Windows Analysis Report AirServer-5.6.3-x64.msi
Overview
General Information
Detection
Score: | 15 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 0% |
Compliance
Score: | 64 |
Range: | 0 - 100 |
Signatures
Classification
Analysis Advice |
---|
Sample drops PE files which have not been started, submit dropped PE samples for a secondary analysis to Joe Sandbox |
Sample is looking for USB drives. Launch the sample with the USB Fake Disk cookbook |
Sample may be VM or Sandbox-aware, try analysis on a native machine |
Sample tries to load a library which is not present or installed on the analysis machine, adding the library might reveal more behavior |
Sample monitors window changes (e.g. starting applications), analyze the sample with the 'Simulates keyboard and window changes' cookbook |
|
Malware Configuration |
---|
No configs have been found |
---|
Yara Overview |
---|
No yara matches |
---|
Sigma Overview |
---|
No Sigma rule has matched |
---|
Jbx Signature Overview |
---|
- • Cryptography
- • Compliance
- • Spreading
- • Networking
- • System Summary
- • Data Obfuscation
- • Persistence and Installation Behavior
- • Boot Survival
- • Hooking and other Techniques for Hiding and Protection
- • Malware Analysis System Evasion
- • Anti Debugging
- • HIPS / PFW / Operating System Protection Evasion
- • Language, Device and Operating System Detection
Click to jump to signature section
Source: | Binary or memory string: |
Compliance: |
---|
Creates license or readme file |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Creates a software uninstall entry |
Source: | Registry value created: | Jump to behavior |
Creates a directory in C:\Program Files |
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior |
PE / OLE file has a valid certificate |
Source: | Static PE information: |
Binary contains paths to debug symbols |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: | ||
Source: | File opened: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | File deleted: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: |
Source: | Code function: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: | ||
Source: | Section loaded: |
Source: | Process token adjusted: |
Source: | Key opened: |
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: | ||
Source: | Process created: |
Source: | Key value queried: |
Source: | WMI Queries: |
Source: | File created: | Jump to behavior |
Source: | Classification label: |
Source: | File read: | Jump to behavior |
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Static file information: |
Source: | Mutant created: |
Source: | File created: | Jump to behavior |
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: | ||
Source: | Automated click: |
Source: | Window detected: |
Source: | Registry value created: | Jump to behavior |
Source: | Static file information: |
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior | ||
Source: | Directory created: | Jump to behavior |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | Registry key monitored for changes: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Malware Analysis System Evasion: |
---|
Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines) |
Source: | WMI Queries: |
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file |
Source: | Window / User API: | ||
Source: | Window / User API: |
Source: | WMI Queries: |
Source: | WMI Queries: |
Source: | Process information queried: |
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: |
Source: | Process created: | ||
Source: | Process created: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: |
Source: | Key value queried: |
Source: | Code function: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Spearphishing Link1 | Windows Management Instrumentation121 | Windows Service1 | Windows Service1 | Masquerading22 | OS Credential Dumping | System Time Discovery1 | Replication Through Removable Media1 | Archive Collected Data11 | Exfiltration Over Other Network Medium | Encrypted Channel1 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Replication Through Removable Media1 | Scheduled Task/Job | Registry Run Keys / Startup Folder1 | Process Injection12 | Virtualization/Sandbox Evasion121 | LSASS Memory | Query Registry1 | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Junk Data | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | DLL Side-Loading1 | Registry Run Keys / Startup Folder1 | Process Injection12 | Security Account Manager | Security Software Discovery131 | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Steganography | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | DLL Side-Loading1 | Deobfuscate/Decode Files or Information1 | NTDS | Virtualization/Sandbox Evasion121 | Distributed Component Object Model | Input Capture | Scheduled Transfer | Protocol Impersonation | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | Obfuscated Files or Information1 | LSA Secrets | Process Discovery2 | SSH | Keylogging | Data Transfer Size Limits | Fallback Channels | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | Timestomp1 | Cached Domain Credentials | Application Window Discovery1 | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | DLL Side-Loading1 | DCSync | Peripheral Device Discovery11 | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact | |
Drive-by Compromise | Command and Scripting Interpreter | Scheduled Task/Job | Scheduled Task/Job | File Deletion1 | Proc Filesystem | File and Directory Discovery1 | Shared Webroot | Credential API Hooking | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Application Layer Protocol | Downgrade to Insecure Protocols | Generate Fraudulent Advertising Revenue | |
Exploit Public-Facing Application | PowerShell | At (Linux) | At (Linux) | Masquerading | /etc/passwd and /etc/shadow | System Information Discovery25 | Software Deployment Tools | Data Staged | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol | Web Protocols | Rogue Cellular Base Station | Data Destruction |
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
0% | Metadefender | Browse | ||
0% | ReversingLabs |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | Metadefender | Browse | ||
0% | ReversingLabs | |||
3% | Metadefender | Browse | ||
2% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | ReversingLabs | |||
0% | Metadefender | Browse | ||
0% | ReversingLabs |
No Antivirus matches |
---|
No Antivirus matches |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
No contacted domains info |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false |
| low | ||
false |
| low | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|
IP |
---|
192.168.2.1 |
General Information |
---|
Joe Sandbox Version: | 34.0.0 Boulder Opal |
Analysis ID: | 531974 |
Start date: | 01.12.2021 |
Start time: | 15:48:28 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 9m 49s |
Hypervisor based Inspection enabled: | false |
Report type: | light |
Sample file name: | AirServer-5.6.3-x64.msi |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 26 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean15.evad.winMSI@21/62@0/1 |
EGA Information: | Failed |
HDC Information: |
|
HCA Information: | Failed |
Cookbook Comments: |
|
Warnings: | Show All
|
No simulations |
---|
No context |
---|
No context |
---|
No context |
---|
No context |
---|
No context |
---|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | modified |
Size (bytes): | 345345 |
Entropy (8bit): | 6.59572804648539 |
Encrypted: | false |
SSDEEP: | 6144:mAvFXpATpV9E8TytVm5657r+0G/kvzoaBcHLnNs:mcqTjpTPK7r+7kbvBcHxs |
MD5: | C2F3F684C686DECD9601725F831D6D3D |
SHA1: | 8AC30B5B3AC1256902E3C232B0E46A5ED8F2530A |
SHA-256: | 60944829AB9B69CE26ECACBFC7CCFFC37B0FDD759B43494968A9C5D3C24361B0 |
SHA-512: | 81A8BF4FFF9A8D7FDC91A413AB6CDAADE03CDE2BDD7D0CA55FA8D7344176161DC7E9865BA689D50721A10B1D7E73A9815AB8624ED93CA67D2ECBCD8A4E049CDF |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1010688 |
Entropy (8bit): | 6.094492676456435 |
Encrypted: | false |
SSDEEP: | 24576:sbhyxZ1+DMQAZ9TzhpWSFKnvAvBb4wl5VNVQ:QhysDMQAZ9Tz6i8M5a |
MD5: | F64C742467826EAADE07546FAEAEB177 |
SHA1: | 90EB518A339384DA335660F08ADE67354E3B2D60 |
SHA-256: | 7F0A12383F4E0F684FF0DB387D8889E4EA84BF5397E076EF59898B30914C0A26 |
SHA-512: | 16B0BA940E569F3EBE3C056A13859E927F7A5590F0417BE1BD8790EC29A4DEDCDDDB631FDCBD0DA45AC54484E56F06AAD78A7932BB6AC3E0A053F01827E50D8F |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 210944 |
Entropy (8bit): | 5.757947441105646 |
Encrypted: | false |
SSDEEP: | 3072:uQbQQDnXVJLyF/2bCkEhacHHCx/i84aFmMLmnll8V7TnOP1tEJX70N:ubQDf+FSqK/5LmlZJ |
MD5: | 27F3C69CABF8BADED4F3257FCFD2C8FD |
SHA1: | B87BA3F7C8594C2338C45DB5708B6FC532C08F42 |
SHA-256: | C204C6F4AF72528E7FBE6A43E725EC8E30FCB312BFB1A695A0504E2623D5A2A2 |
SHA-512: | 5D53FC6103B83F3BA56D2235CA3D44688E34349677732EB39599E794E5E773477833B8D7E7497AABA2315AD308DEBAD6FA7315913D40F5F0A9C0D0F64A9B5CD0 |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 17128288 |
Entropy (8bit): | 7.035693113999231 |
Encrypted: | false |
SSDEEP: | 393216:t3LiCJz29Pc1DY8Jsv6tWKFdu9C8JNLVDJNL9E+Og:tuKyrL9rL9E+3 |
MD5: | 071272D03169059BDAE6EBC2F9AA4E95 |
SHA1: | 83B266120850E94FD101790CA043C046CCB4E154 |
SHA-256: | 66B4E7FAE54811B2A22EF36200C8B0F48294B63F17BA146A3BE437B11741A507 |
SHA-512: | 23FEFB220603CFA0F6CEFCA5314767D93A2DDD9125853312487188370AE9D67F9AE8200C12817CD2641F8995270F7189A31D26F8BA1FB4C8937ECDA587AEB148 |
Malicious: | true |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 21344 |
Entropy (8bit): | 5.912759004920895 |
Encrypted: | false |
SSDEEP: | 384:XavGDBl/PR9lqwBZWqEDppHZ7R5unZEZsHLQSkFCMK6jL:KMzh9lqwLfEz5730VA1KgL |
MD5: | 79D6FC2DA5673AA64C9127D9F0D12568 |
SHA1: | 8F9F382CECC62F62338098762ED96082B9C7317E |
SHA-256: | AF31CE92BEC3F2FCED16652AA571AE637DD809FB4C7288CAD7C3A7BBC1C360BF |
SHA-512: | 73AD3B8C2F8FA404E555CD9EFE0C8AC984EFF4EEAD0D51BBEBF2A6C4A24F160CFF3A1F455247A7F43A3D7AFED4AA4946C8D9A3E434E10D69A706B47394F28A6F |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 40800 |
Entropy (8bit): | 5.565458871311275 |
Encrypted: | false |
