                                  SHA1:650D8A1277779123D72BAFB1D4E040BAB7BAA80E
                                                                  SHA-256:9DA3B254CBD0776DAE9B3C62EF8CA25F046EB86E4E1511459AC42EA48114E716
                                                                  SHA-512:FDE145F9D5E625ADA456B7657C9DDBC187C68B30603B001B6CAF7F0443662A9A2FF759186110C5B1C6B6EC72462FD0F26B1D5C3773F6EBC039ABCCB2B14345DA
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........0.........#...#.....,...L................Ho.................................2........ ......................@.......`.......... ...........`L...(......0)..........................h;......................tc...............................text...4...........................`.P`.data...4...........................@.`..rdata..8...........................@.`@/4......P....P.......6..............@.0@.bss.....K............................`..edata.......@......................@.0@.idata.......`......................@.0..CRT....,...........................@.0..tls................................@.0..rsrc... ...........................@.0..reloc..0).......*..................@.0B........................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\libksba-8.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):306120
                                                                  Entropy (8bit):6.216139498243467
                                                                  Encrypted:false
                                                                  SSDEEP:6144:O42f7KrFtAM4KeXUGV6dYLtV2RxodImdEJ9h0zAHAKZXAVOrmI:O46KxxeX/V6dYLtVUxodImdEJB2Orh
                                                                  MD5:7F14D4B135DA307EC26496C30C8B4BEC
                                                                  SHA1:E7603350C15F00B05BCB0429E5EF8C63BA68B548
                                                                  SHA-256:9D46C7C9ED129C1CE4917320E7A15E63D04CD22F53547632448195B60966FBE5
                                                                  SHA-512:8CCC8BCC0F785B1B80D627C9CBC544D80F0DD5242717E255D09A7190EA3B8BC06C25391B1F8636275B72B5F8A142AEF547D73EB4ADE0CEC2406BC9988077A562
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........x..L......#...#.....t...............0.....d.................................3........ ......................p..;.......<.......@...............(......t...................................................l................................text...d...........................`.P`.data........0......................@.`..rdata......@......................@.`@/4......<\.......^..................@.0@.bss....P....`........................`..edata..;....p.......:..............@.0@.idata..<............P..............@.0..CRT....,............X..............@.0..tls.................Z..............@.0..rsrc...@............\..............@.0..reloc..t............b..............@.0B........................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\libnpth-0.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):42784
                                                                  Entropy (8bit):6.409539334374584
                                                                  Encrypted:false
                                                                  SSDEEP:768:TiYCLBTdAnvHM8qq9z/UVXk9SDuFX/g6LqTWRS+ST6nkG5:TiYCLsVxVUVXvDuN/rmi/mC
                                                                  MD5:3960BB4E65CE44015E23F34A4FD7D550
                                                                  SHA1:227EE7867E0882318365F0371D82B5F80FDE4789
                                                                  SHA-256:9DBF5B71E48BB5BC4426547C917593BB7236AF22614D4E9FB05077DC8580BAB9
                                                                  SHA-512:146A878DB676FBF7A57DC0AA3688C553CA847D27F450824C6ED12ACD54C8F2BBBDAF0CFB8ED68B93FF42744DDA62E9DF1F07D9BADF30AFAAD68AF7C1459873BE
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........t..C......#...#.<...p...............P.....j................................>......... .....................................................@~...(...................................b......................H................................text....;.......<..................`.P`.data...(....P.......@..............@.0..rdata..t....`.......B..............@.`@/4...........p.......J..............@.0@.bss..................................`..edata...............V..............@.0@.idata...............^..............@.0..CRT....,............f..............@.0..tls.................h..............@.0..rsrc................j..............@.0..reloc...............p..............@.0B........................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\libntbtls-0.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):119056
                                                                  Entropy (8bit):6.265630978131934
                                                                  Encrypted:false
                                                                  SSDEEP:3072:NTihWPzqSJx84O5uzTgEHEi8yiCWxUx4rmL/Yk:0hkzqSPheNZxrm7
                                                                  MD5:C3865B0A3D13459ED6D07FA9D002DF9D
                                                                  SHA1:AF6DE7C0447701032E3947C5AE7323217B5F9EA3
                                                                  SHA-256:73BB581B31B4197B16F14CB680B88CAFEEE68F1EEF159415CD2F2983A9CD7225
                                                                  SHA-512:84539FDDC85DA6B3046A950EF44AE3B57EA958884702C8BD91D4FC7811B7F62051D269D8D216BCC834AC56A995F353BE18B44631F54B5CC5A07845459EB26055
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...#...........................e.................................S........ .....................................................0....(......L............................]..........................@............................text...............................`.P`.data...(...........................@.0..rdata..`R.......T..................@.`@/4......L....p.......H..............@.0@.bss..................................`..edata...............f..............@.0@.idata...............h..............@.0..CRT....,............z..............@.0..tls.................|..............@.0..rsrc................~..............@.0..reloc..L...........................@.0B........................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\libsqlite3-0.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):1222088
                                                                  Entropy (8bit):6.140324791811354
                                                                  Encrypted:false
                                                                  SSDEEP:24576:epFmcCbOkZgAKuSD9fBi/xAh6pQ4IEJ9KLAp+VgsRiCn27n:emc+ZnKrpi/mhSQ4IEJ98AI9x2r
                                                                  MD5:C752EF26DE39DC61B742EEC43E5B7064
                                                                  SHA1:B7B10FFD716D2F4D4E1BBD2C24F1680207828C6A
                                                                  SHA-256:20C09E201D977EC3F11BC7E22C5F0DDC829584209EE761258640601161A8C922
                                                                  SHA-512:90828D79F128A592E236A9B545D402AA282C5477A05CA4CBB3109189405E46C968B787E9AE37BFB55C5519214B972F2AABD415A3DCF29C05A4554BA3FD060AAF
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........l..k......#...#.....h............... ....Xf.......................................... ......................@.......`..p....................|...(.......=...........................p.......................a...............................text...............................`.P`.data....7... ...8..................@.`..rdata.......`.......@..............@.`@/4......p............V..............@.0@.bss.........0........................`..edata.......@... ..................@.0@.idata..p....`......................@.0..CRT....,....p.......*..............@.0..tls.................,..............@.0..reloc...=.......>..................@.0B................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\pinentry-basic.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):110320
                                                                  Entropy (8bit):6.203117510571365
                                                                  Encrypted:false
                                                                  SSDEEP:1536:ZbUrJ8hiszBOwluUXw3GWCnCjGLihQ99iPS71GPz0bfmrmK/mJ:ZbUrJ8hi+BzluUXjCqi+TiPsHb+rmK/6
                                                                  MD5:05B557A7D1BE788F079864C7759B13E6
                                                                  SHA1:699CAC08BA6FFBD2213C9ED9D8B6528957E6B9AB
                                                                  SHA-256:F7E8146A96266DC2EC5B17453D35501B7753DCD5504F7AF1B12EB6C99439D867
                                                                  SHA-512:61D3A6153D3566074D26E6B936EE4DFE00769D6A46E5795835910AB7AD9D92802979953D26BD06DF43547BCEF2252F25690FC98EDD18DDC16B6459EB1408F9AD
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......................#..........................@.................................h......... ..............................`..\.......`N...............(..................................8"......................pb...............................text...4...........................`.P`.data...t...........................@.`..rdata..8........ ..................@.`@/4......|....0......................@.0@.bss.........P........................`..idata..\....`.......$..............@.0..CRT....4....p.......2..............@.0..tls.................4..............@.0..rsrc...`N.......P...6..............@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\scdaemon.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):654576
                                                                  Entropy (8bit):6.373819781631804
                                                                  Encrypted:false
                                                                  SSDEEP:12288:jgGo/7g/6Ss92HyRDOmQSYjY43uL8UfE+UbRtGQiyUSHEzRVBiIrh:jFojg/6SsISRDU5s43uxs+UbREQiPSWP
                                                                  MD5:A12C955F2A376B814824A05B585199F4
                                                                  SHA1:6311DF8A16E636A6A506DB2653329C5C9ED91614
                                                                  SHA-256:127069759EB74BDF3A154732E7FDE79920E488FD968B74269A1BDCB2BF2E39A4
                                                                  SHA-512:4CA1080DC7DDC035E23AF61D8B925DF28BC1A028E72E2540AEE6343406AE85A0789CF0A413C5C3F0D9DDA9DD2D8C78028C434F344DE469B42FBEC94F6200905E
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......................#.:...................P....@..........................P......3N........ .................................P0.......2...............(..................................$.......................0...T............................text....9.......:..................`.P`.data........P.......>..............@.`..rdata...W...`...X...H..............@.`@/4..................................@.0@.bss..................................`..idata..P0.......2...j..............@.0..CRT....4...........................@.0..tls................................@.0..rsrc....2.......4..................@.0.........................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\bin\zlib1.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):143600
                                                                  Entropy (8bit):6.608448324753924
                                                                  Encrypted:false
                                                                  SSDEEP:3072:9Epp8vhVky3mYFhgBv89foE+iv4EH2W4UMIwrmrx/i:9EHyhVLzkBvwgE+irH2WNnwrmU
                                                                  MD5:E196400022CE81E1D5B31ECCEF5DA59A
                                                                  SHA1:8F4D788DD154366AB4CD06C33E6BD0BD8E74D8C4
                                                                  SHA-256:DF99B3F2ADF78DBB9D3D1F47C1404335EFF708722BC45581CF8D20B48F326DED
                                                                  SHA-512:AF4716BF7796E92E07940A97664A58906FBDCEBA8B80526F727C922A7B23D615418AB7989AF7AD04DB0AEE1E6B5813BE4F88E3A3A118CF1A6E15B84014DC7599
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...#.|.........................c.......................................... ......................0.......@..p....p...................(......,...........................$........................A...............................text....{.......|..................`.P`.data...L...........................@.0..rdata...E.......F..................@.`@/4.......!......."..................@.0@.bss....P.... ........................`..edata.......0......................@.0@.idata..p....@......................@.0..CRT....,....P......................@.0..tls.........`......................@.0..rsrc........p......................@.0..reloc..,...........................@.0B........................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\gnupg-uninstall.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, Nullsoft Installer self-extracting archive
                                                                  Category:dropped
                                                                  Size (bytes):147878
                                                                  Entropy (8bit):7.236835824876293
                                                                  Encrypted:false
                                                                  SSDEEP:3072:S5cIMSTOBGRYXQbDTmIkvfG5fJLfceAJagjJGCkmUHUpQjmrJqRj:6cDSTZGX8mR4JfmJhcCMUWjmU9
                                                                  MD5:D022C9132EE82C5C60EF512456EBA974
                                                                  SHA1:0A840BC2CEE8645AEE0BAF265E9E0C98616E810C
                                                                  SHA-256:6406F5A2301478406FB55A453FBF286E388AC9A5682C52B528157A2DF94B3BE9
                                                                  SHA-512:C2F6641831AEB188A4360E0B182852DF62B941C8F5B77BE5409EBAE04CB6F87BACEF1A8E03D926D2F51AF4FF1E60FE9047E4AD68E3CC7B62D68BB1CE7724F215
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...<.J_..............."............FD............@..........................@......2.V...@... ..............................@...........P............U..(...........................................................................................text...T........................... .0`.data...............................@.`..rdata...u.......v..................@.`@.bss.... ....@........................`..idata.......@......................@.0..ndata.......`.......$..............@.0..rsrc....P.......R...&..............@.0.........................................................................................................................................................................................................................................................................................................................................................

                                                                  C:\Program Files (x86)\gnupg\include\assuan.h

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:C source, ASCII text
                                                                  Category:dropped
                                                                  Size (bytes):25447
                                                                  Entropy (8bit):4.917315861326872
                                                                  Encrypted:false
                                                                  SSDEEP:384:bEY/BjCf/3QmK2/Da2NVuIVgBnQoZtADLhgHtytjqo4O4cLgR08aMVvzOQ7:bEY/BjCf/AmKv2v6byn4cLM0uzOQ7
                                                                  MD5:B54A13CDA330312756B6917924B2E813
                                                                  SHA1:2FB03FBDD2F9593A1E274F060D2F734BF20225B3
                                                                  SHA-256:407456BB5CBE2B333D228FAF2F69226F13566D59AA4D0C63CA908B04EAEF57C7
                                                                  SHA-512:46D1A5B1EBDF336D92184D8CFDEABB3A8C3FA01E7CE51C0B116E0D7D7979F093DDA046A74A4FB8938253DF48765AE5B6943A075F68C30A0A524EB25AEC2C4C90
                                                                  Malicious:false
                                                                  Preview:/* assuan.h - Definitions for the Assuan IPC library -*- c -*-. * Copyright (C) 2001-2013 Free Software Foundation, Inc.. * Copyright (C) 2001-2021,2023-2024 g10 Code GmbH. *. * This file is part of Assuan.. *. * Assuan is free software; you can redistribute it and/or modify it. * under the terms of the GNU Lesser General Public License as. * published by the Free Software Foundation; either version 2.1 of. * the License, or (at your option) any later version.. *. * Assuan is distributed in the hope that it will be useful, but. * WITHOUT ANY WARRANTY; without even the implied warranty of. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU. * Lesser General Public License for more details.. *. * You should have received a copy of the GNU Lesser General Public. * License along with this program; if not, see <http://www.gnu.org/licenses/>.. * SPDX-License-Identifier: LGPL-2.1-or-later. *. * Do not edit. Generated from assuan.h.in by mkheader for mingw32.. */.

                                                                  C:\Program Files (x86)\gnupg\include\gcrypt.h

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:C source, ASCII text
                                                                  Category:dropped
                                                                  Size (bytes):83204
                                                                  Entropy (8bit):5.0561167989665945
                                                                  Encrypted:false
                                                                  SSDEEP:1536:kC6BPH5IeHFWdTt7GQqe0+0tKNQgngvA8+8jmppSRmzEf3NcCuKb6flaB493qG51:kC6BRfHFWdh7GTtKNQgngvA8+8SppSRY
                                                                  MD5:C30CC1BB135E5DE3BA09213E9A3395C5
                                                                  SHA1:CB6C99CDC60A6BA9E32D7DE1475F3DB9F5F7110A
                                                                  SHA-256:CAA198BC604C55AFC03249584A9EB869E6FFD4150EB436965CB7ABAFE550C570
                                                                  SHA-512:96772FD97756E9EE4FDEB5913C689A6D430652DA5553E567CDFB86886C5553B0600E7771DD9C5D0A874AFE0D0CF63C0ECBBF9C37C20188577A281BF5A258FAC7
                                                                  Malicious:false
                                                                  Preview:/* gcrypt.h - GNU Cryptographic Library Interface -*- c -*-. * Copyright (C) 1998-2018 Free Software Foundation, Inc.. * Copyright (C) 2012-2024 g10 Code GmbH. *. * This file is part of Libgcrypt.. *. * Libgcrypt is free software; you can redistribute it and/or modify. * it under the terms of the GNU Lesser General Public License as. * published by the Free Software Foundation; either version 2.1 of. * the License, or (at your option) any later version.. *. * Libgcrypt is distributed in the hope that it will be useful,. * but WITHOUT ANY WARRANTY; without even the implied warranty of. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the. * GNU Lesser General Public License for more details.. *. * You should have received a copy of the GNU Lesser General Public. * License along with this program; if not, see <https://www.gnu.org/licenses/>.. * SPDX-License-Identifier: LGPL-2.1-or-later. *. * File: src/gcrypt.h. Generated from gcrypt.h.in by configure.. */..#ifn

                                                                  C:\Program Files (x86)\gnupg\include\gpg-error.h

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:C source, ASCII text
                                                                  Category:dropped
                                                                  Size (bytes):80494
                                                                  Entropy (8bit):5.152128034855179
                                                                  Encrypted:false
                                                                  SSDEEP:768:LERseu8qu/isyquq43bzMx/+wcgvBLeUzCaCAUwTPrfqppJ2OHeOhwZ:Lc7mZsLeUWaCALfqFegwZ
                                                                  MD5:57A7F29F268D0C380A26900F2DB55650
                                                                  SHA1:27A60C0515160CED5D7031F4D396371ED51D9BD3
                                                                  SHA-256:F5060CC24FF556BC50BF3FA8405697B139485717BFA40A165CC7775DECB9A5D9
                                                                  SHA-512:793D643FC8EBB07BA850415FC0970D69702D147F1E8D468C9E045B267C936B9343D676457B24558C55F27FA5531B8BD0C3931E59AD6F3B6353661897B9DCBDD1
                                                                  Malicious:false
                                                                  Preview:/* gpg-error.h or gpgrt.h - Common code for GnuPG and others. -*- c -*-. * Copyright (C) 2001-2024 g10 Code GmbH. *. * This file is part of libgpg-error (aka libgpgrt).. *. * libgpg-error is free software; you can redistribute it and/or. * modify it under the terms of the GNU Lesser General Public License. * as published by the Free Software Foundation; either version 2.1 of. * the License, or (at your option) any later version.. *. * libgpg-error is distributed in the hope that it will be useful, but. * WITHOUT ANY WARRANTY; without even the implied warranty of. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU. * Lesser General Public License for more details.. *. * You should have received a copy of the GNU Lesser General Public. * License along with this program; if not, see <https://www.gnu.org/licenses/>.. * SPDX-License-Identifier: LGPL-2.1-or-later. *. * Do not edit. Generated from gpg-error.h.in for:. i686-w64-mingw32. */../* The GnuPG pro

                                                                  C:\Program Files (x86)\gnupg\include\gpgme.h

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:C source, ASCII text
                                                                  Category:dropped
                                                                  Size (bytes):98560
                                                                  Entropy (8bit):4.952439827670573
                                                                  Encrypted:false
                                                                  SSDEEP:768:LEX7c07NFIcEAX6+NtlQ4JhAJZfCNINspwXV/XYxve4Rr9ZdofRVl+m:LV0BFIc1XxhJhAjCmow6pZdoH
                                                                  MD5:76DB677BA2721F33E97ED6AA8D380FD6
                                                                  SHA1:C9F307D4774288392021633E1FE9B70F5E0389A5
                                                                  SHA-256:E7DA6D2601A014A4984077D5CC254A1A0091A0E989E6FCB4BC2B56EC9294DC8C
                                                                  SHA-512:95C44E93FEAF5393AD791164596808E08F2854BD4122040BA2757A24F553089928D64D9627549FE957022B2BA5DF50511FC3C84721EBDA798325865232159E28
                                                                  Malicious:false
                                                                  Preview:/* gpgme.h - Public interface to GnuPG Made Easy. -*- c -*-. * Copyright (C) 2000 Werner Koch (dd9jn). * Copyright (C) 2001-2018 g10 Code GmbH. *. * This file is part of GPGME.. *. * GPGME is free software; you can redistribute it and/or modify it. * under the terms of the GNU Lesser General Public License as. * published by the Free Software Foundation; either version 2.1 of. * the License, or (at your option) any later version.. *. * GPGME is distributed in the hope that it will be useful, but. * WITHOUT ANY WARRANTY; without even the implied warranty of. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU. * Lesser General Public License for more details.. *. * You should have received a copy of the GNU Lesser General Public. * License along with this program; if not, see <https://gnu.org/licenses/>.. * SPDX-License-Identifier: LGPL-2.1-or-later. *. * Generated from gpgme.h.in for i686-w64-mingw32.. */..#ifndef GPGME_H.#define GPGME_H../* Include st

                                                                  C:\Program Files (x86)\gnupg\include\ksba.h

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:C source, ASCII text
                                                                  Category:dropped
                                                                  Size (bytes):26921
                                                                  Entropy (8bit):4.623293171020833
                                                                  Encrypted:false
                                                                  SSDEEP:192:iUeOp0Gr3vfOjvO8HGj6hz3T4ZcG28t7Z5xGl077kaqnY3lvKiFEjZi6s5Pa4kbR:iUFrxKY/5Pa4c+B0oR0SW8+lFDFvH/
                                                                  MD5:E951232F151454EA0E611F50FE5DA689
                                                                  SHA1:2B945AADD3D6483F1C6212187E93E925DE672971
                                                                  SHA-256:9A6857AD680D0994098CFA386BF193B8375A6B6EFE949CB9DA570941238B6D5C
                                                                  SHA-512:61EAF399574CD9CA8B43D37860965D3D37B96534DA73198A7A2C123078C3A4E7D9B32A647722470423285255E55DA6E9F81D6FB0C576BA2DF335A29BF4747611
                                                                  Malicious:false
                                                                  Preview:/* ksba.h - X.509 library used by GnuPG. * Copyright (C) 2001-2006, 2010-2015, 2018-2023 g10 Code GmbH. *. * This file is part of KSBA.. *. * KSBA is free software; you can redistribute it and/or modify. * it under the terms of either. *. * - the GNU Lesser General Public License as published by the Free. * Software Foundation; either version 3 of the License, or (at. * your option) any later version.. *. * or. *. * - the GNU General Public License as published by the Free. * Software Foundation; either version 2 of the License, or (at. * your option) any later version.. *. * or both in parallel, as here.. *. * KSBA is distributed in the hope that it will be useful, but WITHOUT. * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY. * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public. * License for more details.. *. * You should have received a copies of the GNU General Public License. * and the GNU Lesser General Public License along w