SSDEEP: | 384:3Kw1FpLsRzxzRt82en5qcuVwvrROn5ZaNDt3+gPa5lmKMnZEZsHLM47MK6jtjO:awH2es4tP+gPa5MVYKgs |
MD5: | DBD2E13EC0B7313B91B80DECFF59BE1F |
SHA1: | 6E72423737E7531542609D1ECC86A71D376BC8ED |
SHA-256: | FC6FA85FBC807BBBC76BE406D93B75A92D53DCD44D0D7DBF2D14E7E70D6CF6E5 |
SHA-512: | 2EFABB1A73388C1C59D06C01F3B5314D629A21F339E8090EF8A92BB7A6BC3B134C842BD0F3B1BBC93B3AE8F93F5E648F2811801EE323637D0966D84042300DC3 |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | modified |
Size (bytes): | 41200 |
Entropy (8bit): | 3.606650110861495 |
Encrypted: | false |
SSDEEP: | 192:N7PNlTKmzUHX1klOOthZZbwy87aqbqIJVHUt/sXL7GGeHPff/OM2EaoDfQhUA0xN:N7SziSHUr3L |
MD5: | BFFA696B649EC8E13D3774891270E897 |
SHA1: | 0230F0A0F7A20F9BD46DFA39A3EC7E1D25853949 |
SHA-256: | 6E8F28A72BF10AAAA86582E1E3EE2173B99D188385D6758D877E090FD53F7027 |
SHA-512: | CF74931E33C3D7ED06C8BBC27F52BD98AD9D9F9B55F2C8FCEFBF98CB29F3ECD696EE37EC8251ADA955BD8DEC1DCF3EB36CDD689AC12BB8D30D6A1E9692F4D3AD |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 118784 |
Entropy (8bit): | 5.79285423024278 |
Encrypted: | false |
SSDEEP: | 3072:oRdAQbTEa44rn0RpiMzpCaEhuXgh5lGnfqA6fwlYJMEkoA4I6:oRSQbTEa44L0RpiMzAaEhuXelGfDDEA4 |
MD5: | 27DD8DD16F29B0F21BA5F34FF4ABDA10 |
SHA1: | F56D02AAD3E2E776EC16B8786294D7C80E426A67 |
SHA-256: | 897C5410F66A729A4A1BE08C9AA43DC449CC7DD05FB13DA84BC8C941302A8FD3 |
SHA-512: | 91148541745D1EED8C67F67148746389373C7E4E3ED2F12A933B6B19E7070271A17686A3ED18E652FB8E815D35D1245F1546CA9EF5CAA84E8012BB2054E9CF66 |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 96608 |
Entropy (8bit): | 5.9315465971801045 |
Encrypted: | false |
SSDEEP: | 1536:OJbCTQu+xG38ZILkcniWVoAw8ufo0nZqGYTZlie+hphqNk3I7:OaQZxGLkcn1Bw8uf1n2ZliDh6Nk3c |
MD5: | 4D3CB4A21BE988D218B38B8DA1C07DDE |
SHA1: | 1D9A8FA65324C625955F33D6E66579701CB4A684 |
SHA-256: | 4B4AAB2DF348FAD3F5513CC5CC591A73DB92DEDE7915D1C7730CD2232E9AA174 |
SHA-512: | 65194053242C418B5CBE00EEF3872EA076AB4F0A6F75603528D4C7A24F766FB548EAA5D4986E05FECE181ECA8E5B4523D091824873584125342DE5E6F32CB294 |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12863 |
Entropy (8bit): | 5.079324617500121 |
Encrypted: | false |
SSDEEP: | 384:RCrF0NBqFOoaaiVUYTT26T2oof8R21Ch13wSmX2:Er+NBqFMVZT26Uv0z3b |
MD5: | 32F1F6B7694652C623F3C0024C947BBE |
SHA1: | 50724A7E79CCB694AAB51C72297DE9ACEB57AD43 |
SHA-256: | B800860EA57AF9EAB0D6F77998A3F24886DE120A6F2D4AA7770BB76E7FC055E3 |
SHA-512: | 990652E109BE0922648C2F3664CD07A2FF88BCFC0F713CC1505183028D5E7B91EC2C5CDAFDF487C765020D5DD26C7B4902313B0C21EC340A6C736EBA238A4A50 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 652089 |
Entropy (8bit): | 7.9825460611482155 |
Encrypted: | false |
SSDEEP: | 12288:3uoFKqZLkac7pYnzwaCAh3eszhLU/FJA0gzCW9dQTD5389wreZr+:3uoFKqZw8sbAh3eszug0gJ9uTD5389wV |
MD5: | F4A4C243D6132383C66089BA69371634 |
SHA1: | F51BDB63197C3C22A4B1D2A6F6981557C22C14B7 |
SHA-256: | 5727A94C1A404BB62495B199474404B24AEB3785D419424C06D91D15897525E4 |
SHA-512: | 10BF6C91946AC22F3DC9C124C9204B3713A8D492B1685E2EDC1B1A81DD809B78CE9272EE3F9B0487F042F23A32B891AE3650D27073C85E49038370C309607E4D |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4173152 |
Entropy (8bit): | 5.931861753251015 |
Encrypted: | false |
SSDEEP: | 49152:4hPu+O4U0hVdHVp1w+QQJdYVYAKmzG3s3/1Kk1naQSQAOs:F0hTJAKmnWT |
MD5: | 85220808C764B90FA1F4F8281ABE57E8 |
SHA1: | E9D69D45BB01C5A9E1879473E9CA1AFA2ABC04E0 |
SHA-256: | F42C0FC79370F962ACEB427027142CD2D35D236377F10B9228CC5558FE5FBD7C |
SHA-512: | 824CD198B7AF176CC4C3E7B5E76E8EC1D5D95D96BC33729D55141C5FEED868E4263A07722686C031D07656D31D5576F5D6B6CFEF959030EDF697FFA220478590 |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 51040 |
Entropy (8bit): | 4.4025328265820525 |
Encrypted: | false |
SSDEEP: | 384:VIXxl6q9JyZFyVbfUGRXmgvA+RpJnNpuN0yyAgHunZEZsHLQkZBMK6jE:o6+EFsf9RNvDRhpo0y80VlsKgE |
MD5: | 9A42BD94738DF25D3AE05B9DFEAE4B71 |
SHA1: | A985DC14B05C584D3466C79526C0C800DBD7D842 |
SHA-256: | 034A30033419B9EB06F5EC7FE26C9A48F6F8C1C92148C5F39F6EF0C6FB98DCBC |
SHA-512: | 9CB1DB1788D22FECFA36F779200B035330D3323F4D9FDF7574F1B0B5C1E34556399F4C8F1F1EF4ECE600CE624525C20808726DA1951457283E4E8DEEBD7B16DD |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 206688 |
Entropy (8bit): | 5.4038922555068565 |
Encrypted: | false |
SSDEEP: | 3072:sQY2sto8vQ8nch30hqCsJI/EYiLNlLaBx192o9fcp1e:Jsto8DqHJhgxmoFcO |
MD5: | A656BD436912C080AAC3EFB5FAA362F9 |
SHA1: | CA7BE07B6ABBC923F88FC24BB73B19A7F219206B |
SHA-256: | A2AB62B1FDAAF213F8C86A62F5BCC5D793A5E5A9576F20AC2FAB5B5FD2752C58 |
SHA-512: | 4404B7B8D872F2F9A874A851F5D598058B4CC738DC3B1ADA58EC2267D4C2B75F79EF4D185E57B63BD343DC63997AA7471D17F1CBCE9B2430643A4D6544869AE5 |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 806752 |
Entropy (8bit): | 5.7957352880162105 |
Encrypted: | false |
SSDEEP: | 12288:dhCAC+btWKNgcxN2PnsbfEhDLKWNHwaP7/:nCoW0Tb2ULkxv |
MD5: | 35C2FCB4E36BE7E70840D75C6436DD9C |
SHA1: | 4C43A32D8F895D6DE5B36B01E5F4D3149A91D003 |
SHA-256: | C53D5D2CFD092E821781B67B531DC5E8520FEE5BEA47880BFF6923BC54078A6F |
SHA-512: | 3C6065A4B1F970D348A240FB463BF36D22A10181FE2A63AC1EF2355C9753D4ECCBDADCF9E21A36C043BC0FFF0E5276447013EAFCCEDD38E067ADEBEE56FF8AD5 |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 541024 |
Entropy (8bit): | 5.6904294357715 |
Encrypted: | false |
SSDEEP: | 6144:HyygL/BTJFjnaMBFLbr28TXJb686h3C1Vr0Vj9vBd951IHhZznq5Eizcn:O9Jxrbr28TX16rJZAqyiz4 |
MD5: | 2F35A7B420C8EEF315DC76B11DE0C9A4 |
SHA1: | 92C4AD49B5548E9DE052C93953746E8BC464A3D9 |
SHA-256: | 4070087AFBC0B70A9CDD3A4571036042F1EF06646E2B797E0406F31436E32756 |
SHA-512: | 79EBE0532CBF4B6320A1E7AEF411D99ECA8A4690016438CD7159F55C5A3EB75065416048B0977319194A951CAA4879FE059E3E366018F76E9EC8FFD11539FE4F |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 332568 |
Entropy (8bit): | 6.217408928777197 |
Encrypted: | false |
SSDEEP: | 6144:tlBybiGsY4lxA6c40PMjoTrDPbv+Xipv6wfnWzgcpw2eRJ:tWbzsBcPPlbxpvIzQT |
MD5: | 1028995446D0032530461BE30CA98F48 |
SHA1: | 18446678152E9997EED9C02995F957D58A8E8F32 |
SHA-256: | D404B49C25CC76DC4C86E1D82FC23799482F6509E85A73ED8177EFC320EC0195 |
SHA-512: | ADB9AE577F082E0246CAE5C804FA4CD08BCF54CE78EACA02D49B9B1B262779667A251E98CAE807AFF50FDAC504B8CD855CE4D786F587D02E0A18F6AC8E0D882E |
Malicious: | false |
Antivirus: |
|
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4481376 |
Entropy (8bit): | 6.373809113657972 |
Encrypted: | false |
SSDEEP: | 49152:6wBNwAqRvTvbehyCZ5xRmhErU6jFyU+dQZTHchy0eQago4I+oiP85+hA6+Se4QQk:YUZ5P7FwcAgLbz+3s0BmT |
MD5: | 759DB6F05C494F49FCCD6A9486AEE6AE |
SHA1: | 29FB222CE4AEE9D5FA38CB8FC16829878351F2BE |
SHA-256: | 7EF043BE993F44FAE2D3D657447C6E75385EC62520F916C63EFC0EACA8B68B24 |
SHA-512: | FACDBC462200FDD4DE06D05DAC96EFB60A2C844BB6AB5227A85C3A2065482DA1D530392C8EFBFB8D5C644DFDB0A68C7129183BFB6104E263E6F45F743910D632 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 627992 |
Entropy (8bit): | 6.360523442335369 |
Encrypted: | false |
SSDEEP: | 12288:dO93oUW7jh6DN0RUhsduQjqDZ6X/t5mTOKGmJ7DseBiltBMQEKZm+jWodEEVoFt:s3oUW7jh6DN0RUhsduQjqDZ6X/t5mTOo |
MD5: | C1B066F9E3E2F3A6785161A8C7E0346A |
SHA1: | 8B3B943E79C40BC81FDAC1E038A276D034BBE812 |
SHA-256: | 99E3E25CDA404283FBD96B25B7683A8D213E7954674ADEFA2279123A8D0701FD |
SHA-512: | 36F9E6C86AFBD80375295238B67E4F472EB86FCB84A590D8DBA928D4E7A502D4F903971827FDC331353E5B3D06616664450759432FDC8D304A56E7DACB84B728 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 191840 |
Entropy (8bit): | 5.55608424485294 |
Encrypted: | false |
SSDEEP: | 1536:7HIXdwzJuk0X/Jw5Dy7KXewgnV2w1gvSPSq9QG38iLS6Co1dLS9aUMOLZ1lwt:7Ox1YexnV27S6q2GXiWxS9aUMOLZ1w |
MD5: | 8054F8A2EF85C690C9D082291301D857 |
SHA1: | E4F8C80908F250F0304223BE95280A801331FF7E |
SHA-256: | B2DC013DF114028184B27B56A1767C0132D0CAA414E512BD958FC086D846E755 |
SHA-512: | DC92B30230A67E41CC4F98AD6DC6719AEB983A697D8A5A76A6D1058FDF6323C9E28231A32BA9B5DA2742A7DEEEB4A90DEE9449E5DFE817A5A310440080345C9E |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 632672 |
Entropy (8bit): | 5.881358981441057 |
Encrypted: | false |
SSDEEP: | 6144:1DKpoQKn00atFxuop9ZXpoDue7frsJ+hpreO3O9TZzYcpm6krD:1DNQ9tFxuoroie7frdhpreO3OZJZm7 |
MD5: | 4533825964F26A08382D2B89E8F2BA35 |
SHA1: | DB952997D3FA8C8A11BBA36B880FE64B85452329 |
SHA-256: | 118542A2B0C4B620BE20AE63F896F8AABBF8466BC0585AAF85E18DB91A9987F1 |
SHA-512: | 2BF6818F586BB747828BD845A979B69027A8ACC0C185786C1C13487F9C77A4DD3F1E4D0456C5432BCA93550C28CF3808254EB00ECBDB35729A78BB1813E9ED5B |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 366872 |
Entropy (8bit): | 5.900899813688224 |
Encrypted: | false |
SSDEEP: | 3072:SYXnkAiObjnmzH0nZxbwUSEHuKJemWtaOkic9VSgtH/5BhhXarUX1RdlWiNiC/0Q:SAkAvbjnmMN9XVFP7/09FSp |
MD5: | 9AC7AD6A47CF8BDDCE8DAFFD31CB03A5 |
SHA1: | 55EDE0C378279526BF6E8B4093C382EE7AE111DB |
SHA-256: | 5966E6F9DE7A3AAC11D22C899BD7B3A1248B3C375461C1CE10EFB8EB871B394E |
SHA-512: | D31289BC6321A77C8C43A8D49393ACB6C97EA9B5AE62FDC1A6A1F17B6A53A91EC1F714D71F1E944BFFA041B5F74E0266E68D80844F75FA624A4376D4A8ADDE3E |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 85784 |
Entropy (8bit): | 6.594110245111798 |
Encrypted: | false |
SSDEEP: | 1536:U3qPWvVCMgfw2eeWqjOebgk0jIpePxd76LGYU8j6ecbolG8EB4h88ii0:U66dsFeeBGPj1L6LGY+ecboC/8ip |
MD5: | 1453290DB80241683288F33E6DD5E80E |
SHA1: | 29FB9AF50458DF43EF40BFC8F0F516D0C0A106FD |
SHA-256: | 2B7602CC1521101D116995E3E2DDFE0943349806378A0D40ADD81BA64E359B6C |
SHA-512: | 4EA48A11E29EA7AC3957DCAB1A7912F83FD1C922C43D7B7D78523178FE236B4418729455B78AC672BB5632ECD5400746179802C6A9690ADB025270B0ADE84E91 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2731 |
Entropy (8bit): | 2.720430482357322 |
Encrypted: | false |
SSDEEP: | 24:8glZ9qSCJEFI7ESk6Wgvz+M8I7Dd9S+M8I7opm15zSApY4W8I7:82AxESkdgPDdo5P71ZSWWP |
MD5: | B46C9C5127499F8B5865AF63484089FD |
SHA1: | 5F3AD197C1217417AC14386A9399BD8AEC5BF2A2 |
SHA-256: | EA8FE37BFBF7915A309F59B8662259BB2A1BDC692AC0098AACD997FC795A8A5C |
SHA-512: | 7D5CB14205B121C26D30D00C48DB3AB50837F4E41140938EA3B0BFBD5198831969F96CBCA03DB578C53E0BEBAE16231EA0C4EBFA5F81DF73CE1F6406BECB9C62 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 207360 |
Entropy (8bit): | 6.574209364487876 |
Encrypted: | false |
SSDEEP: | 3072:r65Z1YCHGiZXOVneG/kdvLdzusAatnw1lflQnB+QDO1Q+cxbVeFT:r657r+0G/kvzoaBcHLnN |
MD5: | D773D9BD091E712DF7560F576DA53DE8 |
SHA1: | 165CFBDCE1811883360112441F7237B287CF0691 |
SHA-256: | E0DB1804CF53ED4819ED70CB35C67680CE1A77573EFDED86E6DAC81010CE55E7 |
SHA-512: | 15A956090F8756A6BFDBE191FDA36739B1107EADA62C6CD3058218BEB417BDBD2EA82BE9B055F7F6EB8017394B330DAFF2E9824DBC9C4F137BEAD8E2AC0574CD |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246112 |
Entropy (8bit): | 6.32764937101342 |
Encrypted: | false |
SSDEEP: | 3072:6nfwJO6SR6P9VNYVghfcDpnC6eMwpI5gYmPXyzagHObEvvYBjQ2HMLmNZrIdwJ1K:6p6SAPaV2MjQfgaCTwC |
MD5: | D4C47EF2E8A5637355B84695235F3F2E |
SHA1: | 4EE252CC6F4B61ECF16B5A2CF38BCB70100BB379 |
SHA-256: | 284E8923FEAA8851869A5CAE44114764C4E659D0697FA40FBF320D49CEB46CAE |
SHA-512: | 1624175A2C315BBFF426E151614EA98807B1256E8B02FADFA6A7D104695019AB7B730C73CA5DD2F952E71E42B3E405E416D62474FDF416C72B9B2A1358A7DA05 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246112 |
Entropy (8bit): | 6.32764937101342 |
Encrypted: | false |
SSDEEP: | 3072:6nfwJO6SR6P9VNYVghfcDpnC6eMwpI5gYmPXyzagHObEvvYBjQ2HMLmNZrIdwJ1K:6p6SAPaV2MjQfgaCTwC |
MD5: | D4C47EF2E8A5637355B84695235F3F2E |
SHA1: | 4EE252CC6F4B61ECF16B5A2CF38BCB70100BB379 |
SHA-256: | 284E8923FEAA8851869A5CAE44114764C4E659D0697FA40FBF320D49CEB46CAE |
SHA-512: | 1624175A2C315BBFF426E151614EA98807B1256E8B02FADFA6A7D104695019AB7B730C73CA5DD2F952E71E42B3E405E416D62474FDF416C72B9B2A1358A7DA05 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 107008 |
Entropy (8bit): | 6.518267525263852 |
Encrypted: | false |
SSDEEP: | 1536:+2UUj/2wsaO1oxlVVCXBlSz0doGxCznBxJFQNCUIsWK6cd4WJpPpxB60q9:dUU6w3lVoxlSz0jUtiNbb4WrPpxB6D9 |
MD5: | FAB4AA95C57F441B701BE7C2E81EE370 |
SHA1: | FAD06BB4BEDBF22BCCB2AB105A630F2C4435BBD4 |
SHA-256: | 8AD1084DE9A734B2D5C86F472F671CC324632B3A6CA5AAA0C360D93D4D08E148 |
SHA-512: | 7AB85940F9C6144864FC5B5221EAE30CB5800EE5FA270957109E8F182551806965FE1DFEFFBE655D805AA2BB33B0896725236B4422D3A540D90FD55CE174EF48 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15478784 |
Entropy (8bit): | 7.9304813668917955 |
Encrypted: | false |
SSDEEP: | 393216:f4kLMwFXt2Yz6880kRUBpmiyXpPkB37sj2:fn1FQYz58zRU/Py5PcQj2 |
MD5: | D0C1F8B537D6AA6B339158107BD34D3A |
SHA1: | 1317AE28F2B43DDFADD1E5311DEFAA678277BE6F |
SHA-256: | 4A92C6E42FB2BEC9FB177F6D379B3E86728D81BFE3F69FC53C175C13532B586F |
SHA-512: | 5E9C3F8330FD50491F221682FD9819BB4588E6D66AEC69991C96ACAEB91105D72656B62C33C38EAACFEEF4399D786E47389167210BB35D958A36E897FB49321A |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15478784 |
Entropy (8bit): | 7.9304813668917955 |
Encrypted: | false |
SSDEEP: | 393216:f4kLMwFXt2Yz6880kRUBpmiyXpPkB37sj2:fn1FQYz58zRU/Py5PcQj2 |
MD5: | D0C1F8B537D6AA6B339158107BD34D3A |
SHA1: | 1317AE28F2B43DDFADD1E5311DEFAA678277BE6F |
SHA-256: | 4A92C6E42FB2BEC9FB177F6D379B3E86728D81BFE3F69FC53C175C13532B586F |
SHA-512: | 5E9C3F8330FD50491F221682FD9819BB4588E6D66AEC69991C96ACAEB91105D72656B62C33C38EAACFEEF4399D786E47389167210BB35D958A36E897FB49321A |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246112 |
Entropy (8bit): | 6.32764937101342 |
Encrypted: | false |
SSDEEP: | 3072:6nfwJO6SR6P9VNYVghfcDpnC6eMwpI5gYmPXyzagHObEvvYBjQ2HMLmNZrIdwJ1K:6p6SAPaV2MjQfgaCTwC |
MD5: | D4C47EF2E8A5637355B84695235F3F2E |
SHA1: | 4EE252CC6F4B61ECF16B5A2CF38BCB70100BB379 |
SHA-256: | 284E8923FEAA8851869A5CAE44114764C4E659D0697FA40FBF320D49CEB46CAE |
SHA-512: | 1624175A2C315BBFF426E151614EA98807B1256E8B02FADFA6A7D104695019AB7B730C73CA5DD2F952E71E42B3E405E416D62474FDF416C72B9B2A1358A7DA05 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246112 |
Entropy (8bit): | 6.32764937101342 |
Encrypted: | false |
SSDEEP: | 3072:6nfwJO6SR6P9VNYVghfcDpnC6eMwpI5gYmPXyzagHObEvvYBjQ2HMLmNZrIdwJ1K:6p6SAPaV2MjQfgaCTwC |
MD5: | D4C47EF2E8A5637355B84695235F3F2E |
SHA1: | 4EE252CC6F4B61ECF16B5A2CF38BCB70100BB379 |
SHA-256: | 284E8923FEAA8851869A5CAE44114764C4E659D0697FA40FBF320D49CEB46CAE |
SHA-512: | 1624175A2C315BBFF426E151614EA98807B1256E8B02FADFA6A7D104695019AB7B730C73CA5DD2F952E71E42B3E405E416D62474FDF416C72B9B2A1358A7DA05 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246112 |
Entropy (8bit): | 6.32764937101342 |
Encrypted: | false |
SSDEEP: | 3072:6nfwJO6SR6P9VNYVghfcDpnC6eMwpI5gYmPXyzagHObEvvYBjQ2HMLmNZrIdwJ1K:6p6SAPaV2MjQfgaCTwC |
MD5: | D4C47EF2E8A5637355B84695235F3F2E |
SHA1: | 4EE252CC6F4B61ECF16B5A2CF38BCB70100BB379 |
SHA-256: | 284E8923FEAA8851869A5CAE44114764C4E659D0697FA40FBF320D49CEB46CAE |
SHA-512: | 1624175A2C315BBFF426E151614EA98807B1256E8B02FADFA6A7D104695019AB7B730C73CA5DD2F952E71E42B3E405E416D62474FDF416C72B9B2A1358A7DA05 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 121344 |
Entropy (8bit): | 6.5655402413250465 |
Encrypted: | false |
SSDEEP: | 3072:UvFX6aATavYxRVZLUn895HSAxj5/pUlh/PpxDpc:UvFXpATpV9E8TytVm |
MD5: | BA3165EC14E657E6235D6D789E9E25CA |
SHA1: | F626FCC0E7E7F26A092DA6A995F5936A45C4F71A |
SHA-256: | BF93DE4755822425F3FD3928B52D2A6E6C91AB069213AAAA95695ED3E17E72E9 |
SHA-512: | 6D83DD60B1F8E8D93DDBDA657B1C75F86C1F5F6EAC899123F6CE498F5DD1A5ABF05E29776144044C6A848E8FDD2B9A6A5367C4B249B879A310A260FB6B55B6DA |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 207360 |
Entropy (8bit): | 6.574209364487876 |
Encrypted: | false |
SSDEEP: | 3072:r65Z1YCHGiZXOVneG/kdvLdzusAatnw1lflQnB+QDO1Q+cxbVeFT:r657r+0G/kvzoaBcHLnN |
MD5: | D773D9BD091E712DF7560F576DA53DE8 |
SHA1: | 165CFBDCE1811883360112441F7237B287CF0691 |
SHA-256: | E0DB1804CF53ED4819ED70CB35C67680CE1A77573EFDED86E6DAC81010CE55E7 |
SHA-512: | 15A956090F8756A6BFDBE191FDA36739B1107EADA62C6CD3058218BEB417BDBD2EA82BE9B055F7F6EB8017394B330DAFF2E9824DBC9C4F137BEAD8E2AC0574CD |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 207360 |
Entropy (8bit): | 6.574209364487876 |
Encrypted: | false |
SSDEEP: | 3072:r65Z1YCHGiZXOVneG/kdvLdzusAatnw1lflQnB+QDO1Q+cxbVeFT:r657r+0G/kvzoaBcHLnN |
MD5: | D773D9BD091E712DF7560F576DA53DE8 |
SHA1: | 165CFBDCE1811883360112441F7237B287CF0691 |
SHA-256: | E0DB1804CF53ED4819ED70CB35C67680CE1A77573EFDED86E6DAC81010CE55E7 |
SHA-512: | 15A956090F8756A6BFDBE191FDA36739B1107EADA62C6CD3058218BEB417BDBD2EA82BE9B055F7F6EB8017394B330DAFF2E9824DBC9C4F137BEAD8E2AC0574CD |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246112 |
Entropy (8bit): | 6.32764937101342 |
Encrypted: | false |
SSDEEP: | 3072:6nfwJO6SR6P9VNYVghfcDpnC6eMwpI5gYmPXyzagHObEvvYBjQ2HMLmNZrIdwJ1K:6p6SAPaV2MjQfgaCTwC |
MD5: | D4C47EF2E8A5637355B84695235F3F2E |
SHA1: | 4EE252CC6F4B61ECF16B5A2CF38BCB70100BB379 |
SHA-256: | 284E8923FEAA8851869A5CAE44114764C4E659D0697FA40FBF320D49CEB46CAE |
SHA-512: | 1624175A2C315BBFF426E151614EA98807B1256E8B02FADFA6A7D104695019AB7B730C73CA5DD2F952E71E42B3E405E416D62474FDF416C72B9B2A1358A7DA05 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246112 |
Entropy (8bit): | 6.32764937101342 |
Encrypted: | false |
SSDEEP: | 3072:6nfwJO6SR6P9VNYVghfcDpnC6eMwpI5gYmPXyzagHObEvvYBjQ2HMLmNZrIdwJ1K:6p6SAPaV2MjQfgaCTwC |
MD5: | D4C47EF2E8A5637355B84695235F3F2E |
SHA1: | 4EE252CC6F4B61ECF16B5A2CF38BCB70100BB379 |
SHA-256: | 284E8923FEAA8851869A5CAE44114764C4E659D0697FA40FBF320D49CEB46CAE |
SHA-512: | 1624175A2C315BBFF426E151614EA98807B1256E8B02FADFA6A7D104695019AB7B730C73CA5DD2F952E71E42B3E405E416D62474FDF416C72B9B2A1358A7DA05 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1753775 |
Entropy (8bit): | 6.433696877487136 |
Encrypted: | false |
SSDEEP: | 49152:gqCVUCPqCVUCHqCVUCZBE58xo58xZ58x9:gE8EUEyBEdcY |
MD5: | CDE87DDA58E54BCB436F0CD53AE46608 |
SHA1: | 3D638F930D3BF1F26CD783F9D1D633D8BF584B6F |
SHA-256: | E18C9AFD7F85C91F16714CAF295120FAB177A44F38E9DB6C2FC70D179BA5A318 |
SHA-512: | 122E600A5DE5CB8CC4D94825F7FD89F574CDB10BFC5F2D716F7DC0A102B552981F8907A439DA060044B235E41742337DB8E1A98563502B4E527CDDCACA3AA069 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294400 |
Entropy (8bit): | 6.529001950189018 |
Encrypted: | false |
SSDEEP: | 6144:Mp8lGHAxAqm2EVZ9AOmnW70MLcZK/Vt9bx5n:sHAxLiDAQ06EK97nn |
MD5: | 4EA4312C76659041D79E85205EE74691 |
SHA1: | 28024EEB387F00CD62C407E7E636440837FE66FC |
SHA-256: | 87D830DFBCB4FDAF57C5A184FA24F6740711F4022799F059ECE5BAFB13FE813A |
SHA-512: | CF0C67795FF50E2893D124D6A3EBAD6C1650771F3689601233565FAE31FCF84228C3B7EB96A8CE76C73FEDA2457553BBAF0B2F74005B429D5839A68FEB031F9E |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 121344 |
Entropy (8bit): | 6.5655402413250465 |
Encrypted: | false |
SSDEEP: | 3072:UvFX6aATavYxRVZLUn895HSAxj5/pUlh/PpxDpc:UvFXpATpV9E8TytVm |
MD5: | BA3165EC14E657E6235D6D789E9E25CA |
SHA1: | F626FCC0E7E7F26A092DA6A995F5936A45C4F71A |
SHA-256: | BF93DE4755822425F3FD3928B52D2A6E6C91AB069213AAAA95695ED3E17E72E9 |
SHA-512: | 6D83DD60B1F8E8D93DDBDA657B1C75F86C1F5F6EAC899123F6CE498F5DD1A5ABF05E29776144044C6A848E8FDD2B9A6A5367C4B249B879A310A260FB6B55B6DA |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246112 |
Entropy (8bit): | 6.32764937101342 |
Encrypted: | false |
SSDEEP: | 3072:6nfwJO6SR6P9VNYVghfcDpnC6eMwpI5gYmPXyzagHObEvvYBjQ2HMLmNZrIdwJ1K:6p6SAPaV2MjQfgaCTwC |
MD5: | D4C47EF2E8A5637355B84695235F3F2E |
SHA1: | 4EE252CC6F4B61ECF16B5A2CF38BCB70100BB379 |
SHA-256: | 284E8923FEAA8851869A5CAE44114764C4E659D0697FA40FBF320D49CEB46CAE |
SHA-512: | 1624175A2C315BBFF426E151614EA98807B1256E8B02FADFA6A7D104695019AB7B730C73CA5DD2F952E71E42B3E405E416D62474FDF416C72B9B2A1358A7DA05 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246112 |
Entropy (8bit): | 6.32764937101342 |
Encrypted: | false |
SSDEEP: | 3072:6nfwJO6SR6P9VNYVghfcDpnC6eMwpI5gYmPXyzagHObEvvYBjQ2HMLmNZrIdwJ1K:6p6SAPaV2MjQfgaCTwC |
MD5: | D4C47EF2E8A5637355B84695235F3F2E |
SHA1: | 4EE252CC6F4B61ECF16B5A2CF38BCB70100BB379 |
SHA-256: | 284E8923FEAA8851869A5CAE44114764C4E659D0697FA40FBF320D49CEB46CAE |
SHA-512: | 1624175A2C315BBFF426E151614EA98807B1256E8B02FADFA6A7D104695019AB7B730C73CA5DD2F952E71E42B3E405E416D62474FDF416C72B9B2A1358A7DA05 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 121344 |
Entropy (8bit): | 6.5655402413250465 |
Encrypted: | false |
SSDEEP: | 3072:UvFX6aATavYxRVZLUn895HSAxj5/pUlh/PpxDpc:UvFXpATpV9E8TytVm |
MD5: | BA3165EC14E657E6235D6D789E9E25CA |
SHA1: | F626FCC0E7E7F26A092DA6A995F5936A45C4F71A |
SHA-256: | BF93DE4755822425F3FD3928B52D2A6E6C91AB069213AAAA95695ED3E17E72E9 |