                                                                  C:\Program Files (x86)\gnupg\include\npth.h

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:C source, ASCII text
                                                                  Category:dropped
                                                                  Size (bytes):8541
                                                                  Entropy (8bit):5.140248738344182
                                                                  Encrypted:false
                                                                  SSDEEP:192:OIEtrXHafdrbahIh1m84dm8WLnsG5biygHuyeIxia5D:LEtrXHafRWi1m84dmtP/aia5D
                                                                  MD5:519491E98A58BFF87B24539D795EC660
                                                                  SHA1:F46D92FD4DCE6F3A3DA95CF4AC77605D6111164A
                                                                  SHA-256:DE2A424C8B2AAE9066A96A5FF8B3B36425561B64034A8A5C63B97BED3BA3B872
                                                                  SHA-512:A2EF797F87D071EA0F5C28AA719A14BB0D81C66002D0D49CAA5CA988DA786A0D791C0E601EC4D909C2F34832176723CB0FAB5D843059B7ED72CA51592218C44B
                                                                  Malicious:false
                                                                  Preview:/* npth.h - a lightweight implementation of pth over native threads. * Copyright (C) 2011, 2015, 2024 g10 Code GmbH. *. * This file is part of nPth.. *. * nPth is free software; you can redistribute it and/or modify. * it under the terms of the GNU Lesser General Public License as. * published by the Free Software Foundation; either version 2.1 of. * the License, or (at your option) any later version.. *. * nPth is distributed in the hope that it will be useful, but. * WITHOUT ANY WARRANTY; without even the implied warranty of. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See. * the GNU Lesser General Public License for more details.. *. * You should have received a copy of the GNU Lesser General Public. * License along with this program; if not, see <https://www.gnu.org/licenses/>.. */..#ifndef _NPTH_H.#define _NPTH_H..#include <sys/types.h>.#include <time.h>.#include <errno.h>..#include <winsock2.h>.#include <ws2tcpip.h>.#include <windows.h>..#ifdef __cplusplus.extern "C"

                                                                  C:\Program Files (x86)\gnupg\lib\libassuan.imp

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:current ar archive
                                                                  Category:dropped
                                                                  Size (bytes):67862
                                                                  Entropy (8bit):3.8531658134226836
                                                                  Encrypted:false
                                                                  SSDEEP:768:hN3U8bRBAXPzF/PA9VMCKTuqSzwTBPfvLQ10h/KgEJI044RUeTz2mxB/8LnPIX17:n
                                                                  MD5:0A700854E900F3BF3FCFAF32A4815C24
                                                                  SHA1:A41EAE63CD9A64F9302E07EA1AEDA9A5CF7D5419
                                                                  SHA-256:AEBFBE6B09CBBBD6B0722FBAA43C968493FCAD8DA55440B064E5FA20B79FDB44
                                                                  SHA-512:EBE6F2CD2662B36B37CB2882B462CE82DDEC879AF3D40580E2AA37DA46237D1C457DCAB2C377CB66AA049712347FB95D54AD0EBF74C7F44159325E39E7F74F06
                                                                  Malicious:false
                                                                  Preview:!<arch>./ 0 0 0 0 5960 `................V...V..................!P..!P..#...#...&...&...(...(...*...*...-X..-X../.../...1...1...4T..4T..6...6...9...9...;x..;x..=...=...@$..@$..B...B...D...D...G2..G2..I...I...K...K...NN..NN..P...P...S...S...Un..Un..W...W...Z...Z...\|..\|..^...^...a4..a4..c...c...e...e...hl..hl..j...j...m...m...oN..oN..q...q...t>..t>..v...v...y2..y2..{...{...~"..~"...................n...n...................h...h...................................X...X...................>...>...................L...L...................V...V...................r...r.........................................................f...f.................T...T...................x...x...........:...:......... ... ...|...|...........,...,.................p...p.................Z...Z...................N...N...................4...4...z...z........_libassuan_9_dll_iname.__head_libassuan_9_dll._assuan_write_status.__imp__assuan_write_status._assuan_write_line

                                                                  C:\Program Files (x86)\gnupg\lib\libgcrypt.imp

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:current ar archive
                                                                  Category:dropped
                                                                  Size (bytes):143726
                                                                  Entropy (8bit):3.8427768046882127
                                                                  Encrypted:false
                                                                  SSDEEP:768:9huGMiBjEqX4ByuURO+uy6NmNt23dqhJNDgWiXGV2C+7UrNdU2U+CkknAR9SAhNP:9hQiBjbuimuj3
                                                                  MD5:FDE4C541BEC4BAFBCC53690D467E4432
                                                                  SHA1:1BCB9230AF6120E087B914A20C3FF223BD4A499A
                                                                  SHA-256:0B25ED60ECCD1A6B5483967187AFEBE20CD968853631C60B09E02E51467EBC2C
                                                                  SHA-512:A29EB87BAD012A68D61799B7EF96A0E9F7FF8DE7D81D840C4E14DB9F10269AEAF1A282616DA6892AC0CA84540A790C3595CDCEFC6E211037F08E4EEE48CDDE32
                                                                  Malicious:false
                                                                  Preview:!<arch>./ 0 0 0 0 11476 `.......-....`../.../...2,..2,..4r..4r..6...6...9...9...;j..;j..=...=...?...?...B@..B@..D...D...F...F...I...I...Kn..Kn..M...M...P...P...Rn..Rn..T...T...W...W...Yt..Yt..[...[...^...^...`P..`P..b...b...e...e...g^..g^..i...i...k...k...n@..n@..p...p...r...r...u,..u,..w...w...y...y...|(..|(..~v..~v...........P...P...................................<...<...................B...B...................l...l...........6...6................... ... ...d...d...........&...&...................$...$...v...v..........."..."...n...n.................L...L.................B...B.........................`...`.................B...B.................`...`.................F...F.................*...*...........................~...~...........@...@...................T...T...................6...6...|...|...................`...`...................@...@..!...!...#...#...&...&...(...(...*...*...-...-.../j../j..1...1...4"..4"..6p..6p..8...8.

                                                                  C:\Program Files (x86)\gnupg\lib\libgpg-error.imp

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:current ar archive
                                                                  Category:dropped
                                                                  Size (bytes):124222
                                                                  Entropy (8bit):3.8357429299593298
                                                                  Encrypted:false
                                                                  SSDEEP:768:iAs7Ps/62efNYUv/V70O9r7OlQ/9Hnp+h3teqPf0qd9yDeEHDQyM5Tm94Co1uoBv:iAs7K6xt7D26A
                                                                  MD5:811FEA5D73AAFA1144DD8249433B11E4
                                                                  SHA1:76EE4C9A59142C70AFBE4F6137B010ACC72AD0EA
                                                                  SHA-256:E61949E8092AD7D050B93024FC6DC72DBA6EDC4461DAEE17F6E988793962BA72
                                                                  SHA-512:D723A9BC3E0D490BF7F549B4995C451AB44CAE37D19E23EC923F68CA494449BE83E9346F89E2443F9A763BCFBECF4C77B8AD2BBA10A2D4A07EF5AC05F4CE4DD0
                                                                  Malicious:false
                                                                  Preview:!<arch>./ 0 0 0 0 9928 `....~..'...(V..)...)...,&..,&..........0...0...3*..3*..5|..5|..7...7...:J..:J..<...<...?...?...At..At..C...C...F...F...H|..H|..J...J...M...M...Oj..Oj..Q...Q...T...T...VP..VP..X...X...Z...Z...]2..]2.._..._...a...a...d"..d"..fh..fh..h...h...k:..k:..m...m...pR..pR..r...r...uF..uF..w...w...y...y...|D..|D..~...~............6...6...................R...R...................p...p...................n...n...................H...H...................f...f...........2...2...................F...F................... ... ...r...r...................B...B.................0...0...r...r.................................D...D.................d...d.................n...n...................`...`.................f...f...................:...:...................8...8...................@...@...........................|...|...........4...4...z...z...........(...(...x...x..!...!...$...$...&H..&H..(...(...*...*...-&..-&../h../h..1...1...4...4.

                                                                  C:\Program Files (x86)\gnupg\lib\libgpgme.imp

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:current ar archive
                                                                  Category:dropped
                                                                  Size (bytes):143320
                                                                  Entropy (8bit):3.885473317365394
                                                                  Encrypted:false
                                                                  SSDEEP:768:mKrwC3NI4bkx1Bpe+XkEZmfcC3un5zDfJy+n4XDEI+5X1Ao+9a6ududnH3jZyoRl:ZrwC3NI4bkccCThNhv4tfkh
                                                                  MD5:0F451D7942A52375C3AFDDBF1B80C366
                                                                  SHA1:F7FF7DDC44C165643A2C5EA86B32AEF2C2B83238
                                                                  SHA-256:64D8E26A6DC970EF0C01D476CA41599F9EF2150EB67D4DD6719376F902A985D1
                                                                  SHA-512:14E883514A46712C92EEF1CC1089F26A85BF1725F19893C0DD1F677CAB399F4477247415ACA90190CF99942045AB933ABF689257FCBE9F8693AFC764C710ADE8
                                                                  Malicious:false
                                                                  Preview:!<arch>./ 0 0 0 0 12744 `.......2...3P..4...4...7"..7"..9b..9b..;...;...>...>...@...@...C...C...E...E...G...G...J...J...Lj..Lj..N...N...Q...Q...Sv..Sv..U...U...X,..X,..Z...Z...\...\..._P.._P..a...a...d...d...f^..f^..h...h...k...k...mz..mz..o...o...r2..r2..t...t...v...v...y6..y6..{...{...}...}....X...X...................V...V...................T...T..........."..."...z...z...........2...2...................Z...Z...................v...v...........J...J...................N...N...................J...J..........."...".................T...T.................^...^.................|...|...........J...J.................P...P.................h...h...........,...,.................x...x...........0...0...................b...b...................f...f...........2...2...................B...B...................l...l...........0...0..!~..!~..#...#...&T..&T..(...(...+<..+<..-...-...0...0...2p..2p..4...4...7...7...9v..9v..;...;...>...>...@...@...B...B.

                                                                  C:\Program Files (x86)\gnupg\lib\libksba.imp

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:current ar archive
                                                                  Category:dropped
                                                                  Size (bytes):108834
                                                                  Entropy (8bit):3.868484720875313
                                                                  Encrypted:false
                                                                  SSDEEP:768:4A0QhNXQwZtqNU74Dwn+PVIn86+PLWf/J4PC0/IglVf8WgTCqj2KTUtMKw7u7atO:X0QhNXjCn0krh5yXS
                                                                  MD5:629E29B7F2E16571CF7D509DBFBCFB39
                                                                  SHA1:433363B8B43A27F000EA6D8F8D9774AA2074B653
                                                                  SHA-256:B7A39AA837F75C6262CDFC6DB39E007666C7682B2250BA1014D9F69F1540F2BD
                                                                  SHA-512:002F40C23EA06918D3E3D4FC681D16DB2960640C6295B19FDBE8594ABFC8602D68B3D1499C65F6CF1806D06E8AE408F97BEE396699519148167FD8F23F68214B
                                                                  Malicious:false
                                                                  Preview:!<arch>./ 0 0 0 0 9652 `....H..%...':..(...(...+6..+6..-...-.../.../...26..26..4...4...7...7...9j..9j..;...;...>...>...@p..@p..B...B...E...E...Gl..Gl..I...I...K...K...NX..NX..P...P...S...S...Ud..Ud..W...W...Z,..Z,..\...\...^...^...a4..a4..c...c...e...e...h0..h0..j|..j|..l...l...o...o...qh..qh..s...s...v...v...xx..xx..z...z...}8..}8...................V...V...................`...`...................................P...P...................d...d...................N...N...................,...,...l...l...................<...<...................8...8...................:...:.................$...$...r...r...................\...\........."..."...p...p.................d...d.................f...f.................................`...`...........(...(...................`...`...........<...<...........................f...f...........<...<...................n...n...........6...6..!...!...$...$...&x..&x..(...(...+N..+N..-...-.../.../...2\..2\..4...4.

                                                                  C:\Program Files (x86)\gnupg\lib\libnpth.imp

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:current ar archive
                                                                  Category:dropped
                                                                  Size (bytes):40582
                                                                  Entropy (8bit):3.779252998681392
                                                                  Encrypted:false
                                                                  SSDEEP:768:YchTG0theQ1MojOOonJV4qT7zaLaN0GJhPvnPqty4Dgsx16bhdQHy+tDEoil+G+f:RhTG0theQGTTME0rIhHuQy
                                                                  MD5:1F57A6DB74E1F31349B9F70FC6947442
                                                                  SHA1:46E679F0C00B86799F55F70C8F327EFAF3F6D9D0
                                                                  SHA-256:41BF02B468F4C0E33C2B8C8FA113F3E8F68A04C7E485C48E9580E23F5781DD7B
                                                                  SHA-512:01F09BFA9B634CD7AE4A59B14F9E7D55CDC6DBBA4F4C847E97C1BA8433D846F8C3197E5B35F523EA60F71F726F5F4EB421E892C2E73DE26312E1E7EF7D3E6337
                                                                  Malicious:false
                                                                  Preview:!<arch>./ 0 0 0 0 3166 `....~...........f...f...................&...&...p...p...................<...<..!...!...#...#...&...&...(B..(B..*...*...-...-.../x../x..1...1...42..42..6...6...8...8...;@..;@..=...=...@...@...B^..B^..D...D...G...G...IF..IF..K~..K~..M...M...P"..P"..Rz..Rz..T...T...W>..W>..Y...Y...[...[...^>..^>..`...`...b...b...e,..e,..gx..gx..i...i...k...k...nL..nL..p...p...r...r...u...u...wl..wl..y...y...{...{...~&..~&...f...f...................J...J...................2...2...................F...F...................F...F_libnpth_0_dll_iname.__head_libnpth_0_dll._npth_write.__imp__npth_write._npth_waitpid.__imp__npth_waitpid._npth_usleep.__imp__npth_usleep._npth_unprotect.__imp__npth_unprotect._npth_system.__imp__npth_system._npth_sleep.__imp__npth_sleep._npth_setspecific.__imp__npth_setspecific._npth_setname_np.__imp__npth_setname_np._npth_sendmsg.__imp__npth_sendmsg._npth_self.__imp__npth_self._npth_select.__imp__npth_select._npth_rwlo

                                                                  C:\Program Files (x86)\gnupg\share\doc\gnupg\examples\pwpattern.list

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:ASCII text
                                                                  Category:dropped
                                                                  Size (bytes):1231
                                                                  Entropy (8bit):4.94422736481389
                                                                  Encrypted:false
                                                                  SSDEEP:24:Q+Mx+U8HkEEmncgcphy2HOOiQ6hcNghoetmNShm4eqe:U+UykEVBcL/v0h/h9mNS/e
                                                                  MD5:9208E1CD387C91E33CD8FFB9B5339A19
                                                                  SHA1:CFB39E97F47EE982CBA619559D0C71C8CB813A00
                                                                  SHA-256:7C1D7A1C780F015A46667CC06CD6355063C78C8FD5CFD57127D7937AB9C38765
                                                                  SHA-512:04EFC8E1BF46E74F86F777ABE9D420F58EDCF7CAB0DFFBEBF54CC21B0F074D669E3D41530B653BE312CC373145EA370184486F7F114148DAF7804BB21CDE6575
                                                                  Malicious:false
                                                                  Preview:# pwpattern.list -*- default-generic -*-.#.# This is an example for a pattern file as used by gpg-check-pattern..# The file is line based with comment lines beginning on the *first*.# position with a '#'. Empty lines and lines with just spaces are.# ignored. The other lines may be verbatim patterns and match as they.# are (trailing spaces are ignored) or extended regular expressions.# indicated by a / in the first column and terminated by another / or.# end of line. All comparisons are case insensitive.. .# Reject the usual metavariables. Usual not required because.# gpg-agent can be used to reject all passphrases shorter than 8.# characters..foo.bar.baz..# As well as very common passwords. Note that gpg-agent can be used.# to reject them due to missing non-alpha characters..password.passwort.passphrase.mantra.test.abc.egal..# German number plates../^[A-Z]{1,3}[ ]*-[ ]*[A-Z]{1,2}[ ]*[0-9]+/..# Dates (very limited, only ISO dates). */./^[012][0-9][

                                                                  C:\Program Files (x86)\gnupg\share\gnupg\distsigkey.gpg

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:OpenPGP Public Key Version 4, Created Fri Mar 17 10:30:06 2017, RSA (Encrypt or Sign, 3072 bits); Signature; User ID; OpenPGP Certificate
                                                                  Category:dropped
                                                                  Size (bytes):3902
                                                                  Entropy (8bit):7.843732218577588
                                                                  Encrypted:false
                                                                  SSDEEP:96:6wHq5H24ppCLrVjEUMVmJqIhFQ8VJYc3a4CHp1OU:6aqhzmVhMIEMzv3duyU
                                                                  MD5:0FB3D391D4A8DE74D6527F43803EF7FC
                                                                  SHA1:23C15AD2BEF129649198B909EAB4883508AA1E45
                                                                  SHA-256:9EEF5FBDA734E925A49ADF801F9F5523595DED0A9B2ABCB8026B5A7721313615
                                                                  SHA-512:100A776ABA6EE56B5DD2162082D79014AD331ED88F36A2B97555F89F4237DACAF3992F84A22F21C0488565A74785E3D09A750B8978536C1F0423093CED4BE8DF
                                                                  Malicious:false
                                                                  Preview:....X......3..H..0..O..k..a.w....../CR.:..7......`.(....;*L.[;.....}.V.../..\./iW..k.V....KAkq..Pf.i.iG@.b....^......Gd.i..?Br..~...<_.[,jO......9../..-..6.#.......]...S..D..|n.9.j...2.MZkT...{....&`._...o? ....gM..hY..a._....W."...hc)..1..H...:.(..H.>..M.....%h.A...^.[..l.....nx...2iU7i.".M..Ijju....^.LF.x....xD..h&....`...C.c.7..u~4......a#.Ct|....T.}..d./.`.1....../F..&C.............8.!.[..uB...U..j..~)K..(..X..........</..;.]...r<.b...........~)K..(6...O...1..NL....8}.Ds..O."t.L.o....X..y...D...t...+|..(%u4...L..L_..A;.g........2.......3..`.R.6......(_>~....[Vk..Cjs..w.?.n.k$a.;...v.I.SG..ep)#.R'.....L.K.EC.....cD..%..>.M.=.......JrB...>.Dw.6C..C.C.y+#O...@..'.n.>..Q.Y.Y.c...A.F..V.F.XX.w9%A...../SN.......a.....b.QR5.@.'d..y.<....35R.....O........DX.8x...EY.j..1..{....DIF...r.......Z.x.0..'..3.EM.@.9.u+.F.6B.!PN;..$Andre Heinecke (Release Signing Key)........>.!.[..uB...U..j..~)K..(..X.........................................~)K..(B.... .HK.....