SHA-512: | 6D83DD60B1F8E8D93DDBDA657B1C75F86C1F5F6EAC899123F6CE498F5DD1A5ABF05E29776144044C6A848E8FDD2B9A6A5367C4B249B879A310A260FB6B55B6DA |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 207360 |
Entropy (8bit): | 6.574209364487876 |
Encrypted: | false |
SSDEEP: | 3072:r65Z1YCHGiZXOVneG/kdvLdzusAatnw1lflQnB+QDO1Q+cxbVeFT:r657r+0G/kvzoaBcHLnN |
MD5: | D773D9BD091E712DF7560F576DA53DE8 |
SHA1: | 165CFBDCE1811883360112441F7237B287CF0691 |
SHA-256: | E0DB1804CF53ED4819ED70CB35C67680CE1A77573EFDED86E6DAC81010CE55E7 |
SHA-512: | 15A956090F8756A6BFDBE191FDA36739B1107EADA62C6CD3058218BEB417BDBD2EA82BE9B055F7F6EB8017394B330DAFF2E9824DBC9C4F137BEAD8E2AC0574CD |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294400 |
Entropy (8bit): | 6.529001950189018 |
Encrypted: | false |
SSDEEP: | 6144:Mp8lGHAxAqm2EVZ9AOmnW70MLcZK/Vt9bx5n:sHAxLiDAQ06EK97nn |
MD5: | 4EA4312C76659041D79E85205EE74691 |
SHA1: | 28024EEB387F00CD62C407E7E636440837FE66FC |
SHA-256: | 87D830DFBCB4FDAF57C5A184FA24F6740711F4022799F059ECE5BAFB13FE813A |
SHA-512: | CF0C67795FF50E2893D124D6A3EBAD6C1650771F3689601233565FAE31FCF84228C3B7EB96A8CE76C73FEDA2457553BBAF0B2F74005B429D5839A68FEB031F9E |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 20480 |
Entropy (8bit): | 1.1694802676189204 |
Encrypted: | false |
SSDEEP: | 12:JSbX72FjHAGiLIlHVRpU5h/7777777777777777777777777vDHFeXQ1/TSsJl0G:JVQI5Gnp/TSzF |
MD5: | 071EE3341BF4B74E47DC9D335CA0DF0C |
SHA1: | 0F0FC19F9CBE855F7782F5FA9A5150F9D46A5330 |
SHA-256: | 25EA26F2D161033305BFFB380935AC99229657591AB02FF99C4EAB0108CB097C |
SHA-512: | 244CE080E6848643205577781BBA9787E94AA497B391A871AA087F002C195FF63166FE6245DB2E62E42BE29A61993DB2630A6833614F4D7BABF57BB125926119 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 20480 |
Entropy (8bit): | 1.8231698873907254 |
Encrypted: | false |
SSDEEP: | 96:zhn19jTQ+Up4Vxgltg5SfrzETRTsOcGoKj:N1ZpeaglS0ETRTPzT |
MD5: | C5D9DD34995020B6BE9BAE26B9CB46DE |
SHA1: | E4D419EAA9D19293B40F13F5F13FA86400D4CC42 |
SHA-256: | 41A5F8FBDA7C4AF5A60C206746C0DBCCA394F43F66B62430C029B6ACAF8BD4B5 |
SHA-512: | BE582AF130250E16826A0DA23863C6FE8E99005F0A4F752B8FBE267A8FF6BB3136C39DE383D4CBF3FB8B23F2AA711FCC10D1B8E757C43B67A65338E873E993A0 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 136478 |
Entropy (8bit): | 3.596243837781 |
Encrypted: | false |
SSDEEP: | 384:UO2uFNsts6iwKdnnDnlkMnDnxAADAtF1BxgMfLLnYQBWHUtO9tDbH9HMMTa6sK8r:3FNsJiybuiJKWFmOr |
MD5: | 1406749FEE5EF7437D045A9F929E3902 |
SHA1: | E58070E91B9543EF22DD6E39A8DA148E8C028160 |
SHA-256: | FB8147C92956583032F433D0F7EE6913B229F2FFA2EFF0FD54BD775E84FB8429 |
SHA-512: | 999D1F5DE4A0A0F0625CB40A391A26D3012C4A29E763F6F7CD8289B423B1638DCEF1571B0A698950AA99E75AF24615C1664D0CDB5693494FB3BC16901E4EEAE4 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 79122 |
Entropy (8bit): | 5.282157320299685 |
Encrypted: | false |
SSDEEP: | 192:jmXs969ozNSkk3peTBYeHt0tfoI9qsjl0urmwYyim:yXs9UogeWeH29qclhmwYyim |
MD5: | 0EB7C9E30446CC71CB096EE74630F650 |
SHA1: | 23A2F57E7391ED7CC1D07972E9CBCE7F5C841FF9 |
SHA-256: | C1E5565D42A790038D95EA62C92B84C86971831D7176EAFAD64FFA04AD4AB8CC |
SHA-512: | 22DE1635B783D9669587EA90C13D2EDB85F214C1400E6813C5B252CF9B83C12F8A20706B23EDE368BD0635D26A628B08EB8E1349308D11A7622C9FA01B4696CA |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 512 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:: |
MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 512 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:: |
MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 20480 |
Entropy (8bit): | 1.8231698873907254 |
Encrypted: | false |
SSDEEP: | 96:zhn19jTQ+Up4Vxgltg5SfrzETRTsOcGoKj:N1ZpeaglS0ETRTPzT |
MD5: | C5D9DD34995020B6BE9BAE26B9CB46DE |
SHA1: | E4D419EAA9D19293B40F13F5F13FA86400D4CC42 |
SHA-256: | 41A5F8FBDA7C4AF5A60C206746C0DBCCA394F43F66B62430C029B6ACAF8BD4B5 |
SHA-512: | BE582AF130250E16826A0DA23863C6FE8E99005F0A4F752B8FBE267A8FF6BB3136C39DE383D4CBF3FB8B23F2AA711FCC10D1B8E757C43B67A65338E873E993A0 |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 32768 |
Entropy (8bit): | 1.441081002459636 |
Encrypted: | false |
SSDEEP: | 96:Y/bpTTe9+Up4Vxgltg5SfrzETRTsOcGoKj:4bpX1eaglS0ETRTPzT |
MD5: | 81915E6C656576ACCEBEF0FCE212685D |
SHA1: | 60B129B0CAEEDD232777D5197F137B9E59F8F931 |
SHA-256: | 0D24F411456604EC83744E4013878E115C83BB586FA3570EB4001BD3B20689B8 |
SHA-512: | A4CC041B87FE3B0851C5F340E20C5929090DC650F7C72730AD1894F55444313D33B67F26EFA96429422EF2CEDA9C11FAF8A31DD2B43BC18CE1AB74DF94653D7D |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 32768 |
Entropy (8bit): | 0.07558500351290733 |
Encrypted: | false |
SSDEEP: | 6:2/9LG7iVCnLG7iVrKOzPLHKOeXQWg/TS9o6Vky6lD1:2F0i8n0itFzDHFeXQ1/TSsJ |
MD5: | EB3CA21F885BCE376D1BDEA2432020F6 |
SHA1: | 4304AF87D38D2B0DA38A3ED12DA5A8D0AE9647F4 |
SHA-256: | 2EC139150B190958CAA5E920813ED91FCFCFD5042147382A80C2F53CAA5048BE |
SHA-512: | 6D33B1B9004CF2E10F9D067751F23EE840A48ED61C6E93DDA82D6E02C8E8F0BF2A6236E125C808A07ED01C616F7A63AFCD67D765CDDBBFB4C923328AB4A51D2E |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 512 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:: |
MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 32768 |
Entropy (8bit): | 1.441081002459636 |
Encrypted: | false |
SSDEEP: | 96:Y/bpTTe9+Up4Vxgltg5SfrzETRTsOcGoKj:4bpX1eaglS0ETRTPzT |
MD5: | 81915E6C656576ACCEBEF0FCE212685D |
SHA1: | 60B129B0CAEEDD232777D5197F137B9E59F8F931 |
SHA-256: | 0D24F411456604EC83744E4013878E115C83BB586FA3570EB4001BD3B20689B8 |
SHA-512: | A4CC041B87FE3B0851C5F340E20C5929090DC650F7C72730AD1894F55444313D33B67F26EFA96429422EF2CEDA9C11FAF8A31DD2B43BC18CE1AB74DF94653D7D |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 512 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:: |
MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 32768 |
Entropy (8bit): | 1.441081002459636 |
Encrypted: | false |
SSDEEP: | 96:Y/bpTTe9+Up4Vxgltg5SfrzETRTsOcGoKj:4bpX1eaglS0ETRTPzT |
MD5: | 81915E6C656576ACCEBEF0FCE212685D |
SHA1: | 60B129B0CAEEDD232777D5197F137B9E59F8F931 |
SHA-256: | 0D24F411456604EC83744E4013878E115C83BB586FA3570EB4001BD3B20689B8 |
SHA-512: | A4CC041B87FE3B0851C5F340E20C5929090DC650F7C72730AD1894F55444313D33B67F26EFA96429422EF2CEDA9C11FAF8A31DD2B43BC18CE1AB74DF94653D7D |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 73728 |
Entropy (8bit): | 0.23527295531188966 |
Encrypted: | false |
SSDEEP: | 48:albqo0Qr5AAdlSoAdlSJ6Adq2th2DlihnFlrzETRTszaooSPcMh5p9dwp:sYKhKgltg5SfrzETRTsOcPh5pAp |
MD5: | ECDA3EFE818CEB5AE3AEE630AE5FBF22 |
SHA1: | 08682B34AA476D967C5DFD91F3AB1A3330C85D1E |
SHA-256: | C9C982A6509A448A74B150B1D5780FAD7CA7D6AB3A84A70EC24E16F952CA17E5 |
SHA-512: | 409B7D00C9E45B4814D22A9890E44F19804B9A92D6ABA0F36AA85C7265C68A13F7A24993CC359146850E866C42967EC9C8C90B7199D922C33F4292DF8AEEA71B |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 512 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:: |
MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
Malicious: | false |
Preview: |
|
Process: | C:\Windows\System32\msiexec.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 20480 |
Entropy (8bit): | 1.8231698873907254 |
Encrypted: | false |
SSDEEP: | 96:zhn19jTQ+Up4Vxgltg5SfrzETRTsOcGoKj:N1ZpeaglS0ETRTPzT |
MD5: | C5D9DD34995020B6BE9BAE26B9CB46DE |
SHA1: | E4D419EAA9D19293B40F13F5F13FA86400D4CC42 |
SHA-256: | 41A5F8FBDA7C4AF5A60C206746C0DBCCA394F43F66B62430C029B6ACAF8BD4B5 |
SHA-512: | BE582AF130250E16826A0DA23863C6FE8E99005F0A4F752B8FBE267A8FF6BB3136C39DE383D4CBF3FB8B23F2AA711FCC10D1B8E757C43B67A65338E873E993A0 |
Malicious: | false |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 7.9304813668917955 |
TrID: |
|
File name: | AirServer-5.6.3-x64.msi |
File size: | 15478784 |
MD5: | d0c1f8b537d6aa6b339158107bd34d3a |
SHA1: | 1317ae28f2b43ddfadd1e5311defaa678277be6f |
SHA256: | 4a92c6e42fb2bec9fb177f6d379b3e86728d81bfe3f69fc53c175c13532b586f |
SHA512: | 5e9c3f8330fd50491f221682fd9819bb4588e6d66aec69991c96acaeb91105d72656b62c33c38eaacfeef4399d786e47389167210bb35d958a36e897fb49321a |
SSDEEP: | 393216:f4kLMwFXt2Yz6880kRUBpmiyXpPkB37sj2:fn1FQYz58zRU/Py5PcQj2 |
File Content Preview: | ........................>...................................................................................................................................................................................................................................... |
File Icon |
---|
Icon Hash: | a2a0b496b2caca72 |
General | ||
---|---|---|
Document Type: | OLE | |
Number of OLE Files: | 1 |
Signature Valid: | true |
Signature Issuer: | CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US |
Signature Validation Error: | The operation completed successfully |
Error Number: | 0 |
Not Before, Not After |
|
Subject Chain |
|
Version: | 3 |
Thumbprint MD5: | 02617A9BBAA95EC93B571C211A98B23A |
Thumbprint SHA-1: | C01E3E229E3FB1304B3559B7B528C21D2CCA52FF |
Thumbprint SHA-256: | 79A625B198188D9522EBB9100EDDC87B768D5C89B8F070A95816D86C7E96B675 |
Serial: | 02A2DD174CA76DAB87C5A63A3B87ED39 |
Indicators | |
---|---|
Has Summary Info: | True |
Application Name: | Windows Installer XML Toolset (3.11.1.2318) |
Encrypted Document: | False |
Contains Word Document Stream: | False |
Contains Workbook/Book Stream: | False |
Contains PowerPoint Document Stream: | False |
Contains Visio Document Stream: | False |
Contains ObjectPool Stream: | |
Flash Objects Count: | |
Contains VBA Macros: | False |
Summary | |
---|---|
Code Page: | 1252 |
Title: | |
Subject: | |
Author: | |
Keywords: | |
Comments: | |
Template: | |
Revion Number: | {EE2DBA36-6558-4C1A-BB78-A00681594571} |
Create Time: | 2020-09-22 17:56:32 |
Last Saved Time: | 2020-09-22 17:56:32 |
Number of Pages: | 405 |
Number of Words: | 2 |
Creating Application: | |
Security: | 2 |
General | |
---|---|
Stream Path: | \x5DigitalSignature |
File Type: | data |
Stream Size: | 8048 |
Entropy: | 7.07814844707 |
Base64 Encoded: | True |