                                                                  C:\Program Files (x86)\gnupg\share\gnupg\sks-keyservers.netCA.pem

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PEM certificate
                                                                  Category:dropped
                                                                  Size (bytes):1984
                                                                  Entropy (8bit):5.98349952887435
                                                                  Encrypted:false
                                                                  SSDEEP:48:Lrc+aL/08qz+k+H8pIhvT56+ChcXuGCvk1/WTfZvsUR1:Lrc+ao8qXIsIhvT9C2LEktWThR1
                                                                  MD5:3CFC5D2867A6672F4F629220632948F4
                                                                  SHA1:CE86FDBC099E5607EA8A149D760B30C725E299E6
                                                                  SHA-256:0666EE848E03A48F3EA7BB008DBE9D63DFDE280AF82FB4412A04BF4E24CAB36B
                                                                  SHA-512:D0A056251372367230782E050612834A2EFA2FDD80EEBA08E490A770691E4DDD52A744FD3F3882CA4188F625C3554633381AC90DE8EA142519166277CADAF7B0
                                                                  Malicious:false
                                                                  Preview:-----BEGIN CERTIFICATE-----.MIIFizCCA3OgAwIBAgIJAK9zyLTPn4CPMA0GCSqGSIb3DQEBBQUAMFwxCzAJBgNV.BAYTAk5PMQ0wCwYDVQQIDARPc2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5u.ZXQgQ0ExHjAcBgNVBAMMFXNrcy1rZXlzZXJ2ZXJzLm5ldCBDQTAeFw0xMjEwMDkw.MDMzMzdaFw0yMjEwMDcwMDMzMzdaMFwxCzAJBgNVBAYTAk5PMQ0wCwYDVQQIDARP.c2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5uZXQgQ0ExHjAcBgNVBAMMFXNr.cy1rZXlzZXJ2ZXJzLm5ldCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC.ggIBANdsWy4PXWNUCkS3L//nrd0GqN3dVwoBGZ6w94Tw2jPDPifegwxQozFXkG6I.6A4TK1CJLXPvfz0UP0aBYyPmTNadDinaB9T4jIwd4rnxl+59GiEmqkN3IfPsv5Jj.MkKUmJnvOT0DEVlEaO1UZIwx5WpfprB3mR81/qm4XkAgmYrmgnLXd/pJDAMk7y1F.45b5zWofiD5l677lplcIPRbFhpJ6kDTODXh/XEdtF71EAeaOdEGOvyGDmCO0GWqS.FDkMMPTlieLA/0rgFTcz4xwUYj/cD5e0ZBuSkYsYFAU3hd1cGfBue0cPZaQH2HYx.Qk4zXD8S3F4690fRhr+tki5gyG6JDR67aKp3BIGLqm7f45WkX1hYp+YXywmEziM4.aSbGYhx8hoFGfq9UcfPEvp2aoc8u5sdqjDslhyUzM1v3m3ZGbhwEOnVjljY6JJLx.MxagxnZZSAY424ZZ3t71E/Mn27dm2w+xFRuoy8JEjv1d+BT3eChM5KaNwrj0IO/y.u8kFIgWYA1vZ/15qMT+tyJTfyrNVV/7Df7TNeWyNqjJ5rBmt0M6NpHG7CrUSkB

                                                                  C:\Program Files (x86)\gnupg\share\locale\ca\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 411 messages, Project-Id-Version: gnupg 1.4.0 'Introdu\303\257u l'ID d'usuari. Finalitzeu amb una l\303\255nia en blanc: '
                                                                  Category:dropped
                                                                  Size (bytes):43010
                                                                  Entropy (8bit):5.077958678964407
                                                                  Encrypted:false
                                                                  SSDEEP:768:dNaFQmAYRRHFuez8TRudV6qBpfHCE4CqZhUl4SMf3lnu63f1BM3cXzdkpP5aQ:keCRHGTRudVHBpfHCE4CEel4SC3lnj38
                                                                  MD5:D0405988830A94956D059325871547C0
                                                                  SHA1:5B16073444A832FE47C591ADBB2DC9FF0BCA4EC4
                                                                  SHA-256:FD32C188F1AC37555BA86DA7D14807EC5A4B36A4DA0E09DC532110E06C406866
                                                                  SHA-512:F532E27CF178ED19564A4186CF4BC2D0DAB74A2A7BFDDEA1BB15E0E2F7F448FB0B969E02571624B97EF928AF9350CF693B74425F1900D224D83EAE1876B28723
                                                                  Malicious:false
                                                                  Preview:....................-............"..-....".......".......#.......#.......#.......$......&$......C$......`$..D...}$.......$..I....$......;%......X%......r%.......%.......%.......%..$....%..&....&..,....&......[&......x&.......&.......&.......&.......&..]....&......O'......m'.......'.......'.."....'..%....'..&....(..!...1(..%...S(.."...y(..#....(..'....(.. ....(.......)......&)......;)......X)......m).......)..(....)..$....).......).......)..#....*......1*......P*......o*.......*..&....*..%....*..,....*..'... +..H...H+.......+.......+.......+..-....+..0....+......(,......W,......r,..3...y,..4....,..-....,.......-......?-......H-......R-..:...`-.......-.......-..#....-..&....-..&... .......G.......\...G...e...@.......>.......+...-/..=...Y/......./.."..../..:..../.......0.......0......*0..-...=0......k0..#...v0.......0.."....0.......0..E...]1.......1.......1.......1.......1.......2....../2......B2......\2......w2.......2.......2.......2.......2..%....2.......3.. ....3.......3......93......

                                                                  C:\Program Files (x86)\gnupg\share\locale\cs\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2209 messages, Project-Id-Version: gnupg2 2.4.2 'Napi\305\241te identifik\303\241tor u\305\276ivatele (user ID). Ukon\304\215ete pr\303\241zdn\303\275m \305\231\303\241dkem: '
                                                                  Category:dropped
                                                                  Size (bytes):241729
                                                                  Entropy (8bit):5.580177116728659
                                                                  Encrypted:false
                                                                  SSDEEP:6144:Zbo48Z6ydFxmlymtBRaecMR1DsbT9zI1do:y4o6C2lNqMYe1C
                                                                  MD5:9BAD45E5066E2CE0CF44AA9D39D5DD97
                                                                  SHA1:90354319789EE2978726E9A830A7D234110FD6A3
                                                                  SHA-256:96587B631334B91CA583612C7467254E979BACA19DBC97BACD34536B4192660D
                                                                  SHA-512:CB6F61C4E651E2DD185FFA1048BCF229DAF6A701128C4DBDCEB86BB9240E9FA14F376375BD43B6D1AC005348D7D95C37908E20560396C31DFE876137300D1244
                                                                  Malicious:false
                                                                  Preview:................$E......,.......P...-...Q...;.......................................................................+.......H...2...e..........................0......2... ...7...S...2.......D...............I...2...7...|.............................................'.......D.......a.......~...$..............................+.......&...4...#...[...*.............................!......!...........1.......G.......g.......t...*...................................................%...$...B.......g.......}...&...............,...........................,...!...C.......e.......{...................................)............... ...F.......g.......~...................G...................(.......4.......Q.......].......r...........<.......$...........................+.......=...%...N.......t...................!.......O.......G.......5...c...........&.......................!......."...4...$...W.......|...*.......".......]...........E...$.......@.......&...0..."...W...]...z...R.......0...

                                                                  C:\Program Files (x86)\gnupg\share\locale\cs\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 490 messages, Project-Id-Version: libgpg-error 1.42 '(vnit\305\231n\303\255 k\303\263d SQL: pr\303\241zdn\303\275)'
                                                                  Category:dropped
                                                                  Size (bytes):34671
                                                                  Entropy (8bit):5.342758048381849
                                                                  Encrypted:false
                                                                  SSDEEP:768:RFHdAkq8h8EcPKraP17vMtzdCw1wHx9J8bttfI4dGO5tJxkftqYQZccVVp6u:HtTJrY17vMpozHxcZtfI3g2+b
                                                                  MD5:F6E86C1DFBBBF1B5CC4EB0475ADB7B68
                                                                  SHA1:E8E63927873524BFE6529D17ABC5FF24C68D45BE
                                                                  SHA-256:1C5300EE1672BC5B079C362D1BBF1A19452A6076A248F7C8478D52C9D21929A2
                                                                  SHA-512:39E3E1C6BFD2BA0DCC6CB69286B6797B72CB10DAD235CFD4F46C247EF3D83915DAD3CFE23B046FFE76D32A81982BB48A0C204EE4795114A221BA35FECE7F0030
                                                                  Malicious:false
                                                                  Preview:................l................(.......(.......)......&)......;)......T)......k).."....).......).."....).......).......).......*.......*..&..."*......I*......T*..(...[*.......*.......*.......*.......*.......*.......*.......*.......*.......+.......+..$...1+..,...V+..+....+..&....+.......+..%....+..,....,......G,......Z,..!...c,..)....,..#....,.. ....,.......,.......-.......-......0-..*...?-..%...j-..,....-.......-.......-.......-.......-.......-......................(.......,.......8.......K.......f................................................................/......./......-/......C/......R/..#...n/......./.. ..../......./......./.......0.......0....../0......L0..&...a0.......0.......0.......0.......0.......0.......0.......0.......1.......1......(1......81......I1......V1......h1......y1.......1.......1.......1..,....1.......1.......1.......2.......2.......2.......2.......2.......2......@2......]2......p2.......2.......2.......2.......2.......2.......2.......2.......3......#3......

                                                                  C:\Program Files (x86)\gnupg\share\locale\da\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 1296 messages, Project-Id-Version: gnupg 'Indtast bruger-id'et. Slut med en tom linje: '
                                                                  Category:dropped
                                                                  Size (bytes):130977
                                                                  Entropy (8bit):5.242754862783799
                                                                  Encrypted:false
                                                                  SSDEEP:3072:BDAugHSsH6OSgw/rf1WRa9RIM/W59VBm9:tuN6OjwDf1WRax/+VBm9
                                                                  MD5:41453CF984BE48C744FE0218C61E9309
                                                                  SHA1:75D04A3F48A90D768C2ADAD2E494BD481F67EB82
                                                                  SHA-256:93DF66A5596BD91F5C9A2A7D69FB8DE02D5AC5434270CC725CB8E6D0A0747B59
                                                                  SHA-512:01AB81F7BFD3B190E16AE66061008F7A34518FF9BB52E4A67FD9FBACDF9FB1664A2BE0655EA6DECCE17973B51270618C76B0E303BD0FCE1EC8E3407D0A4392E8
                                                                  Malicious:false
                                                                  Preview:.................(.......Q......0l..-...1l..;..._l.......l.......m.......m.......n.......n.......n.......n.......n.......o......)o......Fo......co..2....o..7....o..2....o..D....p......cp..I....p..7....p.......q......1q......=q......Uq......mq.......q.......q.......q.......q.......q.......r..+...&r..&...Rr..#...yr.......r.......r.......r.......r.......r.......r.......s..$...3s......Xs......ns..&....s.......s..,....s.......s.......t..!...(t......Jt......`t......{t.......t.......t.......t.......t.......u.......u......!u......>u......Ju......_u......|u.......u.......u.......u..%....u.......u.......v......*v..*...Gv.."...rv..]....v.......v.......w.......w..!...;w..$...]w..,....w..'....w.......w.......w.......x..B...(x..=...kx.......x.."....x..%....x..&....y..!...8y..%...Zy.."....y..#....y..'....y.. ....y.......z......-z......Bz......_z......tz.......z..(....z..$....z.......z.......{..#....{......8{..$...W{......|{.......{..!....{.......{.......{../....|..#...H|......l|.......|..&....|..%...

                                                                  C:\Program Files (x86)\gnupg\share\locale\da\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 326 messages, Project-Id-Version: libgpg-error 1.10 'En t\303\246ller ville pakke ind'
                                                                  Category:dropped
                                                                  Size (bytes):20822
                                                                  Entropy (8bit):5.055918130110605
                                                                  Encrypted:false
                                                                  SSDEEP:384:et6giH219NDeSVmoE7vhtz1wLsJ7HfBSaiaCXas1PjV7LZUJA3k/jcZxNkJ0TI:ewI7Vmh7vhtz1zJ7HfBSaiXl1J+jJB
                                                                  MD5:F0C4374758966020DCE709AB54E7DA97
                                                                  SHA1:73B66621F860C4985C4751F346CC1BE61F257580
                                                                  SHA-256:1A10FC982A5E2A08BF8B42DDFFA86160E95E3A5900F265FA6BFCCC6D7DC52AA9
                                                                  SHA-512:0068D820B1374C1B00895AC8CB58B10815D355071B094195562740E1ED4ECAACABD8AA92E13F281CAF01733801473B9BCF8565212C0CC1045EBDD22A7B05BAB7
                                                                  Malicious:false
                                                                  Preview:........F.......L.......|.......X.......Y.......n...........................................................................................................$...D...,...i...+.......&...............%.......,...-.......Z.......m...!...v...).......#..................................."...*...1...%...\...,...................................................................................*.......>.......I.......^.......o.......|...................................................#.... ......6 ......V ......j ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!......-!......>!......J!......g!......k!......o!......y!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......!"......5"......D"......U"......e"......z".......".......".......".......".......".......".......".......#.......#......!#......7#......J#......_#......k#......|#.......#.......#.......#.......#.......#.......#.......$.......$......-$......D$......\$......v$.......$......

                                                                  C:\Program Files (x86)\gnupg\share\locale\de\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2219 messages, Project-Id-Version: gnupg-2.4 'Geben Sie die User-ID ein. Beenden mit einer leeren Zeile: '
                                                                  Category:dropped
                                                                  Size (bytes):246363
                                                                  Entropy (8bit):5.335638029865673
                                                                  Encrypted:false
                                                                  SSDEEP:3072:WhHF2KZ4/t8WHxLkOY+0g56yN7yFxorlytP/4OcThYyBRaSuFiVJQfqSy7tYVwBD:WhF2lrYO56yUFxmlyrKBRaeLQfTm9HL
                                                                  MD5:9FAC6FBDC932FF7B2B7384EB6212C354
                                                                  SHA1:7D6960954F6DFF6E4AC592D3154C3A63271D8B88
                                                                  SHA-256:9E15C654CA7191538983C1C656EF60EC776CF781FEB9889D75540F30A7567E22
                                                                  SHA-512:B0184D85183C5F30812F5F5BA956E6661F32DB65BD4FF7CAD5906AD9214D7F5A7774AE51C8E47BD13BD91BEBFB3D2C8DBD527CF9D6F01023DD3AD553B3CC08E9
                                                                  Malicious:false
                                                                  Preview:................tE.................-.......;...G...............................n.................................................2...-.......`.......}...........0.......2......7.......2...S...D..............I.......7...D.......|.....................................................).......F...$..._...........................+......&.......#...#...*...G.......r...................!.......!.........................../.......<...*...Z...................................................$.........../.......E...&...\...........,...............................!...........-.......C.......^.......y...................)............... .........../.......F.......a.......|...G...........................................%.......:.......W...<...c...$.......................................%...........<.......[.......f...!...q...O.......G.......5...+.......a...&...{...................!.......".......$...........D...*...a...".......]...............$.......@.......&.......".......]...B...R.......0...

                                                                  C:\Program Files (x86)\gnupg\share\locale\de\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 494 messages, Project-Id-Version: libgpg-error-1.19 '(Interner SQL Code: leer)'
                                                                  Category:dropped
                                                                  Size (bytes):35269
                                                                  Entropy (8bit):5.13058439292501
                                                                  Encrypted:false
                                                                  SSDEEP:768:xBeV0VpwS2rzZ7vMOzdCw1wHo9J8b0tfIfIS5e55FvGmyGqLACx:L20pcZ7vMKozHocAtfIQS5eV+myGqMU
                                                                  MD5:0861A8327298ED46471F97B209D5DA69
                                                                  SHA1:F2F8E547A02381DC3D5D053739A9D0BC8DAC18B4
                                                                  SHA-256:1342BEAF972D7B8CB3A5E8663CD638CDBA43B0334F52EE6772942DCAAB8D587E
                                                                  SHA-512:EA91427BE7DFD24D1B4DEC9C1B6777CB64C875F4F9C424CBAE40404FE3AD5AB49E70E43C024B449DEB625C69F70A151984C23D2C94584C896A27AC1335862C5F
                                                                  Malicious:false
                                                                  Preview:................................H)......I)......d)......~).......).......).......).."....).......*.."....*......4*......J*......Z*......i*..&...z*.......*.......*..(....*.......*.......*.......+.......+......++......9+......A+......P+......X+......k+......{+..$....+..,....+..+....+..&....,......6,..%...T,..,...z,.......,.......,..!....,..)....,..#....-.. ...3-......T-......c-......r-.......-.......-..*....-..%....-..,....-......,.......<.......J.......U.......b.......t................................................................/......./......)/......:/......G/......[/......o/......./......./......./......./..#..../.......0.. ...!0......B0......V0......u0.......0.......0.......0..&....0.......0.......1.......1......,1......?1......X1......n1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......2.......2..,...42......a2......k2......o2......s2......}2.......2.......2.......2.......2.......2.......2.......2.......3.......3......H3......V3......\3......b3......

                                                                  C:\Program Files (x86)\gnupg\share\locale\el\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 410 messages, Project-Id-Version: gnupg-1.1.92 '\316\240\316\273\316\267\316\272\317\204\317\201\316\277\316\273\316\277\316\263\316\256\317\203\317\204\316\265 \317\204\316\277 user ID. \316\244\316\255\316\273\316\277\317\202 \316\274\316\265 \316\274\316\271\316\261 \316\254\316\264\316\265\316\271\316\261 \316\263\317\201\316\261\316\274\316\274\316\256: '
                                                                  Category:dropped
                                                                  Size (bytes):56832
                                                                  Entropy (8bit):5.370875054910244
                                                                  Encrypted:false
                                                                  SSDEEP:1536:64kEOHZTRuduoVAF7pusIiyFg26xRM0BvCwZcqJljlj2EPKrEmkdn36uU3nGAZnP:64TOHZTRuCF7hIiyFUjcqJljljpB36u6
                                                                  MD5:173897DD2B1BC058CB5F0AE3F5F7F3D7
                                                                  SHA1:31CBD4DE55691C91546FA3F983D8F3D4F3D772B6
                                                                  SHA-256:8D2B74065124734AAA0650DF887BFEB8A3519DE633C79C5F60E7A823224E373C
                                                                  SHA-512:00BE2C8030133E5D420FA04C58983414A9A99AD5C4942F530BE6FE9FC87F87109A9195B3ABB500E398A90673EADCEDD83724876BC21236DED4AE8BC4EA3C1FB3
                                                                  Malicious:false
                                                                  Preview:....................#...........H"..-...I"......w".......#.......#.......#.......#.......#.......$......($..D...E$.......$..I....$.......%...... %......:%......W%......t%.......%..$....%..&....%..,....%......#&......@&......S&......p&.......&.......&..]....&.......'......5'......Q'......j'.."....'..%....'..&....'..!....'..%....(.."...A(..#...d(..'....(.. ....(.......(.......(.......)...... )......5)......M)..(...^)..$....).......).......)..#....).......).......*......7*......V*..&...n*..%....*..,....*..'....*..H....+......Y+......f+......s+..-....+..0....+.......+.......,......:,..3...A,..4...u,..-....,.......,.......-.......-.......-..:...(-......c-.......-..#....-..&....-..&....-..............$...G...-...@...u...>.......+.......=...!/......_/.."...o/..:..../......./......./......./..-....0......30..#...>0......b0.."...i0.......0..E...%1......k1.......1.......1.......1.......1.......1.......2......$2......?2......X2......n2......~2.......2..%....2.......2.. ....2.......2.......3......

                                                                  C:\Program Files (x86)\gnupg\share\locale\en@boldquot\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2219 messages, Project-Id-Version: GNU gnupg 2.4.7 'Enter the user ID. End with an empty line: '
                                                                  Category:dropped
                                                                  Size (bytes):224496
                                                                  Entropy (8bit):5.2997359947874925
                                                                  Encrypted:false
                                                                  SSDEEP:6144:WhF2GlATPYO56yUFxmlyrKBRaN6i6FzqluBybRax:C3ATt5632lqr6hslgR
                                                                  MD5:B59A14FE6F1706E3AC0C8D99F06D861B
                                                                  SHA1:6482BF84228F06A6360C4F9882BCB6A1FC3094C2
                                                                  SHA-256:2BF5B980C98FEBB346CDC5FBB1204D0BC403630DEA31457AC036F1C3F84ABC80
                                                                  SHA-512:21B4B033D2BC1CA715CF518009B363DB7CB3281C001731297322CB5A8D86BA6B8A4331A921168972BA5FD3729E2E4B7C7B59681F2D92FE73C9EB456E3958CE2F
                                                                  Malicious:false
                                                                  Preview:................tE.................-.......;...G...............................n.................................................2...-.......`.......}...........0.......2......7.......2...S...D..............I.......7...D.......|.....................................................).......F...$..._...........................+......&.......#...#...*...G.......r...................!.......!.........................../.......<...*...Z...................................................$.........../.......E...&...\...........,...............................!...........-.......C.......^.......y...................)............... .........../.......F.......a.......|...G...........................................%.......:.......W...<...c...$.......................................%...........<.......[.......f...!...q...O.......G.......5...+.......a...&...{...................!.......".......$...........D...*...a...".......]...............$.......@.......&.......".......]...B...R.......0...

                                                                  C:\Program Files (x86)\gnupg\share\locale\en@quot\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2219 messages, Project-Id-Version: GNU gnupg 2.4.7 'Enter the user ID. End with an empty line: '
                                                                  Category:dropped
                                                                  Size (bytes):222112
                                                                  Entropy (8bit):5.267384358582277
                                                                  Encrypted:false
                                                                  SSDEEP:6144:WhF2QMBV+OYO56yUFxmlyrKBRay6YwFQFlzwTZ303ePRab:CsBv5632lqg6BklETZ30uu
                                                                  MD5:BD3082B5803D0B2D067721F92A0CB89F
                                                                  SHA1:AB6CB8F251D6B922797F4C0E27A4BB29C327143B
                                                                  SHA-256:AC1DDAAC8A4E726C8ECA32A3E6EAB9B2A5581290E57368F81A19320BFF244594
                                                                  SHA-512:463BCEC0DAEB3EA0C89301A352598B2100DB54E187949CB575ACF3D7BD69F302384E8C2AE631D499A76DAD0873B931D31FF921B04C27D4DA37868F2FB0B30805
                                                                  Malicious:false
                                                                  Preview:................tE.................-.......;...G...............................n.................................................2...-.......`.......}...........0.......2......7.......2...S...D..............I.......7...D.......|.....................................................).......F...$..._...........................+......&.......#...#...*...G.......r...................!.......!.........................../.......<...*...Z...................................................$.........../.......E...&...\...........,...............................!...........-.......C.......^.......y...................)............... .........../.......F.......a.......|...G...........................................%.......:.......W...<...c...$.......................................%...........<.......[.......f...!...q...O.......G.......5...+.......a...&...{...................!.......".......$...........D...*...a...".......]...............$.......@.......&.......".......]...B...R.......0...

                                                                  C:\Program Files (x86)\gnupg\share\locale\eo\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 290 messages, Project-Id-Version: gnupg 1.0.6d 'Donu la uzantidentigilon. Finu per malplena linio: '
                                                                  Category:dropped
                                                                  Size (bytes):28068
                                                                  Entropy (8bit):5.075553252066495
                                                                  Encrypted:false
                                                                  SSDEEP:768:X49whhV15ZEmXkzxuRGDGauyrH6u4KjLEG:XjhVxE7uRoPN
                                                                  MD5:C50CADBB211787262ADEC3BE7A4A2000
                                                                  SHA1:096344484906E3C9F4477381455353620067AF15
                                                                  SHA-256:A10D8A5E69CA608F6CEDB16868597930306F4B6219D38863E02790228DFA5431
                                                                  SHA-512:D18B03AFA44FB0C39919BAE7B313ED5DEC9D45EC6F71CD0D3ED63B8B257BD43A2E2D519A02F8D08D940D5387DAB2BE21EDA5493404AB31F3B415734369D9E98B
                                                                  Malicious:false
                                                                  Preview:........".......,.......<.......P...-...Q...................................................D...'.......l...I...................................<...$...Y...&...~...,...................................).......E.......^..."...}...%.......&.......!.......%......."...5...#...X...'...|... ...........................................).......A...(...R...$...{...................#.......'.......H...........^.......k.......x...3.......4.......-...........*.......Y...#...c...&.......&.................................... ....... ..#...2 .."...V ......y ..E....!......X!......v!.......!.......!.......!.......!.......!......."......("......:"..%...Q"......w".. ....".......".......".......".......".......".......".."....#......;#......X#......j#..E....#.. ....#..#....#..)....$......?$......"%......)&......B&..(...N&......w&.......&../....&.......&.......&.......'......6'......N'......i'..!....'.......'.......'.......'..r....'..1...f(..=....(..I....(..4... )......U)..#...t)..1....)..%....)..H....)......

                                                                  C:\Program Files (x86)\gnupg\share\locale\eo\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 262 messages, Project-Id-Version: libgpg-error 1.7 'Loka\304\265ara funkcio fiaskis'
                                                                  Category:dropped
                                                                  Size (bytes):16312
                                                                  Entropy (8bit):4.9815982532819065
                                                                  Encrypted:false
                                                                  SSDEEP:384:oVyRm9X763W3Ajjh/Peht90sC2HO7SDiVCXaVo+GAVor3gJHO:oVTX76G0hXehtbC2HO7SDiYmJG1rl
                                                                  MD5:D9FA69000AB25BC61A7269CE730A2B66
                                                                  SHA1:B58357F965EF6E4D036FA2BB6E798191EE7D7C78
                                                                  SHA-256:C6BCD649E8CB54C3805DF1FA22E849AFD6B45AC5B7F7DC92E311185FDABADE75
                                                                  SHA-512:C033D859F29F5A78D41E791D7A222F6AD7C26A05FD1B319E5F32EEB5BC288E363C07658D59A110D7735C9085851CDF1F82BF85902A328D68A34CAB85B1B3D52B
                                                                  Malicious:false
                                                                  Preview:................L...]...|...............................!.......0.......;.......B.......L......._.......m.......u...................................)...................................7.......F.......V.......d.......u.......y...............................................................................).......8.......X.......l.......|.......................................................................................".......&.......0.......6.......;.......P.......b.......p.......v.......|.......................................................................1.......A......._.......n.......z.......................................................................................+.......=.......J.......e.......~.......................................................................*.......;.......N.......^...(...m.......................................................................*.......;.......O.......g...............................................................................

                                                                  C:\Program Files (x86)\gnupg\share\locale\es\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2016 messages, Project-Id-Version: gnupg 2.0.9 'Introduzca ID de usuario. Acabe con una l\303\255nea vac\303\255a: '
                                                                  Category:dropped
                                                                  Size (bytes):214465
                                                                  Entropy (8bit):5.2320583350207635
                                                                  Encrypted:false
                                                                  SSDEEP:6144:iKuecKnyMmGQ6OsFCpYls4Ra6BFiqoCW7rR0NR4alB:iRpYfk6tWKlNR3B
                                                                  MD5:49E9AC3FC1C827E0C046C94839BB6060
                                                                  SHA1:E3CB677F7D3269EBDDE7CD56A2DA44952F58F047
                                                                  SHA-256:35FE8DBADA7C704D6241F1D8A2A6FE34CC8E3BD96F7F63365AFFC97FF121B114
                                                                  SHA-512:B07BB0BD78D0083A6AA972AFC7B345D8FDF8122806D6359D8AA67CAD2269286192E3117787CC69FF4BC085D05850B6A43836995321DA3737DEAE72A0731ADA9B
                                                                  Malicious:false
                                                                  Preview:.................?.......~...... ...-...!...;...O...............................v..................................................2...5.......h...................2.......7......2...*...D...]...........I......7...........S.......p.......|.................................................$...6.......[.......x...........+.......&......#...................+.......A.......a.......n...........................$......................&...........:...,...U...........................!.................................0.......K.......f.......~...................G..................(.......4.......Q.......].......r...........<.......$..........................+.......=...%...N.......t...!.......O.......G......5...9.......o...&......................!......".......$...-.......R...*...o...".......]...............$.......&......"......].......R...m.............................................1.......F.......[...P...z..........0..................&...!...D...!...f...9.......(......$...

                                                                  C:\Program Files (x86)\gnupg\share\locale\es\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 393 messages, Project-Id-Version: libgpg-error 1.30-beta4 'Una funci\303\263n locale ha fallado'
                                                                  Category:dropped
                                                                  Size (bytes):27013
                                                                  Entropy (8bit):5.00948877895792
                                                                  Encrypted:false
                                                                  SSDEEP:768:5v8OPPdYROgIvMhzsQfswHYrSb3X/204anEyuFjcu:IUgIvMVh/HYebX/2taELFjcu
                                                                  MD5:0197C09754A0E65027120D0F9DBCD440
                                                                  SHA1:9C722E6CF89ACBFC6BE05FC30796CE7F85F7D782
                                                                  SHA-256:DB6BFB99034DDE596407ADCCE723C0A63DD585415F148D19B9F3F777E98DF33B
                                                                  SHA-512:DB025464ED4B1E476DD3949020918914522426ABC55BB352D004B1E96E25CAC178F479675840CE1C7D26E08A10A411C0F204042530EBB903858F2F92C6A1ABE8
                                                                  Malicious:false
                                                                  Preview:................d............... !......!!......:!.."...Q!......t!.."....!.......!.......!.......!.......!.......!.......!.......!......."......."....../"......="......E"......T"......d"..$...z"..,...."..+...."..&....".......#..%...=#......c#......v#..!....#..)....#..#....#.. ....#.......$.......$.......$......L$..%...[$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%......*%......>%......I%......^%......o%......|%.......%.......%.......%.......%.......%.......%..#....&......6&.. ...V&......w&.......&.......&.......&.......&..&....&.......'......%'......1'......D'......W'......m'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(...... (......$(......((......2(......8(......=(......R(......d(.......(.......(.......(.......(.......(.......(.......).......).......)......()......?)......[)......s).......).......).......).......)..!....).......).......).......*......9*......H*......T*......g*......s*.......*......

                                                                  C:\Program Files (x86)\gnupg\share\locale\et\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 410 messages, Project-Id-Version: gnupg 1.2.2 'Sisestage kasutaja ID. L\303\265petage t\303\274hja reaga: '
                                                                  Category:dropped
                                                                  Size (bytes):41196
                                                                  Entropy (8bit):5.132737984539333
                                                                  Encrypted:false
                                                                  SSDEEP:768:hKqVbac44jOROHEqezoTRudQiFoPZrNRf5ASsz4dZhD:JVbac4kEOHZTRudh4Rx5ASzhD
                                                                  MD5:84EE8EC3DDF88498C6D95FE12DD9195F
                                                                  SHA1:95EA77C3BA2B5F5EDD584F83A612C982917CB84C
                                                                  SHA-256:DED92E0DAA3DEB6D85CF52DF85A48FFDCDECDB7FFA5D51044540DC5ECEF2F81C
                                                                  SHA-512:0736D8164E13BAEB92B0F48EA93718F7BDDC0E86417950CA04FED33C82150740DC728E16E27CFE2B7D50F02FDEBDB565F905E3B95FC33CA0276C7B15DC786FAB
                                                                  Malicious:false
                                                                  Preview:....................#...........H"..-...I"......w".......#.......#.......#.......#.......#.......$......($..D...E$.......$..I....$.......%...... %......:%......W%......t%.......%..$....%..&....%..,....%......#&......@&......S&......p&.......&.......&..]....&.......'......5'......Q'......j'.."....'..%....'..&....'..!....'..%....(.."...A(..#...d(..'....(.. ....(.......(.......(.......)...... )......5)......M)..(...^)..$....).......).......)..#....).......).......*......7*......V*..&...n*..%....*..,....*..'....*..H....+......Y+......f+......s+..-....+..0....+.......+.......,......:,..3...A,..4...u,..-....,.......,.......-.......-.......-..:...(-......c-.......-..#....-..&....-..&....-..............$...G...-...@...u...>.......+.......=...!/......_/.."...o/..:..../......./......./......./..-....0......30..#...>0......b0.."...i0.......0..E...%1......k1.......1.......1.......1.......1.......1.......2......$2......?2......X2......n2......~2.......2..%....2.......2.. ....2.......2.......3......

                                                                  C:\Program Files (x86)\gnupg\share\locale\fi\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 410 messages, Project-Id-Version: gnupg 1.2.2 'Sy\303\266t\303\244 k\303\244ytt\303\244j\303\244tunnus. Lopeta tyhj\303\244ll\303\244 rivill\303\244: '
                                                                  Category:dropped
                                                                  Size (bytes):42743
                                                                  Entropy (8bit):5.104443188666096
                                                                  Encrypted:false
                                                                  SSDEEP:768:hKDZwxPQzT44jOROHEqezoTRudmYGcJrxl52qJV3bx6tRG0LEIexxJkz:VdQP4kEOHZTRudm4rxl5lJV3l6tReU
                                                                  MD5:823C61DAC85855B482BE3591B4C7EA3F
                                                                  SHA1:758BA2AB00BCAA7D47C203D4B7DB47F545BFD36F
                                                                  SHA-256:3DE9053043EFF3BA610037360224BE7B7C28C7B2A8F94AA5A1FE16187122A4B9
                                                                  SHA-512:EDF8E62AB6FB85B479F6F54595AD2B64DED7FFB4F2D79C382FF1FA8F9DBF539A3A3A155FDAF35C9E811169648766718E300C1528D99DE463003537D90FDBCBED
                                                                  Malicious:false
                                                                  Preview:....................#...........H"..-...I"......w".......#.......#.......#.......#.......#.......$......($..D...E$.......$..I....$.......%...... %......:%......W%......t%.......%..$....%..&....%..,....%......#&......@&......S&......p&.......&.......&..]....&.......'......5'......Q'......j'.."....'..%....'..&....'..!....'..%....(.."...A(..#...d(..'....(.. ....(.......(.......(.......)...... )......5)......M)..(...^)..$....).......).......)..#....).......).......*......7*......V*..&...n*..%....*..,....*..'....*..H....+......Y+......f+......s+..-....+..0....+.......+.......,......:,..3...A,..4...u,..-....,.......,.......-.......-.......-..:...(-......c-.......-..#....-..&....-..&....-..............$...G...-...@...u...>.......+.......=...!/......_/.."...o/..:..../......./......./......./..-....0......30..#...>0......b0.."...i0.......0..E...%1......k1.......1.......1.......1.......1.......1.......2......$2......?2......X2......n2......~2.......2..%....2.......2.. ....2.......2.......3......

                                                                  C:\Program Files (x86)\gnupg\share\locale\fr\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 1798 messages, Project-Id-Version: gnupg 2.1 'Entrez l'identit\303\251, en terminant par une ligne vide\302\240: '
                                                                  Category:dropped
                                                                  Size (bytes):200649
                                                                  Entropy (8bit):5.278091338936777
                                                                  Encrypted:false
                                                                  SSDEEP:6144:UP/RQ6OcFf7eHg4RabtM3ReC974YAw9z42bZtP:R6FZWOuegXpz4itP
                                                                  MD5:0D0F42AF18A33972611E8E5D4770E792
                                                                  SHA1:3094C0554450CB2A90252F1B0641AEC40ED6DD42
                                                                  SHA-256:A335308CA6ED2D9D943D41944B5957AD6F58C3E12EA9893DD9989C8039C1D888
                                                                  SHA-512:2EEB2D245D0A2712DB232AD5B4526F88B18795336C7982AF230477B19D283CCA399A0715686F160413D27C368B6D32B99568D443CB830C4F33EF910FEA57A478
                                                                  Malicious:false
                                                                  Preview:................L8.._...|p..........-.......;...'.......c.......l...............N.......b.......{.............................................+...2...H...7...{...2.......D..........+...I...Z...7..........................................5.......O.......l...................$......................+.......&...?...#...f................................................................$...-.......R.......h...&...............,..............................!...........P.......f..................................................... .......9.......L.......X.......u.........................................................%...........6...!...A...O...c...G.......5...........1...&...K.......r...........$..............*......".......]...:...........0.....................!.......9...3...(...m...$.......,.......'..................,...&...E.......l...B.......=.............."...(...%...K...&...q...!.......%......."......#.......'...'... ...O.......p......................................

                                                                  C:\Program Files (x86)\gnupg\share\locale\fr\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 328 messages, Project-Id-Version: libgpg-error-1.17 'Un compteur devrait envelopper'
                                                                  Category:dropped
                                                                  Size (bytes):22649
                                                                  Entropy (8bit):5.055126144772051
                                                                  Encrypted:false
                                                                  SSDEEP:384:uWvgE6BZ1vF7vhtz1wLsJ7HfBSaiaCXasEoNgOmvibF5Pl/JGeGCqwHvcYkyIcNl:VreJ7vhtz1zJ7HfBSaiXl3gOmvibF5P1
                                                                  MD5:4942E6FE7CF37A622E414C6731A6CA74
                                                                  SHA1:B08052F13EE994427B4E1AFA6A62B21AD56C78B1
                                                                  SHA-256:43C4E3737F68548F7E15E6053917CF34DDED9EABC71606BAA836CBD64878341C
                                                                  SHA-512:73ED48A0B882210B62D7DFEC1E659AF48DFD9B9DEB9F5856477E957E601E870B9088314EA29160199B107CA06025FF4A87DD317E8AABC4C7386CD5476E747C44
                                                                  Malicious:false
                                                                  Preview:........H.......\...............x.......y.......................................................................................'......./.......>.......N...$...d...,.......+.......&...............%...'...,...M.......z...........!.......).......#...........................$.......B...*...Q...%...|...,...........................................................).......:.......>.......J.......^.......i.......~........................................................ ....... ..#...2 ......V ......v ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!......;!......M!......^!......j!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......)"......A"......U"......d"......u".......".......".......".......".......".......".......".......#.......#...... #......5#......A#......W#......j#.......#.......#.......#.......#.......#.......#.......#.......#.......$......'$......4$......M$......d$......|$.......$.......$......

                                                                  C:\Program Files (x86)\gnupg\share\locale\gl\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 408 messages, Project-Id-Version: gnupg 1.2.4 'Introduza o ID de usuario. Remate cunha li\303\261a en branco: '
                                                                  Category:dropped
                                                                  Size (bytes):42679
                                                                  Entropy (8bit):5.069737169703256
                                                                  Encrypted:false
                                                                  SSDEEP:768:7EajmjCcoLwMIRRHFnezZTRudg6+coVRaxuOvS9JwYCR:Ij2NwMyRHOTRudgNcoVRaxu8L
                                                                  MD5:40842ADE1B6414144F198FCCCBCBC351
                                                                  SHA1:663BDB2D4BC72DFA49B78E1152FB2B025E900802
                                                                  SHA-256:C887DC550B6A7D33E1A131547B51D79403CB37FB819F48E08C7AC8A273F3C327
                                                                  SHA-512:277F511A858E2573E34F5418CAB385C266CB2E9875E5A429353EF8AC160912BFE7538AA7BFFC17399AFD7FE7FC5306306DBEC466E94772C747DAD74A6E9C8E1E
                                                                  Malicious:false
                                                                  Preview:....................#...........("..-...)"......W"......`#......x#.......#.......#.......#.......#.......$..D...%$......j$..I....$.......$.......%.......%......7%......T%......m%..$....%..&....%..,....%.......&...... &......3&......P&......b&......|&..]....&.......&.......'......1'......J'.."...i'..%....'..&....'..!....'..%....'.."...!(..#...D(..'...h(.. ....(.......(.......(.......(.......).......)......-)..(...>)..$...g).......).......)..#....).......).......).......*......6*..&...N*..%...u*..,....*..'....*..H....*......9+......F+......S+..-...q+..0....+.......+.......+.......,..3...!,..4...U,..-....,.......,.......,.......,.......,..:....-......C-......a-..#...}-..&....-..&....-.......-..........G.......@...U...>.......+.......=..../......?/.."...O/..:...r/......./......./......./..-..../.......0..#....0......B0.."...I0......l0..E....1......K1......i1.......1.......1.......1.......1.......1.......2.......2......82......N2......^2......p2..%....2.......2.. ....2.......2.......2......

                                                                  C:\Program Files (x86)\gnupg\share\locale\hu\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 412 messages, Project-Id-Version: gnupg 2.2.20 'Adja meg a felhaszn\303\241l\303\263i azonos\303\255t\303\263t! \303\234res sorral fejezze be: '
                                                                  Category:dropped
                                                                  Size (bytes):44132
                                                                  Entropy (8bit):5.294474866981511
                                                                  Encrypted:false
                                                                  SSDEEP:768:xjtiBYWhnOHEqezoTRudfNg0A7FfwKpVPuNGwlKjqjgXV/5rmuK/CgNlt5r+luEY:d2YGOHZTRudfNgdF4KpVPuUwlKjqjuVg
                                                                  MD5:7C4C02D653F9FE7EF6CBEB82B7ADEA37
                                                                  SHA1:10B995D0C69E6DC400FB9D04F364101B43D39473
                                                                  SHA-256:4F8DE79D608D59FB3A78F5BEA34628D6A46ED8DD1BB327FFECA047CA50FA7D13
                                                                  SHA-512:0AF8573109354B42C8877A9E7ACDFD44839687DC20574297C35723202F3A4127E9F64769A0C23FF115F9DCC4D0574CA96E6C38C0C3ADD238B6FBE9A40AA89652
                                                                  Malicious:false
                                                                  Preview:....................-............"..-....".......".......#.......#.......#.......$......6$......S$......p$..D....$.......$..I....%......K%......h%.......%.......%.......%.......%..$....%..&....&..,...>&......k&.......&.......&.......&.......&.......&..]....'......_'......}'.......'.......'.."....'..%....'..&....(..!...A(..%...c(.."....(..#....(..'....(.. ....(.......)......6)......K)......h)......}).......)..(....)..$....).......).......*..#....*......A*......`*.......*.......*..&....*..%....*..,....+..'...0+..H...X+.......+.......+.......+..-....+..0....,......8,......g,.......,..3....,..4....,..-....,..*... -..#...K-......o-.......-.......-.......-..:....-.......-..........#...4...&...X...&.......................G.......@..../..>...M/..+..../..=..../......./.."....0..:...)0......d0......w0.......0..-....0.......0..#....0.......0.."....1......#1..E....1.......2...... 2......;2......Z2......n2.......2.......2.......2.......2.......2.......3.......3......'3..%...>3......d3.. ...l3......

                                                                  C:\Program Files (x86)\gnupg\share\locale\hu\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 262 messages, Project-Id-Version: libgpg-error-1.7 'Egy ter\303\274leti be\303\241ll\303\255t\303\241s f\303\274ggv\303\251ny meghi\303\272sult'
                                                                  Category:dropped
                                                                  Size (bytes):17540
                                                                  Entropy (8bit):5.190504943278841
                                                                  Encrypted:false
                                                                  SSDEEP:384:oVyRm9X763beDgy6WPeht90sC2HO7SDiVCXaVR1eNX2MpdKsfFcbe:oVTX76aKyehtbC2HO7SDiYm3eNmMpd91
                                                                  MD5:A696E5E6198AFD0FDE0BB8B74E67CD54
                                                                  SHA1:3A684ED942F3B46F24E5D14FA395FD485DA20065
                                                                  SHA-256:4FB08B814593F50929CCE15D5D6BC8F1EFF796961646D7E30D9022A5CF59091A
                                                                  SHA-512:B199FDA0D4FEEACAF81D2D4E36A7169F7521509AF0A527DA9E7D57DE371503AF8048751EBBE019E9CF8E9CF7450372036B88F86F7D79DA6C03FBEC938C236A96
                                                                  Malicious:false
                                                                  Preview:................L...]...|...............................!.......0.......;.......B.......L......._.......m.......u...................................)...................................7.......F.......V.......d.......u.......y...............................................................................).......8.......X.......l.......|.......................................................................................".......&.......0.......6.......;.......P.......b.......p.......v.......|.......................................................................1.......A......._.......n.......z.......................................................................................+.......=.......J.......e.......~.......................................................................*.......;.......N.......^...(...m.......................................................................*.......;.......O.......g...............................................................................