Data ASCII: | 0 . . l . . * . H . . . . . . . . . ] 0 . . Y . . . 1 . 0 . . . ` . H . e . . . . . . 0 w . . + . . . . . 7 . . . . i 0 g 0 2 . . + . . . . . 7 . . . 0 $ . . . . . . . . . . . . . . . . . . . . F . . . . . . . . . . . . . . . 0 1 0 . . . ` . H . e . . . . . . . . . O . . . _ . . . . . . . . . . . . i . . . 2 . 5 . . . . . . . . . I 0 . . . 0 . . m . . . . . . . . . . . L . m . . . . : ; . . 9 0 . . . * . H . . . . . . . . 0 l 1 . 0 . . . U . . . . U S 1 . 0 . . . U . . . . D i g i C e r t I n c 1 . 0 . |
Data Raw: | 30 82 1f 6c 06 09 2a 86 48 86 f7 0d 01 07 02 a0 82 1f 5d 30 82 1f 59 02 01 01 31 0f 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 30 77 06 0a 2b 06 01 04 01 82 37 02 01 04 a0 69 30 67 30 32 06 0a 2b 06 01 04 01 82 37 02 01 1e 30 24 02 01 02 04 10 f1 10 0c 00 00 00 00 00 c0 00 00 00 00 00 00 46 02 01 00 02 01 00 02 01 00 02 01 00 02 01 00 30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 |
General | |
---|---|
Stream Path: | \x5MsiDigitalSignatureEx |
File Type: | data |
Stream Size: | 32 |
Entropy: | 4.875 |
Base64 Encoded: | False |
Data ASCII: | C e ) [ . ) . . . . . . . @ . . . . ; . K . . . . [ . . | . l 1 |
Data Raw: | 43 65 29 5b c2 29 91 f8 81 87 0c 14 c3 40 a1 bc 9b da 3b d5 4b 90 1e b9 e9 5b 0a bd 7c bf 6c 31 |
General | |
---|---|
Stream Path: | \x5SummaryInformation |
File Type: | data |
Stream Size: | 560 |
Entropy: | 4.72346472404 |
Base64 Encoded: | True |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . O h . . . . . + ' . . 0 . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . X . . . . . . . l . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . I n s t a l l a t i o n D a t a b a s e . . . . . . . . . . . A i r S e r v e r U n i v e r s a l ( x 6 4 ) . . . . . . . . . . . A p p |
Data Raw: | fe ff 00 00 0a 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 e0 85 9f f2 f9 4f 68 10 ab 91 08 00 2b 27 b3 d9 30 00 00 00 00 02 00 00 0e 00 00 00 01 00 00 00 78 00 00 00 02 00 00 00 80 00 00 00 03 00 00 00 a0 00 00 00 04 00 00 00 c4 00 00 00 05 00 00 00 d8 00 00 00 06 00 00 00 ec 00 00 00 07 00 00 00 58 01 00 00 09 00 00 00 6c 01 00 00 0c 00 00 00 9c 01 00 00 |
General | |
---|---|
Stream Path: | \x16786\x17522\x15038\x17772\x16924\x18037\x17768\x16958\x16955 |
File Type: | MS Windows icon resource - 17 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel |
Stream Size: | 136478 |
Entropy: | 3.59624383778 |
Base64 Encoded: | True |
Data ASCII: | . . . . . . . . . . . . . . ( . . . . . . . . . . . . . . . h . . . > . . . . . . . . . . h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ( ( . . . . . . . . . . F ( . . ( ( . . . . . . . . . . . - . . ( ( . . . . . h . . . . 8 . . 0 0 . . . . . . h . . . . S . . 0 0 . . . . . . . . . . . Y . . 0 0 . . . . . . % . . . h . . @ @ . . . . . . h . . . . . . . @ @ . . . . . . ( . . . > . . . @ @ . . . . . ( B . . f . . . . . . . . . . ( . |
Data Raw: | 00 00 01 00 11 00 10 10 10 00 01 00 04 00 28 01 00 00 16 01 00 00 10 10 00 00 01 00 08 00 68 05 00 00 3e 02 00 00 10 10 00 00 01 00 20 00 68 04 00 00 a6 07 00 00 20 20 10 00 01 00 04 00 e8 02 00 00 0e 0c 00 00 20 20 00 00 01 00 08 00 a8 08 00 00 f6 0e 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 9e 17 00 00 28 28 10 00 01 00 04 00 c8 04 00 00 46 28 00 00 28 28 00 00 01 00 08 00 a8 0b |
General | |
---|---|
Stream Path: | \x17162\x16181\x17768\x16953\x18357\x16678\x18469 |
File Type: | Microsoft Cabinet archive data, 13630550 bytes, 22 files |
Stream Size: | 13630550 |
Entropy: | 7.99995357454 |
Base64 Encoded: | True |
Data ASCII: | M S C F . . . . V . . . . . . . , . . . . . . . . . . . . . . . . . . . $ . . . . . . . . l . . . . . . . . 6 Q . . . A D R u n t i m e . d l l . 8 3 2 8 B A 3 F _ E 8 2 6 _ 4 5 B 5 _ 8 2 B 3 _ 3 3 1 B 0 9 3 0 C A 8 8 . . 8 . . . l . . . . 6 Q . . . A D S p a r k l e . d l l . 8 3 2 8 B A 3 F _ E 8 2 6 _ 4 5 B 5 _ 8 2 B 3 _ 3 3 1 B 0 9 3 0 C A 8 8 . ` [ . . . . . . . . 6 Q . . . A i r S e r v e r . e x e . ` S . . ` . . . . . 6 Q . . . A i r S e r v e r C o n s o l e . e x e . ` . . . . R . . . . 6 |
Data Raw: | 4d 53 43 46 00 00 00 00 56 fc cf 00 00 00 00 00 2c 00 00 00 00 00 00 00 03 01 01 00 16 00 00 00 00 00 00 00 24 04 00 00 cc 03 03 15 00 6c 0f 00 00 00 00 00 00 00 36 51 8e 8e 20 00 41 44 52 75 6e 74 69 6d 65 2e 64 6c 6c 2e 38 33 32 38 42 41 33 46 5f 45 38 32 36 5f 34 35 42 35 5f 38 32 42 33 5f 33 33 31 42 30 39 33 30 43 41 38 38 00 00 38 03 00 00 6c 0f 00 00 00 36 51 94 8e 20 00 41 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x15038\x16156\x17896\x17656\x16778\x17207\x17522\x18358\x17383\x18479 |
File Type: | PE32+ executable (DLL) (GUI) x86-64, for MS Windows |
Stream Size: | 246112 |
Entropy: | 6.32764937101 |
Base64 Encoded: | True |
Data ASCII: | M Z . . . . . . . . . . . . . . . . . . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ! . . L . ! T h i s p r o g r a m c a n n o t b e r u n i n D O S m o d e . . . . $ . . . . . . . . < M . _ ] # . _ ] # . _ ] # . . 5 . Z ] # . . 5 & . . ] # . . 5 ' . P ] # . . 5 . W ] # . . 5 & . x ] # . . 5 ' . S ] # . . 5 % . ] ] # . . . & . S ] # . . 5 " . J ] # . _ ] " . . ] # . . 4 * . S ] # . . 4 # . ^ ] # . . 4 . . ^ ] # . . 4 ! . ^ ] # . |
Data Raw: | 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x15038\x17772\x16924\x18037\x17768\x17214\x17574 |
File Type: | MS Windows icon resource - 17 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel |
Stream Size: | 136478 |
Entropy: | 3.59624383778 |
Base64 Encoded: | True |
Data ASCII: | . . . . . . . . . . . . . . ( . . . . . . . . . . . . . . . h . . . > . . . . . . . . . . h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ( ( . . . . . . . . . . F ( . . ( ( . . . . . . . . . . . - . . ( ( . . . . . h . . . . 8 . . 0 0 . . . . . . h . . . . S . . 0 0 . . . . . . . . . . . Y . . 0 0 . . . . . . % . . . h . . @ @ . . . . . . h . . . . . . . @ @ . . . . . . ( . . . > . . . @ @ . . . . . ( B . . f . . . . . . . . . . ( . |
Data Raw: | 00 00 01 00 11 00 10 10 10 00 01 00 04 00 28 01 00 00 16 01 00 00 10 10 00 00 01 00 08 00 68 05 00 00 3e 02 00 00 10 10 00 00 01 00 20 00 68 04 00 00 a6 07 00 00 20 20 10 00 01 00 04 00 e8 02 00 00 0e 0c 00 00 20 20 00 00 01 00 08 00 a8 08 00 00 f6 0e 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 9e 17 00 00 28 28 10 00 01 00 04 00 c8 04 00 00 46 28 00 00 28 28 00 00 01 00 08 00 a8 0b |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x16190\x16678\x16796\x16939\x17959\x16943 |
File Type: | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
Stream Size: | 294400 |
Entropy: | 6.52900195019 |
Base64 Encoded: | True |
Data ASCII: | M Z . . . . . . . . . . . . . . . . . . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ! . . L . ! T h i s p r o g r a m c a n n o t b e r u n i n D O S m o d e . . . . $ . . . . . . . 0 . b . t . . . t . . . t . . . . & . . } . . . . & . . . . . . . & . . l . . . . . . . e . . . . . . . d . . . . . . . o . . . } . . . p . . . } . . . c . . . t . . . . . . . . . . . 4 . . . . . . . u . . . . . . . u . . . t . . . u . . . . . . . u . . . |
Data Raw: | 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x16190\x16678\x18126\x16808\x17912\x18472 |
File Type: | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
Stream Size: | 222720 |
Entropy: | 6.60530108962 |
Base64 Encoded: | True |
Data ASCII: | M Z . . . . . . . . . . . . . . . . . . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ! . . L . ! T h i s p r o g r a m c a n n o t b e r u n i n D O S m o d e . . . . $ . . . . . . . . 4 . . . U . . . U . . . U . . Q . ) . . U . . Q . + . . U . . Q . * . . U . . < 7 . . . U . . < 7 . . . U . . < 7 . . . U . . . - [ . . U . . . - K . . U . . . U . . . U . . A 6 . . . U . . A 6 . . . U . . A 6 ' . . U . . . U O . . U . . A 6 . . . U . . |
Data Raw: | 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x16446\x18156\x14988 |
File Type: | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
Stream Size: | 207360 |
Entropy: | 6.57420936449 |
Base64 Encoded: | True |
Data ASCII: | M Z . . . . . . . . . . . . . . . . . . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ! . . L . ! T h i s p r o g r a m c a n n o t b e r u n i n D O S m o d e . . . . $ . . . . . . . . . . . . . . . . . . . . . . . ! E s . . . . . ! E q . . . . . ! E p . . . . . L . . . . . . . L . . . . . . . L . . . . . . . . . . . . . . . . . . . . . . . . . . . h . . . 1 . . . . . . . 1 . . . . . . . 1 . } . . . . . . . . . . . . . 1 . . . . . . . |
Data Raw: | 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x16446\x18156\x15518\x15103\x17648\x15103\x17508\x16945\x18485 |
File Type: | PC bitmap, Windows 95/NT4 and newer format, 493 x 58 x 8 |
Stream Size: | 29914 |
Entropy: | 0.952341263772 |
Base64 Encoded: | True |
Data ASCII: | B M . t . . . . . . z . . . l . . . . . . . : . . . . . . . . . . . ` p . . . . . . . . . . . . . . . . . . B G R s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ! . ! . % ! ! . & " $ . ' % ' . ( # $ . ) & & . * & ( . + ( ( . , ) ) . . + . . / , , . 0 - |
Data Raw: | 42 4d da 74 00 00 00 00 00 00 7a 04 00 00 6c 00 00 00 ed 01 00 00 3a 00 00 00 01 00 08 00 00 00 00 00 60 70 00 00 13 0b 00 00 13 0b 00 00 00 01 00 00 00 01 00 00 42 47 52 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06 02 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x16446\x18156\x15518\x15103\x17648\x15231\x16684\x17583\x18474 |
File Type: | PC bitmap, Windows 95/NT4 and newer format, 493 x 312 x 8 |
Stream Size: | 155898 |
Entropy: | 0.521018180514 |
Base64 Encoded: | False |
Data ASCII: | B M . ` . . . . . . z . . . l . . . . . . . 8 . . . . . . . . . . . . \\ . . . . . . . . . . . . . . . . . . B G R s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ! . . . ! . . ! . . $ . ! . " . $ ! ! . % ! $ . ( # $ . ( $ |
Data Raw: | 42 4d fa 60 02 00 00 00 00 00 7a 04 00 00 6c 00 00 00 ed 01 00 00 38 01 00 00 01 00 08 00 00 00 00 00 80 5c 02 00 13 0b 00 00 13 0b 00 00 00 01 00 00 00 01 00 00 42 47 52 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 03 02 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x16446\x18156\x15518\x15103\x17648\x15871\x18088 |
File Type: | MS Windows icon resource - 1 icon, 16x16, 16 colors |
Stream Size: | 318 |