                                                                  C:\Program Files (x86)\gnupg\share\locale\id\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 410 messages, Project-Id-Version: gnupg-id 'Masukkan user ID. Akhiri dengan baris kosong: '
                                                                  Category:dropped
                                                                  Size (bytes):41028
                                                                  Entropy (8bit):5.045436242643675
                                                                  Encrypted:false
                                                                  SSDEEP:768:hKBtAZS8Gl44jOROHEqezoTRudcTjJVp90ofAM12n:stAc9l4kEOHZTRudcTvj0KAMi
                                                                  MD5:6A7C669DD8EDEEB3735DB8C77CD9857C
                                                                  SHA1:E40026AF410B3234E9DE89BBC5C354A8B381FEBB
                                                                  SHA-256:98B72FDDAEC69B73544EF9D2439309929C8E5378BFD8CBD45534CDBBC0DB4183
                                                                  SHA-512:14200B5A46343AB84C037C6FF89B5D7EB62E130BCE3BE84189CF51F8C9F295BA5F26F76DA7BDC2DED333DD09D9C696B935CC16D86F04C6ED170291B305A7EFCB
                                                                  Malicious:false
                                                                  Preview:....................#...........H"..-...I"......w".......#.......#.......#.......#.......#.......$......($..D...E$.......$..I....$.......%...... %......:%......W%......t%.......%..$....%..&....%..,....%......#&......@&......S&......p&.......&.......&..]....&.......'......5'......Q'......j'.."....'..%....'..&....'..!....'..%....(.."...A(..#...d(..'....(.. ....(.......(.......(.......)...... )......5)......M)..(...^)..$....).......).......)..#....).......).......*......7*......V*..&...n*..%....*..,....*..'....*..H....+......Y+......f+......s+..-....+..0....+.......+.......,......:,..3...A,..4...u,..-....,.......,.......-.......-.......-..:...(-......c-.......-..#....-..&....-..&....-..............$...G...-...@...u...>.......+.......=...!/......_/.."...o/..:..../......./......./......./..-....0......30..#...>0......b0.."...i0.......0..E...%1......k1.......1.......1.......1.......1.......1.......2......$2......?2......X2......n2......~2.......2..%....2.......2.. ....2.......2.......3......

                                                                  C:\Program Files (x86)\gnupg\share\locale\it\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2175 messages, Project-Id-Version: GNU gnupg 2.3.0 'Inserisci l'user ID. Termina con una riga vuota: '
                                                                  Category:dropped
                                                                  Size (bytes):235434
                                                                  Entropy (8bit):5.2066503790557
                                                                  Encrypted:false
                                                                  SSDEEP:6144:Bvb+OBGk6ykFFylWX+PRaYv1QH0QiN7+Wk:BD9j6PmlMU9d7+Wk
                                                                  MD5:32594A48E693493F992FEC76C58CCBBC
                                                                  SHA1:8C91BEF365A994F41BAA25B7BCDB5435E5F7A02A
                                                                  SHA-256:37F1011F19F22EB0CB8E2866CC8F36E45AFF82CDFA83A11D313C99D8F43B89EE
                                                                  SHA-512:7B6B5468469995127D9D8538CF8401464BEC70AA16D6F083FF7EE66CDC5D4E3830DE5E1BD43234B309122B320277622F65336D9D0C997ECB9910AE35F36703C7
                                                                  Malicious:false
                                                                  Preview:.................D..W...........h...-...i...;...............................................................'.......C.......`...2...}.........................0.......2...8...7...k...2.......D..............I...J...7.........................................%.......?.......\.......y...........$.............................+... ...&...L...#...s...*.............................!.......!...'.......I......._...................*.........................................&.......=...$...Z...................&..............,..................'.......D...!...[.......}.........................................)...........F... ...^...................................G...........-.......@.......L.......i.......u...................<.......$...................1.......C.......U...%...f...........................!.......O.......G...3...5...{...........&.......................!...*..."...L...$...o...........*.......".......]...........]...$.......@.......&...H..."...o...].......R.......0...

                                                                  C:\Program Files (x86)\gnupg\share\locale\it\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 312 messages, Project-Id-Version: libgpg-error 'Un contatore si azzererebbe (troppi messaggi...)'
                                                                  Category:dropped
                                                                  Size (bytes):21084
                                                                  Entropy (8bit):4.93999025763579
                                                                  Encrypted:false
                                                                  SSDEEP:384:Wp/mkMHs1X7jMDr7vhtz1wLsJ7HfBSaiaCXaskhLDBS1FnUcFzjk+/+XNjAIQdz:WVYr7vhtz1zJ7HfBSaiXlkLDB2GPg+X8
                                                                  MD5:C4111D03E490A67B3C2C607D5D4E7847
                                                                  SHA1:A4EFE74389FF34D5FB77BD8E853668FBC5AF3983
                                                                  SHA-256:49E53663C67A3DA73CC93254F44A53A4265A34CF67E724D17BFF3351A337FA99
                                                                  SHA-512:256E9947E4629F3A723B4E442FC3954D175BD38AB8BC738A4318717195F617CB18C54CAAD9B81D88792C2AC280802CFCE9CAAB52CE5FDB45505898E996DCB193
                                                                  Malicious:false
                                                                  Preview:........8.......................(.......).......>.......W.......n.......z...................................................................................$.......,...9...+...f...&...............%.......,...........*.......=...!...F...)...h...#.......................................*.......%...,...,...R...............................................................................................................?.......L.......`.......t...................................#...................&.......:.......Y.......i.......~........................................................................ ....... ......7 ......; ......? ......I ......O ......T ......i ......{ ....... ....... ....... ....... ....... ....... ....... .......!.......!......%!......5!......J!......Z!......x!.......!.......!.......!.......!.......!.......!.......!.......!......."......."....../"......;"......L"......Z"......l"......y".......".......".......".......".......".......".......#......,#......F#......S#......

                                                                  C:\Program Files (x86)\gnupg\share\locale\ja\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2217 messages, Project-Id-Version: gnupg 2.4.5 '\343\203\246\343\203\274\343\202\266ID\343\202\222\345\205\245\345\212\233\343\200\202\347\251\272\350\241\214\343\201\247\347\265\202\344\272\206: '
                                                                  Category:dropped
                                                                  Size (bytes):253339
                                                                  Entropy (8bit):6.06437959063965
                                                                  Encrypted:false
                                                                  SSDEEP:6144:ucLnGWoTgB6yqFxmlyrKBRaU4elEL/CmNJD9Z4je:vG+6Z2lq9e6
                                                                  MD5:CCFE7595124FB3AA6073130983F8377C
                                                                  SHA1:CB83C79FD19FD0606E8DE0156FAC3C7AA5AD46F0
                                                                  SHA-256:9D22DF1D6BAC33AA4AC4FB144309352EA2860344E5136E2F1003FBA2628492A0
                                                                  SHA-512:1AB8C8F5E03119555C0FFBA1FCEC8E81C9687E730D52336F46F2652CED09FE25DFBC299FA9A202C76C1A35D6606B8FEB7DD5A34461DAE5006538727B4B483AD9
                                                                  Malicious:false
                                                                  Preview:................dE.................-......;...........K.......T.......l.......6.......J.......c..................................2...........(.......E.......b...0.......2.......7......2.......D...N...........I......7...........D.......a.......m.................................................$...'.......L.......i...........+.......&......#......*...........:.......U.......p...!...}...!.......................................*...".......M.......h...................................$.......................&...$.......K...,...f...........................!...........................&.......A.......\.......w...)............... ...........................).......D...G...]...........................................................<...+...$...h...................................%...................#...........!...9...O...[...G.......5...........)...&...C.......j...........!.......".......$...............*...)..."...T...]...w...........$...Z...@.......&.......".......].......R...h...0...

                                                                  C:\Program Files (x86)\gnupg\share\locale\ja\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 494 messages, Project-Id-Version: libgpg-error 1.47 '(\345\206\205\351\203\250SQL\343\202\263\343\203\274\343\203\211: empty)'
                                                                  Category:dropped
                                                                  Size (bytes):39051
                                                                  Entropy (8bit):5.724658948448436
                                                                  Encrypted:false
                                                                  SSDEEP:768:xBeVITo57cgEZ7vMOzdCw1wHo9J8b0tfIXm3F2Pppe:L2oIcgEZ7vMKozHocAtfIX5+
                                                                  MD5:AD993482D9CE0495CDB6FE70A3985332
                                                                  SHA1:EAD4CAF532D8C0F3D1B46763D18D34668BFDE213
                                                                  SHA-256:070CFC6104B08CF3F26E7C7C43DE61D0F073A1A02A8C3123C68A6F24898F3D84
                                                                  SHA-512:948B4B93E2D8CA12530AFEC85C81DC7860B8FBA8F9C6E0DBED5AE9E9E58955B208D0649AF1CAEC24872B0BD18DC6254933F9B01262A3DAE0C33023A044FDB287
                                                                  Malicious:false
                                                                  Preview:................................H)......I)......d)......~).......).......).......).."....).......*.."....*......4*......J*......Z*......i*..&...z*.......*.......*..(....*.......*.......*.......+.......+......++......9+......A+......P+......X+......k+......{+..$....+..,....+..+....+..&....,......6,..%...T,..,...z,.......,.......,..!....,..)....,..#....-.. ...3-......T-......c-......r-.......-.......-..*....-..%....-..,....-......,.......<.......J.......U.......b.......t................................................................/......./......)/......:/......G/......[/......o/......./......./......./......./..#..../.......0.. ...!0......B0......V0......u0.......0.......0.......0..&....0.......0.......1.......1......,1......?1......X1......n1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......2.......2..,...42......a2......k2......o2......s2......}2.......2.......2.......2.......2.......2.......2.......2.......3.......3......H3......V3......\3......b3......

                                                                  C:\Program Files (x86)\gnupg\share\locale\nb\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2012 messages, Project-Id-Version: GNU gnupg 2.1 'Skriv inn bruker-ID og avslutt med tom linje: '
                                                                  Category:dropped
                                                                  Size (bytes):209618
                                                                  Entropy (8bit):5.315690269294668
                                                                  Encrypted:false
                                                                  SSDEEP:3072:RXUZhNFJQJW6+0Z56O1z4Ffpri//LLNvHT4RaS83b2c5Y9lhU0LcLUKacIniPm:RkblY6OeFfpinh4RaDu9lMm
                                                                  MD5:2F5202BC6C302000C551DC7C79647215
                                                                  SHA1:B91BD30D44E623BB63C24EE0C8CD53344FFC537F
                                                                  SHA-256:FC88B1D4E4712A47BBF8AAE2FB74B4D4D68BA344A67E57A2ED11D0D8745CE776
                                                                  SHA-512:ECF5527D6BEDDE3DC97DF3EE2964B8C9705E5C244E15DB4814A957C967BA07AB1E8D06B7DC174356C67BF4A718045CAA7E45A148C09804E72ABD7E848802C6A2
                                                                  Malicious:false
                                                                  Preview:.................>..{....}.........-......;...........3.......<.......T...............2.......K.......g...........................2..................-.......J...2...g...7.......2......D...........J...I...y...7..........................$.......<.......T.......n..........................$.................. .......=...+...O...&...{...#.................................................(.......?...$...\...................&..............,..................).......F...!...].............................................................4.......O...G...h....................................................*...<...6...$...s.................................%......................!...9...O...[...G.......5..........)...&...C.......j...........!......."......$..............*...)..."...T...]...w..........$...Z...@.......&......."......].......R...h...0..................................-.......D.......].......r...........P...............0...........C.......R...!...p...!.......9...

                                                                  C:\Program Files (x86)\gnupg\share\locale\nl\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 311 messages, Project-Id-Version: libgpg-error 1.10 'Een teller loopt rond'
                                                                  Category:dropped
                                                                  Size (bytes):20438
                                                                  Entropy (8bit):4.974628209346539
                                                                  Encrypted:false
                                                                  SSDEEP:384:ApUqpEoMDA7vhtz1wLsJ7HfBSaiaCXasyzBx+RDJCen+yIdkJji2yETeZr:MUqpqA7vhtz1zJ7HfBSaiXlIBx+RDYyO
                                                                  MD5:7DF4ABCE3B45DBFB9FC4F03DAA2739A6
                                                                  SHA1:91EA8332DA4C8372E721BA15D15790CBE1E06B60
                                                                  SHA-256:BAB673E0D10D31A7D2110BBB5D1BF09A8393239435BF64319D4FD056C76FDD67
                                                                  SHA-512:16FCB9B0B06224D8052F3A06FEC849FB0A4B48979680D287BCC2B9C16E863452076CB15811372E59F28789DF1FB8239B724DE6106E64CCBCD0E8D55FE3BAFC98
                                                                  Malicious:false
                                                                  Preview:........7...............................................G.......^.......j.......y...........................................................................$.......,...)...+...V...&...............%.......,...................-...!...6...)...X...#.......................................*.......%.......,...B.......o......................................................................................................./.......<.......P.......d.......}...........................#...........................*.......I.......Y.......n................................................................................ ......' ......+ ....../ ......9 ......? ......D ......Y ......k ......y ....... ....... ....... ....... ....... ....... ....... .......!.......!......%!......:!......J!......h!......w!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......+"......<"......J"......\"......i".......".......".......".......".......".......".......#.......#......6#......C#......

                                                                  C:\Program Files (x86)\gnupg\share\locale\pl\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2211 messages, Project-Id-Version: gnupg-2.4.4 'Identyfikator u\305\274ytkownika (pusta linia oznacza koniec): '
                                                                  Category:dropped
                                                                  Size (bytes):244577
                                                                  Entropy (8bit):5.477664180344247
                                                                  Encrypted:false
                                                                  SSDEEP:6144:j9Y/PM3wkMhS6ydFxmlymiBRaxwOMoq+AjMfti7yN9fFz:ja8L6C2lNrMobffti7yNBJ
                                                                  MD5:C4705A363BA9B78B42EEC9E43FF8BC7E
                                                                  SHA1:D6CFADD7B8356A042BEBC461E85C15C41732A109
                                                                  SHA-256:FC274B099CE95E19BFCB16952176677496F7DA1381EFA7313463BD40BEA984BB
                                                                  SHA-512:978CB125C4EDA6DB422ACFF977330E2CD002D6A1EFB964C597B514ED0A0E2B9A345D2139B24025673A929FE0C53A70944766BC656176BF97D1CD1914560676D4
                                                                  Malicious:false
                                                                  Preview:................4E......L.......p...-...q...;............................................................../.......K.......h...2.............................0.......2...@...7...s...2.......D..........#...I...R...7.........................................-.......G.......d...................$..............................+...(...&...T...#...{...*.............................!.......!.../.......Q.......g...................*................................... ...............E...$...b...................&...............,...........#......./.......L...!...c...................................................)...$.......N... ...f...................................G...........5.......H.......T.......q.......}...................<.......$...................9.......K.......]...%...n...........................!.......O.......G...;...5...............&.......................!...2..."...T...$...w...........*.......".......]...........e...$.......@.......&...P..."...w...].......R.......0...

                                                                  C:\Program Files (x86)\gnupg\share\locale\pl\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 494 messages, Project-Id-Version: libgpg-error 1.47 '(wewn\304\231trzny kod SQL: pusty)'
                                                                  Category:dropped
                                                                  Size (bytes):35073
                                                                  Entropy (8bit):5.236408346644935
                                                                  Encrypted:false
                                                                  SSDEEP:768:xBeVDj7z7SZ7vMOzdCw1wHo9J8b0tfI+ESsZSwqG:L2DKZ7vMKozHocAtfI+ESskDG
                                                                  MD5:1BA943B03EFC2EC0CA6DF5E29290A559
                                                                  SHA1:53097D35364C5DBAF978A4B6B9678ECC405E2AC7
                                                                  SHA-256:99ED9F91D22C1C95665F3A3A32058F1CF528E2AF1F7897F35836755F63DBDCC1
                                                                  SHA-512:37CCED1D906A95D3B83A430FD629072AB397EE1782B8D758A3D5A9ABE83BB9AB132352C1DD58C0460D45E43B47F32B06B479FFB72ECF9B92D17189F5E62D1D88
                                                                  Malicious:false
                                                                  Preview:................................H)......I)......d)......~).......).......).......).."....).......*.."....*......4*......J*......Z*......i*..&...z*.......*.......*..(....*.......*.......*.......+.......+......++......9+......A+......P+......X+......k+......{+..$....+..,....+..+....+..&....,......6,..%...T,..,...z,.......,.......,..!....,..)....,..#....-.. ...3-......T-......c-......r-.......-.......-..*....-..%....-..,....-......,.......<.......J.......U.......b.......t................................................................/......./......)/......:/......G/......[/......o/......./......./......./......./..#..../.......0.. ...!0......B0......V0......u0.......0.......0.......0..&....0.......0.......1.......1......,1......?1......X1......n1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......2.......2..,...42......a2......k2......o2......s2......}2.......2.......2.......2.......2.......2.......2.......2.......3.......3......H3......V3......\3......b3......

                                                                  C:\Program Files (x86)\gnupg\share\locale\pt\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2212 messages, Project-Id-Version: gnupg 'Introduzir a ID do utilizador. Terminar com uma linha vazia: '
                                                                  Category:dropped
                                                                  Size (bytes):236054
                                                                  Entropy (8bit):5.280095064437564
                                                                  Encrypted:false
                                                                  SSDEEP:6144:2ryJxof9FhH6yqFxmlyoKBRaPe/JRusAsn:zyVFZ6Z2lni
                                                                  MD5:0D2A245A5FA50708D7A3FF46523A648B
                                                                  SHA1:FA510BFCC8ACF650DC26D200231D4FEB4B74A585
                                                                  SHA-256:AAAEB1DAB6AD84525DA3AB44FF89AAF3F5D4EFECC2E5E8DBDE7E3DAC677E73C1
                                                                  SHA-512:D60EF3F4470C4CC2CD9BF2DDAF5720464DBCAAB617C57DC831CEB9AB282D44A84D03199E725834EDC8CE8929A028C8F3272FA349820AF44E339F7474694FAB0E
                                                                  Malicious:false
                                                                  Preview:................<E......\...........-.......;................................................................?.......[.......x...2.............................0.......2...P...7.......2.......D..........3...I...b...7..................................%.......=.......W.......t...................$.........................&...+...8...&...d...#.......*..............................!.......!...?.......a.......w...................*...................................0.......>.......U...$...r...................&...............,...........3.......?.......\...!...s...................................................)...4.......^... ...v...................................G...........E.......X.......d...................................<.......$...........-.......I.......[.......m...%...~...........................!.......O.......G...K...5...............&...................'...!...B..."...d...$...............*.......".......]...........u...$.......@.......&...`...".......].......R.......0...

                                                                  C:\Program Files (x86)\gnupg\share\locale\pt\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 312 messages, Project-Id-Version: libgpg-error 1.17 'Um contador daria a volta'
                                                                  Category:dropped
                                                                  Size (bytes):21316
                                                                  Entropy (8bit):5.030072151029413
                                                                  Encrypted:false
                                                                  SSDEEP:384:Wp/mkMHCcefMDr7vhtz1wLsJ7HfBSaiaCXaspJPu9VAPqW0chONRuoNuS3pVwu0I:WvcJr7vhtz1zJ7HfBSaiXlXPu9VAPb09
                                                                  MD5:9C07FB72AFF8C953ED8F77B98842BDAF
                                                                  SHA1:0D7591C2DF9AA53F2461C3093D49DA3DE48A31C1
                                                                  SHA-256:A6B963D488B98EB4561A31D54A2466169D2449920B991D000981A3328AFD18BD
                                                                  SHA-512:6CCFE1240B818EF9864CA41F5C6AD67085639F295C5FAF73D3F56F6870CB30F285E0117936DB4EE6A8CEA4A84196AA3316193BD82F2B259093B45C57F6197A4A
                                                                  Malicious:false
                                                                  Preview:........8.......................(.......).......>.......W.......n.......z...................................................................................$.......,...9...+...f...&...............%.......,...........*.......=...!...F...)...h...#.......................................*.......%...,...,...R...............................................................................................................?.......L.......`.......t...................................#...................&.......:.......Y.......i.......~........................................................................ ....... ......7 ......; ......? ......I ......O ......T ......i ......{ ....... ....... ....... ....... ....... ....... ....... .......!.......!......%!......5!......J!......Z!......x!.......!.......!.......!.......!.......!.......!.......!.......!......."......."....../"......;"......L"......Z"......l"......y".......".......".......".......".......".......".......#......,#......F#......S#......