Entropy: | 2.03444158006 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . ( . . . . . . . ( . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 00 00 01 00 01 00 10 10 10 00 00 00 00 00 28 01 00 00 16 00 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 04 00 00 00 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 80 00 00 00 80 80 00 80 00 00 00 80 00 80 00 80 80 00 00 c0 c0 c0 00 80 80 80 00 00 00 ff 00 00 ff 00 00 00 ff ff 00 ff 00 00 00 ff 00 ff 00 ff ff 00 00 ff ff ff 00 00 00 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x16446\x18156\x15518\x15103\x17648\x16319\x18483 |
File Type: | MS Windows icon resource - 1 icon, 16x16, 16 colors |
Stream Size: | 318 |
Entropy: | 2.03693614652 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . ( . . . . . . . ( . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 00 00 01 00 01 00 10 10 10 00 00 00 00 00 28 01 00 00 16 00 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 04 00 00 00 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 80 00 00 00 80 80 00 80 00 00 00 80 00 80 00 80 80 00 00 c0 c0 c0 00 80 80 80 00 00 00 ff 00 00 ff 00 00 00 ff ff 00 ff 00 00 00 ff 00 ff 00 ff ff 00 00 ff ff ff 00 00 00 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x16446\x18156\x15518\x15551\x17574\x15295\x16827\x16687\x18480 |
File Type: | MS Windows icon resource - 1 icon, 32x32, 16 colors |
Stream Size: | 766 |
Entropy: | 3.3484862649 |
Base64 Encoded: | True |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . ( . . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3 1 . . . . . . . . . . . . 3 3 2 3 3 3 3 3 3 3 3 3 3 3 3 . 3 3 $ D D D D D D D D D D D @ 1 . 2 D D D D D D D D D D D D D . . 2 D D D D D D @ D D D D D D C . 2 D D D D D D 3 4 D D D D D C . 2 D D D D D @ 3 0 D D D D D . . 3 $ D D D D D 3 4 D D D D D 1 . 3 $ |
Data Raw: | 00 00 01 00 01 00 20 20 10 00 00 00 00 00 e8 02 00 00 16 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 04 00 00 00 00 00 80 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 c0 c0 00 80 80 80 00 00 80 80 00 00 00 00 00 00 ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 33 33 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x16446\x18156\x15518\x15551\x17574\x15551\x17009\x18482 |
File Type: | MS Windows icon resource - 2 icons, 32x32, 16 colors, 16x16, 16 colors |
Stream Size: | 1078 |
Entropy: | 2.86422695486 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . & . . . . . . . . . . . ( . . . . . . . ( . . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . p . . . . . . . . . . . . . . w p . . . . . . . . . . . . . . . p . . . . . . . . . . . . . . . p . . . . . . . . . . . . . . . p . . . . . . . . . . . . . . . p . . . . . . . . . . w w . . . w w . . . . . . |
Data Raw: | 00 00 01 00 02 00 20 20 10 00 00 00 00 00 e8 02 00 00 26 00 00 00 10 10 10 00 00 00 00 00 28 01 00 00 0e 03 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 04 00 00 00 00 00 80 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 80 00 00 00 80 80 00 80 00 00 00 80 00 80 00 80 80 00 00 80 80 80 00 c0 c0 c0 00 00 00 ff 00 00 ff 00 00 00 ff ff 00 ff 00 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x16446\x18156\x15518\x17184\x16827\x18468 |
File Type: | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
Stream Size: | 107008 |
Entropy: | 6.51826752526 |
Base64 Encoded: | True |
Data ASCII: | M Z . . . . . . . . . . . . . . . . . . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ! . . L . ! T h i s p r o g r a m c a n n o t b e r u n i n D O S m o d e . . . . $ . . . . . . . ; . . . . k . V . k . V . k . V . . b V v k . V . . ` V . k . V . . a V g k . V . . . W n k . V . . . W o k . V . . . W i k . V v . . V l k . V . k . V . k . V . . . W o k . V . . . W ~ k . V . . l V ~ k . V . k . V ~ k . V . . . W ~ k . V R i c h . k . V |
Data Raw: | 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |
General | |
---|---|
Stream Path: | \x17163\x16689\x18229\x16446\x18156\x17167\x16949\x16698\x17391\x14988 |
File Type: | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
Stream Size: | 121344 |
Entropy: | 6.56554024133 |
Base64 Encoded: | True |
Data ASCII: | M Z . . . . . . . . . . . . . . . . . . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ! . . L . ! T h i s p r o g r a m c a n n o t b e r u n i n D O S m o d e . . . . $ . . . . . . . . . . . . g k . . g k . . g k . 3 . . . . g k . 3 . . . . g k . 3 . . . . g k . ^ . h . . g k . ^ . o . . g k . ^ . n . . g k . . . . . . g k . . g j . * g k . # . n . . g k . # . k . . g k . # . . . . g k . . g . . . g k . # . i . . g k . R i c h . g k . |
Data Raw: | 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |
General | |
---|---|
Stream Path: | \x18496\x15167\x17394\x17464\x17841 |
File Type: | data |
Stream Size: | 1776 |
Entropy: | 5.10325605675 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . " . " . " . ( . ( . ( . . . . . . . / . / . / . 0 . 0 . 1 . 1 . 6 . 6 . : . : . > . > . > . > . > . > . D . D . D . L . L . L . L . L . L . L . L . L . L . L . L . N . N . N . N . N . N . N . N . N . N . ` . ` . ` . ` . g . g . g . g . g . g . p . p . p . p . p . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 07 00 07 00 07 00 07 00 07 00 07 00 07 00 07 00 07 00 07 00 22 00 22 00 22 00 28 00 28 00 28 00 2e 00 2e 00 2e 00 2f 00 2f 00 2f 00 30 00 30 00 31 00 31 00 36 00 36 00 3a 00 3a 00 3e 00 3e 00 3e 00 3e 00 3e 00 3e 00 44 00 44 00 44 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4e 00 4e 00 4e 00 4e 00 4e 00 4e 00 4e 00 4e 00 4e 00 4e 00 60 00 60 00 60 00 |
General | |
---|---|
Stream Path: | \x18496\x15518\x16925\x17915 |
File Type: | data |
Stream Size: | 204 |
Entropy: | 4.43594708352 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 . . . . . . . . . . . |
Data Raw: | 86 02 91 05 92 05 93 05 94 05 95 05 96 05 98 05 9a 05 9c 05 9e 05 a0 05 a2 05 a4 05 a7 05 a8 05 aa 05 ac 05 ae 05 b0 05 b2 05 b4 05 b6 05 b8 05 ba 05 bc 05 be 05 c0 05 c2 05 c4 05 c6 05 c8 05 ca 05 cc 05 ce 05 d0 05 d2 05 d4 05 d6 05 d8 05 da 05 dc 05 de 05 e0 05 e2 05 e4 05 e5 05 e7 05 e9 05 eb 05 ed 05 a6 05 00 00 92 05 93 05 94 05 95 05 97 05 99 05 9b 05 9d 05 9f 05 a1 05 a3 05 |
General | |
---|---|
Stream Path: | \x18496\x16191\x17783\x17516\x15210\x17892\x18468 |
File Type: | ASCII text, with very long lines, with CRLF, LF line terminators |
Stream Size: | 79608 |
Entropy: | 5.16979724797 |
Base64 Encoded: | True |
Data ASCII: | N a m e T a b l e T y p e C o l u m n V a l u e _ V a l i d a t i o n N P r o p e r t y I d _ S u m m a r y I n f o r m a t i o n D e s c r i p t i o n S e t C a t e g o r y K e y C o l u m n M a x V a l u e N u l l a b l e K e y T a b l e M i n V a l u e I d e n t i f i e r N a m e o f t a b l e N a m e o f c o l u m n Y ; N W h e t h e r t h e c o l u m n i s n u l l a b l e Y M i n i m u m v a l u e a l l o w e d M a x i m u m v a l u e a l l o w e d F o r f o r e i g n k e y |
Data Raw: | 4e 61 6d 65 54 61 62 6c 65 54 79 70 65 43 6f 6c 75 6d 6e 56 61 6c 75 65 5f 56 61 6c 69 64 61 74 69 6f 6e 4e 50 72 6f 70 65 72 74 79 49 64 5f 53 75 6d 6d 61 72 79 49 6e 66 6f 72 6d 61 74 69 6f 6e 44 65 73 63 72 69 70 74 69 6f 6e 53 65 74 43 61 74 65 67 6f 72 79 4b 65 79 43 6f 6c 75 6d 6e 4d 61 78 56 61 6c 75 65 4e 75 6c 6c 61 62 6c 65 4b 65 79 54 61 62 6c 65 4d 69 6e 56 61 6c 75 65 |
General | |
---|---|
Stream Path: | \x18496\x16191\x17783\x17516\x15978\x17586\x18479 |
File Type: | data |
Stream Size: | 6336 |
Entropy: | 3.53480411418 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . G . . . . . . . . . . . . . . . . . . . g . . . . . . . . . 6 . . . $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . T . . . . . . . j . . . . . . . B . . . . . . . . . . . . . . . o . . . . . . . . . . . . . . . . . . . ( . . . . . . . 5 . . . . . . . . . . . ' . . . . . . . . . . . . . . . ( . . . . . . . * . . . . . . . ; . . . |
Data Raw: | e4 04 00 00 04 00 10 00 05 00 02 00 00 00 00 00 04 00 06 00 06 00 02 00 05 00 0d 00 0b 00 15 00 01 00 86 00 0a 00 01 00 13 00 02 00 0b 00 25 00 03 00 02 00 08 00 02 00 09 00 02 00 08 00 02 00 08 00 02 00 08 00 02 00 08 00 02 00 0a 00 47 00 0d 00 01 00 0e 00 01 00 03 00 01 00 1e 00 01 00 01 00 67 00 15 00 01 00 15 00 01 00 36 00 01 00 24 00 01 00 f5 00 01 00 0f 00 01 00 04 00 8e 00 |
General | |
---|---|
Stream Path: | \x18496\x16255\x16740\x16943\x18486 |
File Type: | data |
Stream Size: | 86 |
Entropy: | 4.06610502677 |
Base64 Encoded: | False |
Data ASCII: | . . " . ( . . . / . 0 . 1 . 6 . : . > . D . L . N . ` . g . p . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 0 . : . = . J . [ . . . . . |
Data Raw: | 07 00 22 00 28 00 2e 00 2f 00 30 00 31 00 36 00 3a 00 3e 00 44 00 4c 00 4e 00 60 00 67 00 70 00 8f 00 93 00 96 00 98 00 9d 00 ab 00 bc 00 bf 00 c0 00 c1 00 c4 00 ca 00 d6 00 df 00 e4 00 ed 00 f7 00 fa 00 05 01 1f 01 30 01 3a 01 3d 01 4a 01 5b 01 01 06 1c 06 |
General | |
---|---|
Stream Path: | \x18496\x16383\x17380\x16876\x17892\x17580\x18481 |
File Type: | data |
Stream Size: | 5496 |
Entropy: | 2.6433799068 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . " . " . " . ( . ( . ( . . . . . . . / . / . / . 0 . 0 . 1 . 1 . 6 . 6 . : . : . > . > . > . > . > . > . D . D . D . L . L . L . L . L . L . L . L . L . L . L . L . N . N . N . N . N . N . N . N . N . N . ` . ` . ` . ` . g . g . g . g . g . g . p . p . p . p . p . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 07 00 07 00 07 00 07 00 07 00 07 00 07 00 07 00 07 00 07 00 0a 00 0a 00 22 00 22 00 22 00 28 00 28 00 28 00 2e 00 2e 00 2e 00 2f 00 2f 00 2f 00 30 00 30 00 31 00 31 00 36 00 36 00 3a 00 3a 00 3e 00 3e 00 3e 00 3e 00 3e 00 3e 00 44 00 44 00 44 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4c 00 4e 00 4e 00 4e 00 4e 00 4e 00 4e 00 4e 00 4e 00 4e 00 4e 00 60 00 |
General | |
---|---|
Stream Path: | \x18496\x16661\x17528\x17126\x17548\x16881\x17900\x17580\x18481 |
File Type: | data |
Stream Size: | 4 |
Entropy: | 1.5 |
Base64 Encoded: | False |
Data ASCII: | . . . . |
Data Raw: | 13 05 14 05 |
General | |
---|---|
Stream Path: | \x18496\x16667\x17191\x15090\x17912\x17591\x18481 |
File Type: | data |
Stream Size: | 144 |
Entropy: | 3.88825003242 |
Base64 Encoded: | False |
Data ASCII: | . . . . J . J . J . _ . _ . _ . . . . . . . . . . . . . . . . . w . ~ . v . O . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 . . . . . 2 . ' . ' . . . . . . . , . , . , . . . . . . . . . . . . . . . . . } . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | d8 02 d8 02 4a 03 4a 03 4a 03 5f 03 5f 03 5f 03 01 80 02 80 01 80 02 80 03 80 01 80 02 80 03 80 77 05 7e 05 76 02 4f 02 78 05 ec 03 ea 03 e8 03 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 14 80 00 80 19 80 32 80 00 80 19 80 32 80 27 81 27 81 18 81 18 81 18 81 2c 81 2c 81 2c 81 10 80 10 80 14 80 14 80 14 80 14 80 14 80 14 80 7d 05 7f 05 80 05 81 05 82 05 83 05 84 05 85 05 |
General | |
---|---|
Stream Path: | \x18496\x16778\x17207\x17522\x16925\x17915 |
File Type: | data |
Stream Size: | 492 |
Entropy: | 4.95553905903 |
Base64 Encoded: | False |
Data ASCII: | 0 . d . f . h . j . l . m . n . p . s . v . x . y . z . } . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . e . g . i . k . i . k . o . q . t . w . w . w . { . ~ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 30 00 64 01 66 01 68 01 6a 01 6c 01 6d 01 6e 01 70 01 73 01 76 01 78 01 79 01 7a 01 7d 01 80 01 83 01 85 01 88 01 8b 01 8e 01 91 01 96 01 99 01 9b 01 9e 01 a1 01 a3 01 a6 01 a8 01 ab 01 ad 01 b0 01 b2 01 b5 01 b7 01 ba 01 bd 01 c0 01 c3 01 c5 01 c8 01 cb 01 ce 01 d0 01 d2 01 d5 01 d7 01 da 01 dc 01 dd 01 e0 01 e2 01 e4 01 e6 01 e8 01 ea 01 ec 01 ee 01 f1 01 f3 01 f5 01 f7 01 f9 01 |
General | |
---|---|
Stream Path: | \x18496\x16786\x17522 |
File Type: | mumps avl global (V1) |
Stream Size: | 4 |
Entropy: | 2.0 |
Base64 Encoded: | False |
Data ASCII: | Y . . . |
Data Raw: | 59 02 01 00 |
General | |
---|---|
Stream Path: | \x18496\x16842\x17200\x15281\x16955\x17958\x16951\x16924\x17972\x17512\x16934 |
File Type: | data |
Stream Size: | 48 |
Entropy: | 3.62111536517 |
Base64 Encoded: | False |
Data ASCII: | n . p . s . v . x . y . . . . . . . . . . . . . . . . . . . . x . . . < . . . . . . . . . . |
Data Raw: | 6e 01 70 01 73 01 76 01 78 01 79 01 1f 02 20 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 85 a0 8f 3c 8f 84 83 20 83 e8 83 dc 85 c8 99 |
General | |
---|---|
Stream Path: | \x18496\x16842\x17200\x16305\x16146\x17704\x16952\x16817\x18472 |
File Type: | data |
Stream Size: | 42 |
Entropy: | 3.59308810337 |
Base64 Encoded: | False |
Data ASCII: | v . x . y . ! . " . # . $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 76 01 78 01 79 01 21 02 22 02 23 02 24 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 84 83 20 83 e8 83 fd 7f fe 7f ff 7f 14 85 |
General | |
---|---|
Stream Path: | \x18496\x16842\x17913\x18126\x16808\x17912\x16168\x17704\x16952\x16817\x18472 |
File Type: | data |
Stream Size: | 48 |
Entropy: | 3.50680560889 |
Base64 Encoded: | False |
Data ASCII: | n . x . y . z . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . |
Data Raw: | 6e 01 78 01 79 01 7a 01 80 01 83 01 1f 02 20 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 85 20 83 e8 83 94 91 9c 98 00 99 dc 85 c8 99 |
General | |
---|---|
Stream Path: | \x18496\x16911\x17892\x17784\x15144\x17458\x17587\x16945\x17905\x18486 |
File Type: | data |
Stream Size: | 108 |
Entropy: | 3.76903556781 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Q . T . W . Y . [ . ] . _ . a . c . e . g . i . k . m . o . q . . . . . . . . . . . . . . . w . s . y . { . |
Data Raw: | d6 04 d6 04 d6 04 d6 04 d6 04 d6 04 d6 04 d6 04 d6 04 d6 04 d6 04 d6 04 d6 04 d6 04 d6 04 d6 04 d9 04 d9 04 d9 04 d9 04 d9 04 d9 04 d9 04 db 04 dc 04 df 04 e2 04 51 02 54 02 57 02 59 02 5b 02 5d 02 5f 02 61 02 63 02 65 02 67 02 69 02 6b 02 6d 02 6f 02 71 02 06 06 09 06 0c 06 10 06 13 06 16 06 19 06 77 02 73 02 79 02 7b 02 |
General | |
---|---|
Stream Path: | \x18496\x16911\x17892\x17784\x18472 |
File Type: | data |
Stream Size: | 96 |
Entropy: | 3.51156920086 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | d6 04 d9 04 db 04 dc 04 df 04 e2 04 00 00 00 00 dc 04 00 00 dc 04 dc 04 d7 04 da 04 dd 04 e5 04 e0 04 e3 04 d8 04 00 00 de 04 e6 04 e1 04 e4 04 02 80 00 80 02 80 03 80 04 80 06 80 01 80 01 80 01 80 01 80 01 80 01 80 00 00 00 00 00 00 00 00 00 00 00 00 18 80 08 80 08 80 18 80 08 80 08 80 |
General | |
---|---|
Stream Path: | \x18496\x16918\x17191\x18468 |
File Type: | MIPSEB Ucode |
Stream Size: | 14 |
Entropy: | 2.27094242175 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . |
Data Raw: | 01 80 16 00 00 80 15 05 16 05 00 00 00 00 |
General | |
---|---|
Stream Path: | \x18496\x16923\x15722\x16818\x17892\x17778 |
File Type: | data |
Stream Size: | 140 |
Entropy: | 3.76856571235 |
Base64 Encoded: | False |
Data ASCII: | & . ( . * . , . . . 0 . 2 . 4 . 6 . 8 . : . < . > . @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 26 02 28 02 2a 02 2c 02 2e 02 30 02 32 02 34 02 36 02 38 02 3a 02 3c 02 3e 02 40 02 02 80 01 80 01 80 01 80 01 80 02 80 02 80 02 80 01 80 01 80 01 80 02 80 02 80 02 80 87 05 87 05 89 05 86 05 8b 05 89 05 86 05 86 05 89 05 86 05 8b 05 89 05 86 05 86 05 88 05 88 05 8a 05 8a 05 8a 05 8a 05 8a 05 8a 05 fe 03 fe 03 fe 03 fe 03 fe 03 fe 03 11 80 11 80 12 80 12 80 12 80 02 80 02 80 12 80 |
General | |
---|---|
Stream Path: | \x18496\x16923\x17194\x17910\x18229 |
File Type: | data |
Stream Size: | 12 |
Entropy: | 2.75162916739 |
Base64 Encoded: | False |
Data ASCII: | S . . . . . . . . . Q . |
Data Raw: | 53 02 ff 7f 86 05 00 00 00 00 51 02 |
General | |
---|---|
Stream Path: | \x18496\x16923\x17584\x16953\x17167\x16943 |
File Type: | data |
Stream Size: | 10 |
Entropy: | 1.84643934467 |
Base64 Encoded: | False |
Data ASCII: | Q . Q . . . Q . . . |
Data Raw: | 51 02 51 02 00 00 51 02 02 80 |
General | |
---|---|
Stream Path: | \x18496\x16925\x17915\x17884\x17404\x18472 |
File Type: | data |
Stream Size: | 36 |
Entropy: | 2.6070177096 |
Base64 Encoded: | False |
Data ASCII: | s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 73 05 8f 05 90 05 8e 05 8e 05 8e 05 08 80 0c 80 09 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 80 |
General | |
---|---|
Stream Path: | \x18496\x17100\x16808\x15086\x18162 |
File Type: | data |
Stream Size: | 8 |
Entropy: | 1.75 |
Base64 Encoded: | False |
Data ASCII: | N . P . O . O . |
Data Raw: | 4e 02 50 02 4f 02 4f 02 |
General | |
---|---|
Stream Path: | \x18496\x17116\x17778\x16823\x17912 |
File Type: | DOS executable (COM, 0x8C-variant) |
Stream Size: | 32 |
Entropy: | 2.70755479887 |
Base64 Encoded: | False |
Data ASCII: | . . Q . . . Y . . . . . _ . . . Y . . . . . V . . . . . . . . . |
Data Raw: | 8c 05 51 02 8d 05 59 02 d6 04 00 00 5f 05 00 00 59 02 00 80 00 00 56 02 00 00 00 00 00 00 00 00 |
General | |
---|---|
Stream Path: | \x18496\x17163\x16689\x18229 |
File Type: | data |
Stream Size: | 52 |
Entropy: | 2.92510992954 |
Base64 Encoded: | False |
Data ASCII: | A . B . C . D . E . F . G . H . I . J . K . L . M . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 41 02 42 02 43 02 44 02 45 02 46 02 47 02 48 02 49 02 4a 02 4b 02 4c 02 4d 02 01 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 |
General | |
---|---|
Stream Path: | \x18496\x17165\x16949\x17894\x17778\x18492 |
File Type: | data |
Stream Size: | 42 |
Entropy: | 3.41314441458 |
Base64 Encoded: | False |
Data ASCII: | Q . V . u . . . . # . . . # . . . . . . u . u . V . $ . . . % . ! . " . " . " . |
Data Raw: | 51 02 56 02 75 02 1e 04 20 04 23 04 05 06 23 04 1e 04 00 00 20 04 75 02 75 02 56 02 24 04 1f 04 25 04 21 04 22 04 22 04 22 04 |
General | |
---|---|
Stream Path: | \x18496\x17165\x17380\x17074 |
File Type: | data |
Stream Size: | 594 |
Entropy: | 4.14203148659 |
Base64 Encoded: | False |
Data ASCII: | ! . " . # . } . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ? . E . F . P . Y . ` . r . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . 2 . r . r . r . r . r . r . . . . . r . r . r . r . r . . . r . r . . . r . r . r . r . r . r . r . r . r . r . . . . . . . . . . . . . U . i . . . . . . . . . . . U . . . . . U . . . . . . . |
Data Raw: | 21 02 22 02 23 02 7d 02 93 02 ae 02 b5 02 bc 02 cb 02 d5 02 da 02 de 02 f7 02 fd 02 02 03 06 03 0a 03 12 03 16 03 20 03 3f 03 45 03 46 03 50 03 59 03 60 03 72 03 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 32 80 |
General | |
---|---|
Stream Path: | \x18496\x17167\x16943 |
File Type: | data |
Stream Size: | 440 |
Entropy: | 4.63890559575 |
Base64 Encoded: | False |
Data ASCII: | T . W . Y . [ . ] . _ . a . c . e . g . i . k . m . o . q . . . . . . . . . . . . . . . T . W . Y . [ . ] . _ . a . c . e . g . i . k . m . o . q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ? 2 . . 9 . . . ` [ . . ` S . . ` y . . ` . . . . . . ` A . . ` . . . ` . ? . ` . . . ` ' . . ` O . . ` . . . ` a D . . l . . . . . . . 8 . . . . . . . . . . . . . . . O . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 54 02 57 02 59 02 5b 02 5d 02 5f 02 61 02 63 02 65 02 67 02 69 02 6b 02 6d 02 6f 02 71 02 07 06 0a 06 0d 06 11 06 14 06 17 06 1a 06 54 02 57 02 59 02 5b 02 5d 02 5f 02 61 02 63 02 65 02 67 02 69 02 6b 02 6d 02 6f 02 71 02 06 06 09 06 0c 06 10 06 13 06 16 06 19 06 e7 04 e8 04 e9 04 ec 04 ed 04 ee 04 ef 04 f0 04 f1 04 f2 04 f3 04 f4 04 f5 04 f6 04 f7 04 04 06 08 06 0b 06 0f 06 12 06 |
General | |
---|---|
Stream Path: | \x18496\x17184\x15355\x17772\x18088\x17380\x15279\x16827\x17640\x17207\x17522 |
File Type: | data |
Stream Size: | 48 |
Entropy: | 3.31372187554 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . g . g . . . . . . . . . . . . . . . . . Y . Y . . . . . |
Data Raw: | f5 05 f8 05 f6 05 f9 05 f7 05 f7 05 00 00 00 00 06 80 11 80 67 05 67 05 01 00 00 80 01 00 00 80 ff ff ff ff ff ff ff ff 59 02 59 02 00 00 00 00 |
General | |
---|---|
Stream Path: | \x18496\x17441\x15343\x17388\x18472 |
File Type: | data |
Stream Size: | 36 |
Entropy: | 3.52262030953 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . a . a . . . . . |
Data Raw: | fa 05 fe 05 cb 04 cb 04 fb 05 ff 05 fc 05 00 06 fd 05 fd 05 04 10 00 80 04 10 00 80 61 02 61 02 00 00 00 00 |
General | |
---|---|
Stream Path: | \x18496\x17490\x17910\x17380\x15279\x16955\x17958\x16951\x16924\x17972\x17512\x16934 |
File Type: | data |
Stream Size: | 390 |
Entropy: | 5.59438798323 |
Base64 Encoded: | False |