                                                                  C:\Program Files (x86)\gnupg\share\locale\ro\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 796 messages, Project-Id-Version: gnupg 1.4.2rc1 'Introduce\305\243i ID-ul utilizator. Termina\305\243i cu o linie nou\304\203: '
                                                                  Category:dropped
                                                                  Size (bytes):82389
                                                                  Entropy (8bit):5.224896980105476
                                                                  Encrypted:false
                                                                  SSDEEP:1536:LZTjIeykZXuCx/0o+JRadwDVy3qj07r9rHdqnxC:LZHItEuCx/0o+JRad0j07r9v
                                                                  MD5:D3CF450DE892C073B8B6F9B7CF6EE813
                                                                  SHA1:AD9DECC790310657D70AD5761D382A24C7E0EF18
                                                                  SHA-256:3C6AEEFC1DA28F906CC73200DEB4B7AF455C8CDAD9A286F1B505B9886EF49B4E
                                                                  SHA-512:6F6C3F7DB84782B057718A3C5CA7A0574CAA259EA9961E090CDFFC3511A6777E1D6F4E37A3B853F0181391FC4A5A609CB0E464D11CC7527A9DAA9641FC6C673F
                                                                  Malicious:false
                                                                  Preview:....................%....1......pB..-...qB.......B.......C.......C.......D.......D.......D.......D.......D.......E......6E......SE..2...pE..7....E..2....E..D....F......SF..I....F..7....F.......G......!G......-G......EG......]G......wG.......G.......G.......G..+....G..&....H..#.../H......SH..$...pH.......H.......H..&....H.......H..,....I......1I......NI..!...eI.......I.......I.......I.......I.......I.......I.......J.......J......0J......MJ......_J......qJ.......J.......J.......J..*....J.."....K..]...$K.......K.......K..,....K..'....K.......L......,L......EL..B...aL..=....L.......L.."....M..%...$M..&...JM..!...qM..%....M.."....M..#....M..'....N.. ...(N......IN......fN......{N.......N.......N.......N..(....N..$....N......$O......9O..#...MO......qO.......O.......O..!....O.......O.......P......,P..&...DP..%...kP.......P..,....P..'....P..H....P......;Q......HQ......UQ......sQ.......Q.......Q..D....Q..-....R..0...6R..I...gR..*....R..+....R..'....S......0S......=S......US......fS.......S......

                                                                  C:\Program Files (x86)\gnupg\share\locale\ro\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 226 messages, Project-Id-Version: libgpg-error 1.1 'O func\305\243ie locale a e\305\237uat'
                                                                  Category:dropped
                                                                  Size (bytes):14455
                                                                  Entropy (8bit):5.004149323676967
                                                                  Encrypted:false
                                                                  SSDEEP:384:b5VL3IS6Fevht9Is+ZH4VSkuaCmaVGUVK2mop7tAkSao1d:b5R3IFevht7+ZH4VSkuXPjd7nSaoP
                                                                  MD5:D0834F12227079DE7B88FC79FD3006C7
                                                                  SHA1:B51BDA518D0F34E74B94BBE206DC1EAF4E13D63B
                                                                  SHA-256:BE32E601B982C8AF7F1219ACCD449EF628B20061F6D30E0853A8E68D7B4B067B
                                                                  SHA-512:E8A8DA358BFFEED2AC2A7289B579D1B84060704B3957E9EBD59012A05702FAB98C3340EF50BD6C46839C74A2C36D244E991F3B1653AAE51581726C22C751CCAC
                                                                  Malicious:false
                                                                  Preview:................,...3...<.......................".......9.......H.......O.......Y.......l.......z...........................................).......#...........,.......;.......J.......h.......w...............................................................................................0.......D.......Z.......i............................................................................... .......2.......C.......O.......S.......W.......a.......g.......l.......z............................................................................................... .......3.......H.......T.......e.......s...............................................................................H.......U.......d.......r...........................(........................................... .......2.......E.......b.......r...............................................................................................%.......5.......?.......M.......\.......p...........$...........................................

                                                                  C:\Program Files (x86)\gnupg\share\locale\ru\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2061 messages, Project-Id-Version: GnuPG 2.2.0 '\320\222\320\262\320\265\320\264\320\270\321\202\320\265 \320\270\320\264\320\265\320\275\321\202\320\270\321\204\320\270\320\272\320\260\321\202\320\276\321\200 \320\277\320\276\320\273\321\214\320\267\320\276\320\262\320\260\321\202\320\265\320\273\321\217. \320\227\320\260\320\262\320\265\321\200\321\210\320\270\321\202\320\265 \320\277\321\203\321\201\321\202\320\276\320\271 \321\201\321\202\321\200\320\276\320\272\320\276\320\271: '
                                                                  Category:dropped
                                                                  Size (bytes):289269
                                                                  Entropy (8bit):5.464279237531851
                                                                  Encrypted:false
                                                                  SSDEEP:6144:tOWnrr7i16JOFlF5HV4RaXSjPPtfGJG0ujnprttI8NktnBplhK8zgHz:tNn068Z9jS7PtfGUrjnprttI8NktnBpq
                                                                  MD5:B9385BC7B3A7215A216DD9C2B74A58BA
                                                                  SHA1:C7DAA3F994DBFFD38D049D3B813CB04F8FA85B36
                                                                  SHA-256:9A48271F4C2BF686F44C7A6ACF60A3C977FD5D7BE0B9CEE5140ED598237EE98D
                                                                  SHA-512:FFE6EF0A784141B22D6597C61EDF5B5032170BF0AC31EAF0ABC7215647B678C768E2A4DD64E5F29C227A742B2C53DA820DED816293FF8B373302DBEA17FF3E4D
                                                                  Malicious:false
                                                                  Preview:.................@................-......;...........K.......T.......l.......6.......J.......c..................................2...........(.......E.......b...2.......7.......2......D...........b...I.......7..................0.......<.......T.......l..................................$...................8.......U...+...g...&.......#.................................!...............?.......M.......d...$.......................&..............,...........B.......N.......k...!.................................................&.......>.......Y.......t...G.................................................2.......O...<...[...$.....................................%...........4.......S...!...^...O.......G......5...........N...&...h...................!......"......$...........1...*...N..."...y...]...............$.......@.......&......".......].../...R.......0..................$.......9.......R.......i...........................P..............0...7.......h.......w...!.......!...

                                                                  C:\Program Files (x86)\gnupg\share\locale\ru\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 452 messages, Project-Id-Version: libgpg-error '\320\221\321\213\320\273\320\276 \320\261\321\213 \320\277\320\265\321\200\320\265\320\277\320\276\320\273\320\275\320\265\320\275\320\270\320\265 \321\201\321\207\320\265\321\202\321\207\320\270\320\272\320\260'
                                                                  Category:dropped
                                                                  Size (bytes):40694
                                                                  Entropy (8bit):5.288171789316034
                                                                  Encrypted:false
                                                                  SSDEEP:768:yklyR+WRRkvsWIy27vMtzdui1wH/9JSbStj3ZrjsSH/50RvJZ:lgROky27vMpkRH/y+tj3Zrgu/50RX
                                                                  MD5:6C9A697DCC16B3547284F12ABED9AC23
                                                                  SHA1:D2ED6A1C86176204409F2EB67290ACB3A099AEF9
                                                                  SHA-256:603E88FDB6321D0DEA325E49A3710587294E2F1591C9EBB0DFEC5F152969E2A8
                                                                  SHA-512:90F7F0A8F42E847022B0D44B38BD5B254F136A1F6A8C114B9816F17C960D26BC1FBDC40AEFB82382818FCE5F202FA7411F4438DEB6DDA45EB27182894BB26E0E
                                                                  Malicious:false
                                                                  Preview:................<..._...\........%.......%.......%.......&.."....&......A&.."...M&......p&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'......!'......1'..$...G'..,...l'..+....'..&....'.......'..%....(..,...0(......](......p(..!...y(..)....(..#....(.. ....(.......).......)......()......F)..*...U)..%....)..,....).......).......).......).......).......*.......*......-*......>*......B*......N*......a*......|*.......*.......*.......*.......*.......*.......*.......+.......+....../+......C+......Y+......h+..#....+.......+.. ....+.......+.......+.......,......,,......E,......b,..&...w,.......,.......,.......,.......,.......,.......,.......-.......-......%-......5-......F-......S-......e-......v-.......-.......-.......-.......-.......-.......-.......-.......-.......-.......-.......-..............-.......@.......X.......t................................................................/......./......3/......B/......S/......c/..!...x/......./......./......

                                                                  C:\Program Files (x86)\gnupg\share\locale\sk\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 409 messages, Project-Id-Version: gnupg 1.2.5 'Nap\303\255\305\241te identifik\303\241tor u\305\276\303\255vate\304\276a (user ID). Ukon\304\215ite pr\303\241zdnym riadkom: '
                                                                  Category:dropped
                                                                  Size (bytes):43653
                                                                  Entropy (8bit):5.351570897312704
                                                                  Encrypted:false
                                                                  SSDEEP:768:Ak5P6xjpUx41LaROHEqezoTRulGNerDIGLQkrTkIWj1AOlZled:/5P6xFUx45IOHZTRulzlMO
                                                                  MD5:DB45D70582952340EF8CCCB71AB41257
                                                                  SHA1:1B84C87214426467C7D33B145D4C56EF5A569FE8
                                                                  SHA-256:66E60FAE85871D6A1E0A10E3E45DC73B3992BE0287E2D7B01E0CA8D7B7CD3D0C
                                                                  SHA-512:1C506C2A9AF91EBB5B5E31708D8222EAF9D97C83D50383DC453CE5C199C4810312207ED6AFF3B32D01955BDAC30D5D5490F4E74B63AD0A1CBAB3CCE03C23025D
                                                                  Malicious:false
                                                                  Preview:....................#...........8"..-...9"......g"......p#.......#.......#.......#.......#.......#.......$..D...5$......z$..I....$.......$.......%......*%......G%......d%......}%..$....%..&....%..,....%.......&......0&......C&......`&......r&.......&..]....&.......'......%'......A'......Z'.."...y'..%....'..&....'..!....'..%....(.."...1(..#...T(..'...x(.. ....(.......(.......(.......(.......)......%)......=)..(...N)..$...w).......).......)..#....).......).......*......'*......F*..&...^*..%....*..,....*..'....*..H....+......I+......V+......c+..-....+..0....+.......+.......,......*,..3...1,..4...e,..-....,.......,.......,.......-.......-..:....-......S-......q-..#....-..&....-..&....-.......-..........G.......@...e...>.......+.......=..../......O/.."..._/..:..../......./......./......./..-..../......#0..#....0......R0.."...Y0......|0..E....1......[1......y1.......1.......1.......1.......1.......1.......2....../2......H2......^2......n2.......2..%....2.......2.. ....2.......2.......2......

                                                                  C:\Program Files (x86)\gnupg\share\locale\sr\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 262 messages, Project-Id-Version: libgpg-error-1.7 '\320\210\320\265\320\267\320\270\321\207\320\272\320\260 \321\204\321\203\320\275\320\272\321\206\320\270\321\230\320\260 \320\275\320\270\321\230\320\265 \321\203\321\201\320\277\320\265\320\273\320\260'
                                                                  Category:dropped
                                                                  Size (bytes):21279
                                                                  Entropy (8bit):5.205383040123181
                                                                  Encrypted:false
                                                                  SSDEEP:384:oVyRm9X763lLKjjnPeht90sC2HO7SDiVCXaVRyL12SofR2R6jSklZFG6pr:oVTX76VL4jPehtbC2HO7SDiYmE107ZQI
                                                                  MD5:DFC1560275BC0217FEF12941EF5245E6
                                                                  SHA1:B2DF10C972A64EDCB6D95ED451E5B9AFE6DF584B
                                                                  SHA-256:41A6FB3310646C718BC435D2E9C5B9D263552B56C8B80463C2AB135361D6DA08
                                                                  SHA-512:BB8DD295AE3A880D4F2BDC561F15AA66F9B180CB85285B462A26BE47D023448152C0FFF36714B7A7A39634210FD3ED424A6A227973244EF1DAD9C7D84740068F
                                                                  Malicious:false
                                                                  Preview:................L...]...|...............................!.......0.......;.......B.......L......._.......m.......u...................................)...................................7.......F.......V.......d.......u.......y...............................................................................).......8.......X.......l.......|.......................................................................................".......&.......0.......6.......;.......P.......b.......p.......v.......|.......................................................................1.......A......._.......n.......z.......................................................................................+.......=.......J.......e.......~.......................................................................*.......;.......N.......^...(...m.......................................................................*.......;.......O.......g...............................................................................

                                                                  C:\Program Files (x86)\gnupg\share\locale\sv\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 1281 messages, Project-Id-Version: gnupg trunk 'Ange anv\303\244ndaridentiteten. Avsluta med en tom rad: '
                                                                  Category:dropped
                                                                  Size (bytes):131225
                                                                  Entropy (8bit):5.247298433256496
                                                                  Encrypted:false
                                                                  SSDEEP:3072:fMZC1+rv2Y+XKo/H6OS1G/rZ1WRa9RqqVi/X7itakM:fw2+r+P6OwGDZ1WRaWqVi/XOC
                                                                  MD5:E0A76D2A72F625E5F62CAFE1F2FEEAA8
                                                                  SHA1:4199774014EADA97D7F7AD6B63C9953C0FC8A29F
                                                                  SHA-256:8E18AD961D8380B59C85A4802DB728B2BD03AF31A745E52253F78DA9466FE21E
                                                                  SHA-512:9553D36BCAFCE6DC9652FEB840A79D4432F4B592309CE4913DE450049ABD707C88D7AF5176D404832757ABFC6A05A480B286DF262687E0E725C2FAE6450D0871
                                                                  Malicious:false
                                                                  Preview:................$(......,P.......j..-....j..;....k......Kk......Tl......ll......6m......Jm......cm.......m.......m.......m.......m.......m.......n..2...0n..7...cn..2....n..D....n.......o..I...Bo..7....o.......o.......o.......o.......p.......p......7p......Tp......qp.......p.......p.......p..+....p..&....q..#...)q......Mq......cq.......q.......q.......q.......q.......q..$....q.......r.......r..&...5r......\r..,...wr.......r.......r..!....r.......r.......s......+s......Fs......as......|s.......s.......s.......s.......s.......s.......s.......t......,t......Ht......Zt......lt..%...}t.......t.......t.......t..*....t.."..."u..]...Eu.......u.......u.......u..!....u..$....v..,...2v..'..._v.......v.......v.......v..B....v..=....w......Yw.."...xw..%....w..&....w..!....w..%....x.."...0x..#...Sx..'...wx.. ....x.......x.......x.......x.......y......$y......<y..(...My..$...vy.......y.......y..#....y.......y..$....z......,z......Kz..!...jz.......z.......z../....z..#....z.......{......7{..&...O{..%...

                                                                  C:\Program Files (x86)\gnupg\share\locale\sv\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 276 messages, Project-Id-Version: libgpg-error 1.7 'En lokalfunktion misslyckades'
                                                                  Category:dropped
                                                                  Size (bytes):17166
                                                                  Entropy (8bit):5.061533020609893
                                                                  Encrypted:false
                                                                  SSDEEP:384:7wtty7SMc+UNlOeht90sC2HO7SDiVCXaV31hpgX6pqvyY+5/0tRiJ/5OrnSrJO+:RlZJehtbC2HO7SDiYmP+GY+Rs4
                                                                  MD5:771780C1BD78982B82A49E6C30F39697
                                                                  SHA1:85DDB30668598DD2E1A44643EBF5573EC606BC1E
                                                                  SHA-256:77E13A49B24A100511078E54A2F6781F6E84CD49BA4B51D2D0F5E24E7E6C1A9A
                                                                  SHA-512:D30DD65494B64A43603AA7F9285C7024B737DE3902784AA53AC737B92FCC528FC298526AF1AC9197223BB9743A3EA0A39192DE18F5BFBB25E4ACFE62E8219066
                                                                  Malicious:false
                                                                  Preview:....................u...\.......0.......1.......J.......a.......p.......{...........................................................................)...........;.......J.......Y.......w...............................................................................................+.......?.......S.......i.......x......................................................................."......./.......A.......R.......^.......b.......f.......p.......v.......{...............................................................................,.......;.......L.......\.......q.......................................................................................+.......@.......L.......].......k.......}...............................................................&.......@.......M.......\.......j.......{...................(...................................................*.......=.......Z.......j.......{.......................................................................!.......&.......2.......

                                                                  C:\Program Files (x86)\gnupg\share\locale\tr\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2208 messages, Project-Id-Version: gnupg 2.4.0 'Kullan\304\261c\304\261 kimli\304\237ini girin. Bo\305\237 bir sat\304\261rla sonland\304\261r\304\261n: '
                                                                  Category:dropped
                                                                  Size (bytes):240603
                                                                  Entropy (8bit):5.408285926129798
                                                                  Encrypted:false
                                                                  SSDEEP:6144:V1jJ5qyKLk6ydFxylymtBRax4TooiiQQoPg9jYBUcXS:iu6CClNvKS
                                                                  MD5:22B2B4EFBE6577147C3CE4BC79E62220
                                                                  SHA1:143C6EF84B63A84F646F5976F79B2441EA65DA6A
                                                                  SHA-256:65801F7CAD56A8DA6269CA06F31B4D0C5C85FDAD48D0C133CB9D70EEC588B469
                                                                  SHA-512:342E110CE341F1049D202B5E1451E898E4D26D3D404633E93A8784E2EC5049F1131CA417155F6C0A895C1E4B59A85DFA31AC5E0094EF0CCC0FC47DEA45A74CC9
                                                                  Malicious:false
                                                                  Preview:.................E..............@...-...A...;...o............................................................................8...2...U..........................0......2.......7...C...2...{...D..............I..."...7...l.....................................................4.......Q.......n...$.............................+.......&...$...#...K...*...o..........................!......!...........!.......7.......W.......d...*.......................................................$...2.......W.......m...&...............,...............................!...3.......U.......k...................................)............... ...6.......W.......n...................G...........................$.......A.......M.......b...........<.......$...................................-...%...>.......d...................!.......O.......G.......5...S...........&.......................!......."...$...$...G.......l...*.......".......]...........5...$.......@.......&... ..."...G...]...j...R.......0...

                                                                  C:\Program Files (x86)\gnupg\share\locale\uk\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2022 messages, Project-Id-Version: GNU gnupg 2.1.0 '\320\222\320\272\320\260\320\266\321\226\321\202\321\214 \321\226\320\264\320\265\320\275\321\202\320\270\321\204\321\226\320\272\320\260\321\202\320\276\321\200 \320\272\320\276\321\200\320\270\321\201\321\202\321\203\320\262\320\260\321\207\320\260. \320\224\320\260\320\275\321\226 \321\201\320\273\321\226\320\264 \320\267\320\260\320\262\320\265\321\200\321\210\320\270\321\202\320\270 \320\277\320\276\321\200\320\276\320\266\320\275\321\226\320\274 \321\200\321\217\320\264\320'
                                                                  Category:dropped
                                                                  Size (bytes):294689
                                                                  Entropy (8bit):5.461053907633855
                                                                  Encrypted:false
                                                                  SSDEEP:6144:zukR6OrFCpLl84RaF6Aebwy2h4qncRL+ZGqBnG:Sq6UW5c6Aebwy2h4qnc5TcnG
                                                                  MD5:794D7E32BFAB5100F17F3EBE19C2A121
                                                                  SHA1:B7A80BCF5BFEFC0E170F2AB3811438279E4861C4
                                                                  SHA-256:7E66F35C9A9EF367719719F49ED4A26BBFC82D681350CFC384EBEF505993A047
                                                                  SHA-512:A0F9DCB3DBA93ED4D65E1C39D7040B0B404ED6161D2463A9DEE157C4EA690470A7F23A156477FC3D430AA1BB00233CCD6832B1D6CB0D75C10E931469D655D12C
                                                                  Malicious:false
                                                                  Preview:................L?......|~..........-.......;..........................4.......................+.......G.......g...................2..........................*...2...G...7...z...2.......D..........*...I...Y...7..........................................4.......N.......k...................$..............................+.../...&...[...#.................................................................,...$...I.......n...........&..............,..........................3...!...J.......l.....................................................!.......<...G...U.........................................................<...#...$...`..................................%......................!...&...O...H...G.......5..............&...0.......W.......t...!.......".......$..............*......."...A...]...d..........$...G...@...l...&......."......].......R...U...0.........................................1.......J......._.......t...P..............0...........0.......?...!...]...!...

                                                                  C:\Program Files (x86)\gnupg\share\locale\uk\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 482 messages, Project-Id-Version: libgpg-error 1.7 '(\320\262\320\275\321\203\321\202\321\200\321\226\321\210\320\275\321\226\320\271 \320\272\320\276\320\264 SQL: \320\277\320\276\321\200\320\276\320\266\320\275\321\214\320\276)'
                                                                  Category:dropped
                                                                  Size (bytes):45209
                                                                  Entropy (8bit):5.307925456870259
                                                                  Encrypted:false
                                                                  SSDEEP:768:BVrySN32N4Bq7vMtzdCw1wH29J8bttfIgyXCcXRlO:nGss4I7vMpozH2cZtfIgyS6lO
                                                                  MD5:F2A718279E28AB28BE2BB0FA942149C6
                                                                  SHA1:6AB0943CED329C2BEDFFEE1D2F964F287DE7EC25
                                                                  SHA-256:08E033401AC22731F5D6D69F76241CB5A12E3699001A989DF6CB52F8BB7F676E
                                                                  SHA-512:B73839B4C0684009B873893BB0441EA33E9A40E93B9A9EC83850202D870F732EB023CDAA07DEB74973DEB5ACF24978AA670DD884B1DD99F53E9140ACBD634EA4
                                                                  Malicious:false
                                                                  Preview:................,.......<.......H(......I(......d(......~(.......(.......(.......(.."....(.......).."....)......4)......J)......Z)......i)..&...z).......).......)..(....).......).......).......*.......*......+*......9*......A*......P*......c*......s*..$....*..,....*..+....*..&....+.......+..%...L+..,...r+.......+.......+..!....+..)....+..#....,.. ...+,......L,......[,......j,.......,..*....,..%....,..,....,.......-......%-......3-......>-......K-......]-......o-.......-.......-.......-.......-.......-.......-.......-.......-..............#.......0.......D.......X.......q...........................#............... ..../......+/......?/......^/......n/......./......./..&..../......./......./.......0.......0......(0......A0......W0......i0......q0.......0.......0.......0.......0.......0.......0.......0.......0.......1..,....1......J1......T1......X1......\1......f1......l1......q1.......1.......1.......1.......1.......1.......1.......2......12......?2......E2......K2......\2......{2......

                                                                  C:\Program Files (x86)\gnupg\share\locale\vi\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 262 messages, Project-Id-Version: libgpg-error 1.7 'M\341\273\231t h\303\240m mi\341\273\201n \304\221\341\273\213a ph\306\260\306\241ng b\341\273\213 l\341\273\227i'
                                                                  Category:dropped
                                                                  Size (bytes):18302
                                                                  Entropy (8bit):5.402278071486089
                                                                  Encrypted:false
                                                                  SSDEEP:384:oVyRm9X763jlUaJMC3Peht90sC2HO7SDiVCXaVonqCmq3pblWMQ4YZx:oVTX76TDfehtbC2HO7SDiYmCmGbljQX
                                                                  MD5:FD82A046C8680C93EB836E62FF51A0EA
                                                                  SHA1:06F88B89F96C6B0518AF480F4411D8927BA504CF
                                                                  SHA-256:67BE007BDE95759F6D22B59403C0DCDB50D95A4DA4FAFC021FD1A7F1B7C6745F
                                                                  SHA-512:17453C3257FE21867F092357DF2F639E1BF92D0CC80ECA5F56AF109DA3443E72B0D92E4D698886064E618C6D3148301E65F7DD7A504A824D0256EB01B6F68DED
                                                                  Malicious:false
                                                                  Preview:................L...]...|...............................!.......0.......;.......B.......L......._.......m.......u...................................)...................................7.......F.......V.......d.......u.......y...............................................................................).......8.......X.......l.......|.......................................................................................".......&.......0.......6.......;.......P.......b.......p.......v.......|.......................................................................1.......A......._.......n.......z.......................................................................................+.......=.......J.......e.......~.......................................................................*.......;.......N.......^...(...m.......................................................................*.......;.......O.......g...............................................................................

                                                                  C:\Program Files (x86)\gnupg\share\locale\zh_CN\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 2192 messages, Project-Id-Version: GNU gnupg 2.3.8 '\350\276\223\345\205\245\347\224\250\346\210\267\346\240\207\350\257\206\343\200\202\344\273\245\347\251\272\347\231\275\350\241\214\347\273\223\346\235\237\357\274\232 '
                                                                  Category:dropped
                                                                  Size (bytes):219623
                                                                  Entropy (8bit):6.268034191714524
                                                                  Encrypted:false
                                                                  SSDEEP:6144:K4g86yNFxylhaCPRaTtYUQA9WkGFxCADAfam1omG1MKyAjJm58NwLx:A868ClwDN36xCADD3mG1yAs
                                                                  MD5:BFC0BFF39018349DF1E22C8B49C8153D
                                                                  SHA1:731B53D7B745256363743DF1981C09305B1C0B03
                                                                  SHA-256:916FB119C5FD37718FC352A7B8A16891ED9E56F65ABB246C4D0A5ED1811A5EF9
                                                                  SHA-512:4F878FA12FEFC1038DE9980C18D902B927EEA4FEED9715B6369CCFB9CC4D90A8A9D6762B766322BAC435A4B903141A9F102F04E67198E5B3B811D81541B732B2
                                                                  Malicious:false
                                                                  Preview:.................D..o..............-......;...........C.......L.......d...............B.......[.......w..........................2.......... .......=.......Z...0...w...2.......7......2.......D...F...........I.......7...........<.......Y.......e.......}.........................................$...........D.......a.......~...+.......&.......#......*...........2.......M.......h...!...u...!.....................................*...........E.......`.......w...........................$.....................&...........C...,...^...........................!...................................9.......T.......o...)............... ...........................!.......<...G...U...........................................................<...#...$...`...................................%...........................&...!...1...O...S...G.......5...........!...&...;.......b...........!.......".......$...............*...!..."...L...]...o...........$...R...@...w...&.......".......].......R...`...0...

                                                                  C:\Program Files (x86)\gnupg\share\locale\zh_CN\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 490 messages, Project-Id-Version: libgpg-error 1.39 '\357\274\210\345\206\205\351\203\250 SQL \344\273\243\347\240\201\357\274\232empty \347\251\272\357\274\211'
                                                                  Category:dropped
                                                                  Size (bytes):31390
                                                                  Entropy (8bit):5.82940914244568
                                                                  Encrypted:false
                                                                  SSDEEP:768:RFHdAk5RQsbqlDi7WV7vMtzdCw1wHx9J8bttfIUX1L39kkDBSsNibo5u9c3epYTs:HuV7vMpozHxcZtfI2Ak1SsNibo5u9c3A
                                                                  MD5:90FFCF52F5913FBD1E7ACBDDB38A487E
                                                                  SHA1:0F8508BCF9E0785E01442C82BCC7410148743456
                                                                  SHA-256:08D4CA3AB9ECF1E3E322C99071032666A071B19B601FA07EB3DB56615D73ECB7
                                                                  SHA-512:D5B9B39735B6708AC16D3DEA76D3B79F4F5608DBC38F6E22719825C8F5A1CB094F51B379EDE9C035BDCFA66CF4EDF519A3599036A07F67E307E1CCF59A1BE4F5
                                                                  Malicious:false
                                                                  Preview:................l................(.......(.......)......&)......;)......T)......k).."....).......).."....).......).......).......*.......*..&..."*......I*......T*..(...[*.......*.......*.......*.......*.......*.......*.......*.......*.......+.......+..$...1+..,...V+..+....+..&....+.......+..%....+..,....,......G,......Z,..!...c,..)....,..#....,.. ....,.......,.......-.......-......0-..*...?-..%...j-..,....-.......-.......-.......-.......-.......-......................(.......,.......8.......K.......f................................................................/......./......-/......C/......R/..#...n/......./.. ..../......./......./.......0.......0....../0......L0..&...a0.......0.......0.......0.......0.......0.......0.......0.......1.......1......(1......81......I1......V1......h1......y1.......1.......1.......1..,....1.......1.......1.......2.......2.......2.......2.......2.......2......@2......]2......p2.......2.......2.......2.......2.......2.......2.......2.......3......#3......

                                                                  C:\Program Files (x86)\gnupg\share\locale\zh_TW\LC_MESSAGES\gnupg2.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 1784 messages, Project-Id-Version: GNU gnupg 2.1.0 '\350\253\213\350\274\270\345\205\245\344\275\277\347\224\250\350\200\205 ID. \344\273\245\347\251\272\347\231\275\345\210\227\347\265\220\346\235\237: '
                                                                  Category:dropped
                                                                  Size (bytes):174063
                                                                  Entropy (8bit):6.197786304853105
                                                                  Encrypted:false
                                                                  SSDEEP:3072:o2rynUHb+0Y56OyyQFfXroH9O4Ra95Kg5au69vmhC5bOy7NYWbMPuj:o2OUM6OcFf7oHo4RaLKg5au69vmhC5bZ
                                                                  MD5:9B8D58EE144FD79D206C6CB8F71CBCBF
                                                                  SHA1:42A402E21701E6B6DF9522ECC00C3CC817B23225
                                                                  SHA-256:34F44A204696C478E20C5F3F595B7B9370CB98B1A15CACADD1B4B9772BA6B2BC
                                                                  SHA-512:00B9FD173C8F3B2171F56984A6024F8E92D821B0D51839D3602334102DEA20BDEF2A19FCFBD80A9CD882718AF76F6BE283206099E55204A2F62BEDB5648C56C2
                                                                  Malicious:false
                                                                  Preview:.................7..M....o.........-......;...........;.......D.......\.......&.......:.......S.......s.........................................2... ...7...S...2.......D...............I...2...7...|.............................................'.......D.......a.......~...$......................+......&.......#...>.......b.......x.........................................$...................3...&...J.......q...,.............................!...................1.......L.......g.............................................................#.......@.......L.......a.......~..................................%..............!.......O.......G...~...5..............&...........=.......Z...$...u...........*......."......]...........c...0...~...................!......9.......(...8...$...a...,.......'......................&...........7...B...S...=.............."......%.......&...<...!...c...%.......".......#......'...... ...........;.......X.......m...........................(...

                                                                  C:\Program Files (x86)\gnupg\share\locale\zh_TW\LC_MESSAGES\libgpg-error.mo

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:GNU message catalog (little endian), revision 0.0, 490 messages, Project-Id-Version: libgpg-error 1.39 '\357\274\210\345\205\247\351\203\250 SQL \344\273\243\347\242\274\357\274\232empty \347\251\272\357\274\211'
                                                                  Category:dropped
                                                                  Size (bytes):31924
                                                                  Entropy (8bit):5.864748333118502
                                                                  Encrypted:false
                                                                  SSDEEP:768:RFHdAkT8HkCXnqOw60KSf7vMtzdCw1wHx9J8bttfITcJgkeb/1UVYfP8YeN4fSBL:Hv7vMpozHxcZtfIT1k2maP8YeN4fSBsW
                                                                  MD5:960E42B0C849C66579312435B7F7C362
                                                                  SHA1:F6F5248DE3522CB24F51B1F58ABDD87A74A71D88
                                                                  SHA-256:ECCFEE80064D5051019028FD78AE6AC7B844A84CCCD8C95CAB78295C01DD2AA3
                                                                  SHA-512:FD8DF35EA111C526346F96A6A70F975EFB69380F891868268188932BFDBBFDEB8E6E422032002667472859B060E8120B96A9B690BB8EC534A1B03C9A5CEED743
                                                                  Malicious:false
                                                                  Preview:................l................(.......(.......)......&)......;)......T)......k).."....).......).."....).......).......).......*.......*..&..."*......I*......T*..(...[*.......*.......*.......*.......*.......*.......*.......*.......*.......+.......+..$...1+..,...V+..+....+..&....+.......+..%....+..,....,......G,......Z,..!...c,..)....,..#....,.. ....,.......,.......-.......-......0-..*...?-..%...j-..,....-.......-.......-.......-.......-.......-......................(.......,.......8.......K.......f................................................................/......./......-/......C/......R/..#...n/......./.. ..../......./......./.......0.......0....../0......L0..&...a0.......0.......0.......0.......0.......0.......0.......0.......1.......1......(1......81......I1......V1......h1......y1.......1.......1.......1..,....1.......1.......1.......2.......2.......2.......2.......2.......2......@2......]2......p2.......2.......2.......2.......2.......2.......2.......2.......3......#3......

                                                                  C:\Users\user\AppData\Local\Temp\nss47C5.tmp\InstallOptions.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):29184
                                                                  Entropy (8bit):5.906860358895204
                                                                  Encrypted:false
                                                                  SSDEEP:384:0hB3lOzJjIRdIFJKR6nI1I7Pn1HJTsj+GYkvLziNe8Vf+x1qJ6aAI5dq26NwC:AlWjcKJKE7f1pgDvSNeo2kIabqsC
                                                                  MD5:7770A504CF10DB9899F7ADC59D4C7DEC
                                                                  SHA1:D1ECC15B69AF83AA8065199261E28D78947F7DA8
                                                                  SHA-256:E2E74ADC3704C5E7D52F10E17F384BA7D8D80C11900DDA0CE8E578A9944C4DDA
                                                                  SHA-512:694726085477E7E82C3B960D853910E12F24A6D97AC629586124B8D02DEF44DA24F3ACE6A3404FFA7BF2D410E93A1C6E918E149801201F4C9800991AABD6F212
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...<.J_...........#...".D...n...H...&.......`.....j.........................0............@... .............................................................. ...............................w......................|................................text...$B.......D..................`.P`.data........`.......H..............@.`..rdata.......p.......J..............@.`@.bss....\G............................`..edata...............V..............@.0@.idata...............X..............@.0..CRT....,............f..............@.0..tls.................h..............@.0..rsrc................j..............@.0..reloc....... .......l..............@.0B................................................................................................................................................................................................................................

                                                                  C:\Users\user\AppData\Local\Temp\nss47C5.tmp\LangDLL.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):7680
                                                                  Entropy (8bit):4.738131570640122
                                                                  Encrypted:false
                                                                  SSDEEP:96:vzQgZZbVchc6cttN0qYEo4p5obm85JakA0GHuRkNBQhRlMOr5:rJZZbVchc6cTNXp5ob5JsYkvQhR+Or
                                                                  MD5:20850D4D5416FBFD6A02E8A120F360FC
                                                                  SHA1:AC34F3A34AAA4A21EFD6A32BC93102639170E219
                                                                  SHA-256:860B409B065B747AAB2A9937F02D08B6FD7309993B50D8E4B53983C8C2B56B61
                                                                  SHA-512:C8048B9AE0CED72A384C5AB781083A76B96AE08D5C8A5C7797F75A7E54E9CD9192349F185EE88C9CF0514FC8D59E37E01D88B9C8106321C0581659EBE1D1C276
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...<.J_...........#..."...........................l......................................@... ......................P..I....`.......p..X.......................,....................................................`..h............................text............................... .0`.rdata..t.... ......................@.0@.bss....L....0........................`..edata..I....P......................@.0@.idata.......`......................@.0..rsrc...X....p......................@.0..reloc..,...........................@.0B........................................................................................................................................................................................................................................................................................................................................................

                                                                  C:\Users\user\AppData\Local\Temp\nss47C5.tmp\System.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):27136
                                                                  Entropy (8bit):5.98616973067504
                                                                  Encrypted:false
                                                                  SSDEEP:384:Hh2aeOfOkR+nMsNNtnQ8+y4nLD/B6D8p/Ykv7HyVOIgMHciS6hM:SOj4MWNxl+yCIDIv+nHI6
                                                                  MD5:4F25D99BF1375FE5E61B037B2616695D
                                                                  SHA1:958FAD0E54DF0736DDAB28FF6CB93E6ED580C862
                                                                  SHA-256:803931797D95777248DEE4F2A563AED51FE931D2DD28FAEC507C69ED0F26F647
                                                                  SHA-512:96A8446F322CD62377A93D2088C0CE06087DA27EF95A391E02C505FB4EB1D00419143D67D89494C2EF6F57AE2FD7F049C86E00858D1B193EC6DDE4D0FE0E3130
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...<.J_...........#...".F...f....../4.......`....td......................................@... .................................................................x...........................Tt......................4................................text....E.......F..................`.P`.data...4....`.......J..............@.0..rdata.......p.......L..............@.`@.bss..................................`..edata...............V..............@.0@.idata...............X..............@.0..CRT....,............`..............@.0..tls.................b..............@.0..reloc..x............d..............@.0B........................................................................................................................................................................................................................................................................

                                                                  C:\Users\user\AppData\Local\Temp\nss47C5.tmp\UserInfo.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):6144
                                                                  Entropy (8bit):4.546636740788312
                                                                  Encrypted:false
                                                                  SSDEEP:96:cAd6erkYOKDRTj+7uRkNBQhX7r8T5qeR6Ha:7YYOF7YkvQhrAT5qeJ
                                                                  MD5:9C8190BF734E58469EEB894B04C9FDA0
                                                                  SHA1:8BA2D3474EE1ACF315FBCCB7253E7CBDBAE414C2
                                                                  SHA-256:88860534A424835A4BC47D3DB8D0F4B1481442ED3EFDEB7338A7DDF616651A60
                                                                  SHA-512:910AF7DA023BCCDA2DBA873FF95769D24174B09C5F053E676E56A2F99F6E376009B7EE62FB23835285160C4C6FEABA99C530B978C1085A37D610D3FA1A4F3727
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...<.J_...........#..."...........................g.........................p............@... ......................@.......P...............................`.......................................................P..`............................text............................... .0`.rdata....... ......................@.`@.bss.........0........................0..edata.......@......................@.0@.idata.......P......................@.0..reloc.......`......................@.0B................................................................................................................................................................................................................................................................................................................................................................................................

                                                                  C:\Users\user\AppData\Local\Temp\nss47C5.tmp\g4wihelp.dll

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):61454
                                                                  Entropy (8bit):6.171039052020613
                                                                  Encrypted:false
                                                                  SSDEEP:768:jDbU/eGFyi/xvJ3QdiNAoC4bOGQU8CjIuP70jWva2Cqt1MI5/qyQdHgU4V+0c9Ep:Pbmyi/xvqMg4bYj3sC8MSqKUwFLJ
                                                                  MD5:4BAC7A07888F38B9F29396EB6A14EC8E
                                                                  SHA1:26D2CDF76C6B75D6421AAAEE77C2680121CCFD1D
                                                                  SHA-256:F458115200D6230F3ABCE4B8A82EA5BAA06753C3DFB92FBDB2762CA419B1055F
                                                                  SHA-512:27C38E114A6BC804C62A3332695FED93B7C6DED38E622A92FE05AD552BC7662AFCDED92D7D8FEF9E5918D416A851F99EF312C173BE82E62707EE0A1B2E10507A
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...#...........................j.........................`......,c........ .............................. ..H............................P.......................................................!..8............................text..............................`.P`.data...d...........................@.0..rdata..............................@.`@/4..................................@.0@.bss..................................`..edata..............................@.0@.idata..H.... ......................@.0..CRT....,....0......................@.0..tls.........@......................@.0..reloc.......P......................@.0B................................................................................................................................................................................................................................

                                                                  C:\Users\user\AppData\Local\Temp\nss47C5.tmp\homegpgbuilderbgnupg-2.4distPLAY-releasegnupg-w32-2.4.7build-auxspeedow32inst-options.ini

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:ASCII text, with CRLF, LF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):501
                                                                  Entropy (8bit):5.077217507592472
                                                                  Encrypted:false
                                                                  SSDEEP:12:lGsIAv7rilBQBq7B9BBbTb9B84iB9BN2QBLt:JIAvniXVBhLc/4Yt
                                                                  MD5:05D8ED4A198C0D1B08E03411AFC8DBB9
                                                                  SHA1:A4A811FC1D8B17CA60F3679EE2CAA90E031E6F80
                                                                  SHA-256:CB7BEF03E71D8A5FFBE356784C2ECA2A409A9D242C57B9BD7ED9B5B365804475
                                                                  SHA-512:8AAE1C7EB8CEEE0585CA3687BD07A2B690F5FBE5894DA082F88AE2AF33A80782CDEBB68C95C68978567C4B81DE4FF5B24E65042155704AD73AE462541E2BCB1E
                                                                  Malicious:false
                                                                  Preview:[Settings].NumFields=5.RTL=0...; The number of the fields here is known in w32inst.nsi..; The tags must be "[Field N]" with N=1..NumFields..[Field 1].Type=Label.Left=0.Right=-1.Top=0.Bottom=20..[Field 2].Type=Checkbox.Left=0.Right=-1.Top=30.Bottom=40.;Text=Start Menu.State=1..[Field 3].Type=Checkbox.Left=0.Right=-1.Top=50.Bottom=60.;Text=Desktop.State=0..[Field 4].Type=Checkbox.Left=0.Right=-1.Top=70.Bottom=80.;Text=Quick Launch Bar.State=0..[Field 5].Type=Label.Left=0.Right=-1.Top=90.Bottom=130.

                                                                  C:\Users\user\AppData\Local\Temp\nss47C5.tmp\ioSpecial.ini

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):1654
                                                                  Entropy (8bit):3.7190375494219525
                                                                  Encrypted:false
                                                                  SSDEEP:24:Q+sxvh5SAD5ylSjqWCs7y6Paw9nMB6k8l4OCxG6Ck6fYpbaH6OLpC+nT7p9M6jca:rsxZoAQSjqQtaP8lQQIadLjXXFF1V
                                                                  MD5:5CCAF92491DED1A1E3472DCD4AD89CD6
                                                                  SHA1:1C3354212CEF9CBB37D8B394F00BAE844FF8CEA1
                                                                  SHA-256:A4C43669F8D4D78B9E19FFF52E71870503C82C3FF97730E84B74BC4F5F1639BE
                                                                  SHA-512:BE09615C0E4F46839AEA268CC344CB326D0BCAA7433CC9F1A8AE4B88FC7D6E63AB727CB3916D47EE81EB7997353543B154A5B517B0417AE3BA6B85FC5FE08F65
                                                                  Malicious:false
                                                                  Preview:..[.S.e.t.t.i.n.g.s.].....R.e.c.t.=.1.0.4.4.....N.u.m.F.i.e.l.d.s.=.5.....R.T.L.=.0.....N.e.x.t.B.u.t.t.o.n.T.e.x.t.=.&.F.i.n.i.s.h.....C.a.n.c.e.l.E.n.a.b.l.e.d.=.....S.t.a.t.e.=.0.....[.F.i.e.l.d. .1.].....T.y.p.e.=.b.i.t.m.a.p.....L.e.f.t.=.0.....R.i.g.h.t.=.1.0.9.....T.o.p.=.0.....B.o.t.t.o.m.=.1.9.3.....F.l.a.g.s.=.R.E.S.I.Z.E.T.O.F.I.T.....T.e.x.t.=.C.:.\.U.s.e.r.s.\.a.l.f.o.n.s.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.n.s.s.4.7.C.5...t.m.p.\.m.o.d.e.r.n.-.w.i.z.a.r.d...b.m.p.....H.W.N.D.=.1.9.7.8.1.2.....[.F.i.e.l.d. .2.].....T.y.p.e.=.l.a.b.e.l.....L.e.f.t.=.1.2.0.....R.i.g.h.t.=.3.1.5.....T.o.p.=.1.0.....T.e.x.t.=.C.o.m.p.l.e.t.i.n.g. .G.N.U. .P.r.i.v.a.c.y. .G.u.a.r.d. .S.e.t.u.p.....B.o.t.t.o.m.=.3.8.....H.W.N.D.=.1.9.7.2.2.4.....[.F.i.e.l.d. .3.].....T.y.p.e.=.l.a.b.e.l.....L.e.f.t.=.1.2.0.....R.i.g.h.t.=.3.1.5.....T.o.p.=.4.5.....B.o.t.t.o.m.=.8.5.....T.e.x.t.=.G.N.U. .P.r.i.v.a.c.y. .G.u.a.r.d. .h.a.s. .b.e.e.n. .i.n.s.t.a.l.l.e.d. .o.n. .y.o.u.r. .c.o.m.p.u.t.e.r...\.r.\.

                                                                  C:\Users\user\AppData\Local\Temp\nss47C5.tmp\modern-header.bmp

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PC bitmap, Windows 3.x format, 150 x 57 x 8, 1 compression, image size 3224, resolution 3543 x 3543 px/m, 141 important colors, cbSize 3842, bits offset 618
                                                                  Category:dropped
                                                                  Size (bytes):3842
                                                                  Entropy (8bit):5.54901205011888
                                                                  Encrypted:false
                                                                  SSDEEP:48:4H/+m8TNqANRUTzAg5tnFxgiS3bXRDnt+82zMJ0vu6qaHG1QuupkHDzk07mTqLqs:A/MeTzHFxnmzRDn082oJ026qmG1vJNh
                                                                  MD5:7C7A4DAFAD1401768402EA47A6DE25FD
                                                                  SHA1:97526E53CB2C4E2C074B4F5A667E81954C8F238E
                                                                  SHA-256:FBCE6F991A9F6BF3DFD45B56CDDDCF4DEFFC200567EB3EF410057D3C13985CB2
                                                                  SHA-512:4E11C2C8C0B4EC27AD0435E3F4FDC94D0F0E0068C1EA601D8F9BAFFC797BE63D1FE1C3E32F0F03109712E408659B8C1138BCA9ADECD35B0D20363C0EF31DA149
                                                                  Malicious:false
                                                                  Preview:BM........j...(.......9..................................................................!..#.....%.....(.....-...../.....1.. ..3..#..%..6..8..:..;..=..?..@..B..C..E..O..P..E..R..S..T..I..U..W..X..Y..b..X..c..e..f..g...^..h..i...j...i...r...s...t...u...v...x...y...z..............................................................................................................................................................................................................................................................................................0....mZMMZj."....cMSj.'...}cWMS`w.........s1.................*.......`".......F.....}-..v.........}....>.......M.b..>.....{...y......B........*c........yW>4/34=:/!...........r!..........=.....}$..s.........}....-.........3b..=....y...x....I............d.........{N".................d.....9WfjbP4.........}$..s.........}.....M...*`rfA.....=.....y...x.....

                                                                  C:\Users\user\AppData\Local\Temp\nss47C5.tmp\modern-wizard.bmp

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  File Type:PC bitmap, Windows 3.x format, 164 x 314 x 8, 1 compression, image size 3444, resolution 3543 x 3543 px/m, 171 important colors, cbSize 4182, bits offset 738
                                                                  Category:dropped
                                                                  Size (bytes):4182
                                                                  Entropy (8bit):4.580286389496361
                                                                  Encrypted:false
                                                                  SSDEEP:48:0OkAuk3WYqRrsyDuL+dzEsPVMsIGZ9E+TOoTkCQiAqcEa2PJklXejAa1qiJ5y:NlWZOL+w+zHcEauJw/Gr5y
                                                                  MD5:10742CCFC33F33A36E742FDB576578BC
                                                                  SHA1:9D38D02A1E34804BED1D6EA6962C99CE30041CCE
                                                                  SHA-256:0B19FAE4C2246916A25690F8A39CD72BAD187132852143103E5B7A94ADF05EBB
                                                                  SHA-512:172C58F27965DE23BE1F486624681F60F30314D04304CE7CAA5FFB03482966E9BA1A141D1833954F6DBFB65CFD309221DAAF80DBCA1B707D7DA6527EE757E4C1
                                                                  Malicious:false
                                                                  Preview:BMV...........(.......:...........t......................................................!..#.....%.....(........-...../.....1.. ..3..#..4..%..6..(..8..:..;..=..?..@..B..C..E..C..P..R..S..H..T..I..U..K..W..X..V..Y..b..X..[..c..Y..Z..e..\..f..]..g...^..h..i...j...l...j...m...s...t...u...n...v...x...y...z......{........................................................................................................................................................................................................................................................................................................................................................................................................................................................I3.......9...............................................................................................................................

                                                                  Static File Info

                                                                  General

                                                                  File type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, Nullsoft Installer self-extracting archive
                                                                  Entropy (8bit):7.997697163989119
                                                                  TrID:
                                                                  • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                  • Generic Win/DOS Executable (2004/3) 0.02%
                                                                  • DOS Executable Generic (2002/1) 0.02%
                                                                  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                  File name:gnupg-w32-2.4.7_20241125.exe
                                                                  File size:5'625'560 bytes
                                                                  MD5:89b24563d66bf8a2dd854af031298e71
                                                                  SHA1:dc6c234c76747a5ac078fe5d5300c926e2de57e2
                                                                  SHA256:caf2904c02c02c94cbe137f01b63e5a43dbea92d27ea66e56f0af4af2c70c170
                                                                  SHA512:601bc04fa88cfe8b5dec2914a08acd87433d20049699fa0daf029933045ee42c22e1e7fe09de58c641593c2d59573a8129f328f48b936d126f2b49de9682e9e0
                                                                  SSDEEP:98304:qysWTzusSGwnuF4drPbuNg5uI8Jr1zdbwBMIv0sr0qad1aro1KlbWS:H5TzLSG0uF41D8gBMbPE06eQdWS
                                                                  TLSH:34463319BB718CEAD7197E3069A2665309CA6F60CC1E4D47EB40D36BEC332179B25783
                                                                  File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...<.J_..............."............FD............@..........................@......2.V...@... ............................

                                                                  File Icon

                                                                  Icon Hash:0771ccf8d84d2907

                                                                  Static PE Info

                                                                  General

                                                                  Entrypoint:0x404446
                                                                  Entrypoint Section:.text
                                                                  Digitally signed:true
                                                                  Imagebase:0x400000
                                                                  Subsystem:windows gui
                                                                  Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, DEBUG_STRIPPED
                                                                  DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                                                                  Time Stamp:0x5F4AAD3C [Sat Aug 29 19:32:12 2020 UTC]
                                                                  TLS Callbacks:
                                                                  CLR (.Net) Version:
                                                                  OS Version Major:4
                                                                  OS Version Minor:0
                                                                  File Version Major:4
                                                                  File Version Minor:0
                                                                  Subsystem Version Major:4
                                                                  Subsystem Version Minor:0
                                                                  Import Hash:730491907e677638ab304e28646ba09c

                                                                  Authenticode Signature

                                                                  Signature Valid:true
                                                                  Signature Issuer:CN=GlobalSign GCC R45 CodeSigning CA 2020, O=GlobalSign nv-sa, C=BE
                                                                  Signature Validation Error:The operation completed successfully
                                                                  Error Number:0
                                                                  Not Before, Not After
                                                                  • 08/04/2022 10:26:24 02/07/2025 14:12:13
                                                                  Subject Chain
                                                                  • E=code@g10code.com, CN=g10 Code GmbH, O=g10 Code GmbH, L=Erkrath, S=Nordrhein-Westfalen, C=DE
                                                                  Version:3
                                                                  Thumbprint MD5:AA2F9924D684F241971BBE3BFA7D1D1B
                                                                  Thumbprint SHA-1:B2852D4490F655EBEADF9FFD8D092E8154450077
                                                                  Thumbprint SHA-256:DFB59B705C479E4EFF34ADBFF9B8DCAF5F74D3F65891F38CD1B10DC8D3F14220
                                                                  Serial:4F7382A39E57A34E167CF912
                                                                  Instruction
                                                                  push ebp
                                                                  mov ebp, esp
                                                                  push edi
                                                                  push esi
                                                                  push ebx
                                                                  sub esp, 000002FCh
                                                                  mov dword ptr [esp], 00008001h
                                                                  call dword ptr [00434480h]
                                                                  push esi
                                                                  call dword ptr [00434440h]
                                                                  and eax, BFFFFFFFh
                                                                  mov dword ptr [0042AA40h], eax
                                                                  cmp ax, 0006h
                                                                  je 00007FC2CC85126Dh
                                                                  mov dword ptr [esp], 00000000h
                                                                  call 00007FC2CC855C25h
                                                                  push ebx
                                                                  test eax, eax
                                                                  je 00007FC2CC85125Ch
                                                                  mov dword ptr [esp], 00000C00h
                                                                  call eax
                                                                  push ecx
                                                                  mov ebx, 0040C4A0h
                                                                  mov dword ptr [esp], ebx
                                                                  call 00007FC2CC855B79h
                                                                  push eax
                                                                  mov dword ptr [esp], ebx
                                                                  call dword ptr [004344BCh]
                                                                  lea ebx, dword ptr [ebx+eax+01h]
                                                                  push edx
                                                                  cmp byte ptr [ebx], 00000000h
                                                                  jne 00007FC2CC851236h
                                                                  mov dword ptr [esp], 0000000Bh
                                                                  call 00007FC2CC855BE9h
                                                                  push ebx
                                                                  mov dword ptr [esp], 00000009h
                                                                  call 00007FC2CC855BDCh
                                                                  push esi
                                                                  mov dword ptr [0042AA44h], eax
                                                                  mov dword ptr [esp], 00000007h
                                                                  call 00007FC2CC855BCAh
                                                                  push edi
                                                                  test eax, eax
                                                                  je 00007FC2CC85126Ah
                                                                  mov dword ptr [esp], 0000001Eh
                                                                  call eax
                                                                  push ecx
                                                                  test eax, eax
                                                                  je 00007FC2CC85125Ch
                                                                  or dword ptr [0042AA40h], 40000000h
                                                                  call dword ptr [00434394h]
                                                                  mov dword ptr [esp], 00000000h
                                                                  call dword ptr [004344D4h]
                                                                  NameVirtual AddressVirtual Size Is in Section
                                                                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_IMPORT0x340000x13f8.idata
                                                                  IMAGE_DIRECTORY_ENTRY_RESOURCE0x4e0000x50f0.rsrc
                                                                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_SECURITY0x55adf80x28e0
                                                                  IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                  Sections

                                                                  NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                  .text0x10000x92540x940093dfc062f83deb96dcb08695fdef1eb8False0.5264727618243243data5.930795714996362IMAGE_SCN_CNT_CODE, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                  .data0xb0000xe00x200b2a5c94a9680012a72436066e2f7740eFalse0.193359375data1.4481589340642336IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_8BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_2048BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                  .rdata0xc0000x758c0x76001d40af081afca5c0f936d13a7b55e8a5False0.6911745233050848data7.192481840346671IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_8BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_2048BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ
                                                                  .bss0x140000x1fe200x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_8BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_2048BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                  .idata0x340000x13f80x1400350475874cf34da3f737c1b4b196ed1cFalse0.393359375data5.348274196082192IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                  .ndata0x360000x180000x200bf619eac0cdf3f68d496ea9344137e8bFalse0.02734375data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                  .rsrc0x4e0000x50f00x5200b25cfb8cdea9e83512d966ee7b6ba628False0.5646913109756098data5.721856490213528IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                  NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                  RT_BITMAP0x4e3d00x666Device independent bitmap graphic, 96 x 16 x 8, image size 1538, resolution 2868 x 2868 px/m, 15 important colorsEnglishUnited States0.18192918192918192
                                                                  RT_ICON0x4ea380x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4224EnglishUnited States0.7213883677298312
                                                                  RT_ICON0x4fae00xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2688, 256 important colorsEnglishUnited States0.6751066098081023
                                                                  RT_ICON0x509880x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1152, 256 important colorsEnglishUnited States0.7851985559566786
                                                                  RT_ICON0x512300x568Device independent bitmap graphic, 16 x 32 x 8, image size 320, 256 important colorsEnglishUnited States0.6560693641618497
                                                                  RT_ICON0x517980x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088EnglishUnited States0.8031914893617021
                                                                  RT_ICON0x51c000x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 640EnglishUnited States0.3118279569892473
                                                                  RT_ICON0x51ee80x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishUnited States0.36824324324324326
                                                                  RT_DIALOG0x520100xb4dataEnglishUnited States0.6166666666666667
                                                                  RT_DIALOG0x520c80x164dataEnglishUnited States0.5308988764044944
                                                                  RT_DIALOG0x522300x246dataEnglishUnited States0.38316151202749144
                                                                  RT_DIALOG0x524780x104dataEnglishUnited States0.6076923076923076
                                                                  RT_DIALOG0x525800xa0dataEnglishUnited States0.60625
                                                                  RT_DIALOG0x526200xeedataEnglishUnited States0.6176470588235294
                                                                  RT_GROUP_ICON0x527100x68dataEnglishUnited States0.6634615384615384
                                                                  RT_VERSION0x527780x548dataEnglishUnited States0.4541420118343195
                                                                  RT_MANIFEST0x52cc00x42eXML 1.0 document, ASCII text, with very long lines (1070), with no line terminatorsEnglishUnited States0.5149532710280373
                                                                  DLLImport
                                                                  ADVAPI32.dllAdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, RegCloseKey, RegCreateKeyExW, RegDeleteKeyW, RegDeleteValueW, RegEnumKeyW, RegEnumValueW, RegOpenKeyExW, RegQueryValueExW, RegSetValueExW, SetFileSecurityW
                                                                  COMCTL32.DLLImageList_AddMasked, ImageList_Create, ImageList_Destroy, InitCommonControls
                                                                  GDI32.dllCreateBrushIndirect, CreateFontIndirectW, DeleteObject, GetDeviceCaps, SelectObject, SetBkColor, SetBkMode, SetTextColor
                                                                  KERNEL32.dllCloseHandle, CompareFileTime, CopyFileW, CreateDirectoryW, CreateFileW, CreateProcessW, CreateThread, DeleteFileW, ExitProcess, ExpandEnvironmentStringsW, FindClose, FindFirstFileW, FindNextFileW, FreeLibrary, GetCommandLineW, GetCurrentProcess, GetDiskFreeSpaceW, GetExitCodeProcess, GetFileAttributesW, GetFileSize, GetFullPathNameW, GetLastError, GetModuleFileNameW, GetModuleHandleA, GetModuleHandleW, GetPrivateProfileStringW, GetProcAddress, GetShortPathNameW, GetSystemDirectoryW, GetTempFileNameW, GetTempPathW, GetTickCount, GetVersion, GetWindowsDirectoryW, GlobalAlloc, GlobalFree, GlobalLock, GlobalUnlock, LoadLibraryExW, MoveFileExW, MoveFileW, MulDiv, MultiByteToWideChar, ReadFile, RemoveDirectoryW, SearchPathW, SetCurrentDirectoryW, SetEnvironmentVariableW, SetErrorMode, SetFileAttributesW, SetFilePointer, SetFileTime, Sleep, WaitForSingleObject, WideCharToMultiByte, WriteFile, WritePrivateProfileStringW, lstrcatW, lstrcmpW, lstrcmpiA, lstrcmpiW, lstrcpyA, lstrcpynW, lstrlenA, lstrlenW
                                                                  ole32.dllCoCreateInstance, CoTaskMemFree, IIDFromString, OleInitialize, OleUninitialize
                                                                  SHELL32.dllSHBrowseForFolderW, SHFileOperationW, SHGetFileInfoW, SHGetPathFromIDListW, SHGetSpecialFolderLocation, ShellExecuteExW
                                                                  USER32.dllAppendMenuW, BeginPaint, CallWindowProcW, CharNextA, CharNextW, CharPrevW, CheckDlgButton, CloseClipboard, CreateDialogParamW, CreatePopupMenu, CreateWindowExW, DefWindowProcW, DestroyWindow, DialogBoxParamW, DispatchMessageW, DrawTextW, EmptyClipboard, EnableMenuItem, EnableWindow, EndDialog, EndPaint, ExitWindowsEx, FillRect, FindWindowExW, GetClassInfoW, GetClientRect, GetDC, GetDlgItem, GetDlgItemTextW, GetMessagePos, GetSysColor, GetSystemMenu, GetSystemMetrics, GetWindowLongW, GetWindowRect, InvalidateRect, IsWindow, IsWindowEnabled, IsWindowVisible, LoadCursorW, LoadImageW, MessageBoxIndirectW, OpenClipboard, PeekMessageW, PostQuitMessage, RegisterClassW, ReleaseDC, ScreenToClient, SendMessageTimeoutW, SendMessageW, SetClassLongW, SetClipboardData, SetCursor, SetDlgItemTextW, SetForegroundWindow, SetTimer, SetWindowLongW, SetWindowPos, SetWindowTextW, ShowWindow, SystemParametersInfoW, TrackPopupMenu, wsprintfA, wsprintfW
                                                                  DescriptionData
                                                                  CommentsGnuPG is Free Software; you can redistribute it and/or modify it under the terms of the GNU General Public License. You should have received a copy of the GNU General Public License along with this software; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
                                                                  CompanyNameThe GnuPG Project
                                                                  FileDescriptionGnuPG: The GNU Privacy Guard for Windows
                                                                  FileVersion2.4.7.31706
                                                                  LegalCopyrightCopyright (C) 2024 g10 Code GmbH
                                                                  LegalTrademarks
                                                                  ProductNameGnuPG (2.4.7)
                                                                  Translation0x0409 0x04b0

                                                                  Possible Origin

                                                                  Language of compilation systemCountry where language is spokenMap
                                                                  EnglishUnited States

                                                                  Network Behavior

                                                                  No network behavior found

                                                                  Statistics

                                                                  CPU Usage

                                                                  Click to jump to process

                                                                  Memory Usage

                                                                  050100s0.00510152025MB

                                                                  Click to jump to process

                                                                  High Level Behavior Distribution

                                                                  • File
                                                                  • Registry

                                                                  Click to dive into process behavior distribution

                                                                  Behavior

                                                                  Click to jump to process

                                                                  System Behavior

                                                                  General

                                                                  Target ID:0
                                                                  Start time:10:48:55
                                                                  Start date:22/04/2025
                                                                  Path:C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe
                                                                  Wow64 process (32bit):true
                                                                  Commandline:"C:\Users\user\Desktop\gnupg-w32-2.4.7_20241125.exe"
                                                                  Imagebase:0x400000
                                                                  File size:5'625'560 bytes
                                                                  MD5 hash:89B24563D66BF8A2DD854AF031298E71
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:low
                                                                  Has exited:true
                                                                  Show Windows behavior

                                                                  File Activities

                                                                  Show Windows behavior

                                                                  Section Activities

                                                                  Show Windows behavior

                                                                  Registry Activities

                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                  Show Windows behavior

                                                                  Mutex Activities

                                                                  Show Windows behavior

                                                                  Process Activities

                                                                  Show Windows behavior

                                                                  Thread Activities

                                                                  Show Windows behavior

                                                                  Memory Activities

                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                  Show Windows behavior

                                                                  Windows UI Activities

                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                                  General

                                                                  Target ID:7
                                                                  Start time:10:49:28
                                                                  Start date:22/04/2025
                                                                  Path:C:\Windows\SysWOW64\notepad.exe
                                                                  Wow64 process (32bit):true
                                                                  Commandline:"C:\Windows\system32\NOTEPAD.EXE" C:\Program Files (x86)\gnupg\README.txt
                                                                  Imagebase:0x690000
                                                                  File size:165'888 bytes
                                                                  MD5 hash:E92D3A824A0578A50D2DD81B5060145F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:moderate
                                                                  Has exited:false
                                                                  Show Windows behavior

                                                                  File Activities

                                                                  Show Windows behavior

                                                                  Section Activities

                                                                  Show Windows behavior

                                                                  Registry Activities

                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                  Show Windows behavior

                                                                  Mutex Activities

                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                  Show Windows behavior

                                                                  Thread Activities

                                                                  Show Windows behavior

                                                                  Memory Activities

                                                                  Show Windows behavior

                                                                  System Activities

                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                  Show Windows behavior

                                                                  Windows UI Activities

                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                                  Disassembly

                                                                  No disassembly