Data ASCII: | 0 . d . f . h . j . l . m . n . p . v . x . y . z . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 30 00 64 01 66 01 68 01 6a 01 6c 01 6d 01 6e 01 70 01 76 01 78 01 79 01 7a 01 80 01 83 01 a1 01 a3 01 ab 01 ad 01 b5 01 bd 01 c3 01 cb 01 ce 01 d7 01 da 01 ea 01 fe 01 15 02 17 02 1f 02 20 02 9d 03 d1 03 d4 03 d7 03 da 03 dd 03 e0 03 e3 03 e6 03 e7 03 e9 03 eb 03 ed 03 ee 03 ef 03 f2 03 f4 03 f6 03 f8 03 fa 03 fc 03 fd 03 00 04 02 04 04 04 06 04 08 04 0a 04 0b 04 12 04 13 04 19 04 |
General | |
---|---|
Stream Path: | \x18496\x17490\x17910\x17380\x16303\x16146\x17704\x16952\x16817\x18472 |
File Type: | data |
Stream Size: | 258 |
Entropy: | 5.21336259893 |
Base64 Encoded: | False |
Data ASCII: | 0 . v . x . y . . . . . . . ! . " . # . $ . . . . . . . . . r . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 . . . . . . . . d . . . . . . . . . . . 1 . . . . . . . . . . . _ . ^ . c . b . a . ` . . . . . . . . . . . . . 8 . 5 . 4 . 7 . 6 . 3 . 9 . ? . < . ; . > . = . : . |
Data Raw: | 30 00 76 01 78 01 79 01 a3 01 ab 01 ad 01 21 02 22 02 23 02 24 02 da 02 de 02 f7 02 12 03 72 03 d1 03 d4 03 d7 03 da 03 dd 03 e0 03 e3 03 e6 03 e7 03 e9 03 eb 03 ed 03 ee 03 ef 03 f2 03 f4 03 f6 03 f8 03 fa 03 fc 03 fd 03 00 04 02 04 04 04 06 04 08 04 f9 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 11 05 10 05 12 05 00 00 00 00 00 00 00 00 00 00 |
General | |
---|---|
Stream Path: | \x18496\x17548\x17648\x17522\x17512\x18487 |
File Type: | data |
Stream Size: | 324 |
Entropy: | 3.9971748486 |
Base64 Encoded: | False |
Data ASCII: | Q . T . W . Y . [ . ] . _ . a . c . e . g . i . k . m . o . q . s . w . y . { . . . . . . . . . . . . . . . R . U . X . Z . \\ . ^ . ` . b . d . f . h . j . l . n . p . r . t . x . z . | . ) . * . + . , . - . . . / . Q . V . V . V . V . V . V . V . V . V . V . V . V . V . V . V . u . u . u . u . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v . v . v . v . |
Data Raw: | 51 02 54 02 57 02 59 02 5b 02 5d 02 5f 02 61 02 63 02 65 02 67 02 69 02 6b 02 6d 02 6f 02 71 02 73 02 77 02 79 02 7b 02 06 06 09 06 0c 06 10 06 13 06 16 06 19 06 52 02 55 02 58 02 5a 02 5c 02 5e 02 60 02 62 02 64 02 66 02 68 02 6a 02 6c 02 6e 02 70 02 72 02 74 02 78 02 7a 02 7c 02 29 06 2a 06 2b 06 2c 06 2d 06 2e 06 2f 06 51 02 56 02 56 02 56 02 56 02 56 02 56 02 56 02 56 02 56 02 |
General | |
---|---|
Stream Path: | \x18496\x17548\x17905\x17589\x15151\x17522\x17191\x17207\x17522 |
File Type: | data |
Stream Size: | 600 |
Entropy: | 4.14077246378 |
Base64 Encoded: | False |
Data ASCII: | # . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ? . ? . E . E . F . F . F . F . ` . ` . ` . ` . ` . ` . ` . ` . ` . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . F . F . . . . . . . . . . . . . . . ! . ! . ! . # . # . # . $ . $ . $ . ' . ' . ( . ( . * . * . + . - . / . 1 . 3 . |
Data Raw: | 23 02 23 02 93 02 93 02 93 02 93 02 de 02 de 02 de 02 de 02 de 02 de 02 de 02 de 02 de 02 de 02 f7 02 f7 02 12 03 12 03 12 03 12 03 16 03 16 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 20 03 3f 03 3f 03 45 03 45 03 46 03 46 03 |
General | |
---|---|
Stream Path: | \x18496\x17548\x17905\x17589\x15279\x16953\x17905 |
File Type: | data |
Stream Size: | 1992 |
Entropy: | 4.41455218472 |
Base64 Encoded: | False |
Data ASCII: | ! . " . # . # . } . } . } . } . } . } . } . } . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ? . ? . ? . ? . ? . |
Data Raw: | 21 02 22 02 23 02 23 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 ae 02 b5 02 b5 02 bc 02 bc 02 bc 02 bc 02 bc 02 bc 02 bc 02 cb 02 cb 02 cb 02 d5 02 d5 02 d5 02 da 02 de 02 f7 02 f7 02 f7 02 f7 02 f7 02 f7 02 f7 02 f7 02 f7 02 f7 02 f7 02 f7 02 f7 02 fd 02 02 03 02 03 02 03 06 03 0a 03 12 03 12 03 12 03 16 03 16 03 16 03 |
General | |
---|---|
Stream Path: | \x18496\x17548\x17905\x17589\x18479 |
File Type: | data |
Stream Size: | 7150 |
Entropy: | 4.23420421658 |
Base64 Encoded: | False |
Data ASCII: | ! . ! . ! . ! . ! . ! . ! . " . " . " . " . " . " . " . # . # . # . # . # . # . # . # . # . # . } . } . } . } . } . } . } . } . } . } . } . } . } . } . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 21 02 21 02 21 02 21 02 21 02 21 02 21 02 22 02 22 02 22 02 22 02 22 02 22 02 22 02 23 02 23 02 23 02 23 02 23 02 23 02 23 02 23 02 23 02 23 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 7d 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 ae 02 ae 02 ae 02 ae 02 ae 02 ae 02 ae 02 ae 02 |
General | |
---|---|
Stream Path: | \x18496\x17558\x17959\x16943\x17180\x17514\x17892\x17784\x18472 |
File Type: | data |
Stream Size: | 6 |
Entropy: | 2.58496250072 |
Base64 Encoded: | False |
Data ASCII: | . . . . p . |
Data Raw: | 03 06 00 80 70 05 |
General | |
---|---|
Stream Path: | \x18496\x17558\x17959\x16943\x17548\x17648\x17522\x17512\x17847 |
File Type: | data |
Stream Size: | 42 |
Entropy: | 2.59332189189 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 06 06 09 06 0c 06 10 06 13 06 16 06 19 06 03 06 03 06 03 06 03 06 03 06 03 06 03 06 00 80 00 80 00 80 00 80 00 80 00 80 00 80 |
General | |
---|---|
Stream Path: | \x18496\x17610\x16179\x16680\x16821\x18475 |
File Type: | data |
Stream Size: | 56 |
Entropy: | 3.40367746103 |
Base64 Encoded: | False |
Data ASCII: | % . ' . ) . + . - . / . 1 . 3 . 5 . 7 . 9 . ; . = . ? . & . ( . * . , . . . 0 . 2 . 4 . 6 . 8 . : . < . > . @ . |
Data Raw: | 25 02 27 02 29 02 2b 02 2d 02 2f 02 31 02 33 02 35 02 37 02 39 02 3b 02 3d 02 3f 02 26 02 28 02 2a 02 2c 02 2e 02 30 02 32 02 34 02 36 02 38 02 3a 02 3c 02 3e 02 40 02 |
General | |
---|---|
Stream Path: | \x18496\x17630\x17770\x16868\x18472 |
File Type: | data |
Stream Size: | 48 |
Entropy: | 2.54296055405 |
Base64 Encoded: | False |
Data ASCII: | q . q . . . . . p . . . p . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 71 05 71 05 f1 05 00 00 70 05 f2 05 70 05 00 00 f3 05 00 00 00 00 00 00 01 00 00 80 02 00 00 80 00 00 00 80 00 00 00 00 00 00 ef 05 f0 05 f4 05 |
General | |
---|---|
Stream Path: | \x18496\x17742\x17589\x18485 |
File Type: | data |
Stream Size: | 672 |
Entropy: | 5.75642369509 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ! . M . . . . . . . . . . . . . . . . . . . . . . . . ! . " . # . $ . % . & . ' . ( . ) . * . + . , . - . . . / . 0 . 1 . 2 . 3 . 4 . 5 . 6 . 7 . 8 . y . z . { . | . } . ~ . . . . . . . . . . . . . . . . . A . B . C . D . E . F . G . H . I . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . m . n . o . |
Data Raw: | 00 80 01 80 02 80 03 80 04 80 05 80 06 80 07 80 08 80 09 80 0a 80 0b 80 0c 80 0d 80 0e 80 0f 80 10 80 11 80 12 80 13 80 14 80 15 80 16 80 17 80 20 80 21 80 4d 84 15 85 16 85 17 85 18 85 19 85 1a 85 1b 85 1c 85 1d 85 1e 85 1f 85 20 85 21 85 22 85 23 85 24 85 25 85 26 85 27 85 28 85 29 85 2a 85 2b 85 2c 85 2d 85 2e 85 2f 85 30 85 31 85 32 85 33 85 34 85 35 85 36 85 37 85 38 85 79 85 |
General | |
---|---|
Stream Path: | \x18496\x17753\x16104\x17704\x17208\x17206\x16951\x16246\x16740\x16943 |
File Type: | data |
Stream Size: | 238 |
Entropy: | 4.22373550731 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . # . ' . * . - . 0 . 3 . 5 . 8 . < . @ . C . G . K . O . . . . . . $ . $ . $ . $ . $ . $ . $ . 9 . = . A . D . H . L . P . . . . . ! . % . ( . + . . . 1 . . . 6 . : . > . A . E . I . M . Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . " . & . ) . , . / . 2 . 4 . 7 . ; . ? . B . F . J . N . R . |
Data Raw: | 17 05 1b 05 1f 05 23 05 27 05 2a 05 2d 05 30 05 33 05 35 05 38 05 3c 05 40 05 43 05 47 05 4b 05 4f 05 18 05 1c 05 20 05 24 05 24 05 24 05 24 05 24 05 24 05 24 05 39 05 3d 05 41 05 44 05 48 05 4c 05 50 05 19 05 1d 05 21 05 25 05 28 05 2b 05 2e 05 31 05 2e 05 36 05 3a 05 3e 05 41 05 45 05 49 05 4d 05 51 05 01 80 01 80 01 80 01 80 01 80 01 80 01 80 01 80 01 80 01 80 01 80 01 80 01 80 |
General | |
---|---|
Stream Path: | \x18496\x17753\x17650\x17768\x18231 |
File Type: | data |
Stream Size: | 124 |
Entropy: | 4.50606554095 |
Base64 Encoded: | False |
Data ASCII: | . . > . N . . . J . V . _ . } . . . S . T . V . Y . Z . \\ . ^ . ` . b . d . f . h . i . k . m . n . o . r . t . v . y . { . X . q . O . w . x . V . . . O . O . O . U . W . Y . [ . ] . _ . a . c . e . g . Y . j . l . . . W . p . s . u . . . z . | . |
Data Raw: | cf 00 3e 01 4e 02 d8 02 4a 03 56 03 5f 03 7d 03 94 03 53 05 54 05 56 05 59 05 5a 05 5c 05 5e 05 60 05 62 05 64 05 66 05 68 05 69 05 6b 05 6d 05 6e 05 6f 05 72 05 74 05 76 05 79 05 7b 05 58 05 71 05 4f 02 77 05 78 05 56 02 ec 03 4f 02 4f 02 4f 02 55 05 57 05 59 02 5b 05 5d 05 5f 05 61 05 63 05 65 05 67 05 59 02 6a 05 6c 05 eb 04 57 05 70 05 73 05 75 05 bc 02 7a 05 7c 05 |
General | |
---|---|
Stream Path: | \x18496\x17814\x15340\x17388\x15464\x17828\x18475 |
File Type: | data |
Stream Size: | 200 |
Entropy: | 6.60212455694 |
Base64 Encoded: | False |
Data ASCII: | T . W . a . c . e . g . i . k . m . o . . . . . . . . . . . . . . . . . . . . . 2 . . 7 . . . . . . . . / 5 . 4 E 3 . . . " . . . B . . . V . . 5 . . 4 . T . " i F R F . . # . . . I . . . s d . j . . d . . s . . . i . . . . k . g . . . . # . . . . ` . : p ~ . . . . v 1 8 - + . . . . . : . [ . . . . 5 . @ . . . . . . L . { > i 7 . . . . . . . . . $ . . . . . . W h . . K . . . b y d 6 . . . . . . |
Data Raw: | 54 02 57 02 61 02 63 02 65 02 67 02 69 02 6b 02 6d 02 6f 02 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 32 f1 f6 37 f4 a4 c2 c3 ea fb cd d9 2f 35 a7 34 45 33 82 d9 85 22 08 88 9a 42 bd 14 a6 56 bd c3 35 c2 fc 34 80 54 f8 22 69 46 52 46 d6 13 23 03 82 ec 49 fb 20 c8 ee 73 64 f2 6a 88 c7 64 b9 8f 73 8d f2 dd 69 12 c0 00 e3 6b e7 67 ef 85 c6 10 23 f3 c0 82 c6 60 89 3a |
General | |
---|---|
Stream Path: | \x18496\x17932\x17910\x17458\x16778\x17207\x17522 |
File Type: | data |
Stream Size: | 648 |
Entropy: | 4.23136263239 |
Base64 Encoded: | False |
Data ASCII: | d . f . h . j . l . m . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A . . . . . A . . . 3 . 3 . 3 . 3 . 3 . 3 . 3 . . . 3 . 3 . 3 . 3 . 3 . 3 . 3 . 3 . 3 . 3 . 3 . 3 . 3 . 3 . 3 . 3 . 3 . 3 . . . . . . . . . . . A . A . . . . . . . . . B . B . B . B . B . B . K . K . K . K . K . K . C . B . J . C . B . . . . . . . |
Data Raw: | 64 01 66 01 68 01 6a 01 6c 01 6d 01 15 02 17 02 18 02 1a 02 1c 02 1d 02 98 03 9d 03 c6 03 c9 03 ce 03 d1 03 d4 03 d7 03 da 03 dd 03 e0 03 e3 03 e6 03 e7 03 e9 03 eb 03 ed 03 ee 03 ef 03 f2 03 f4 03 f6 03 f8 03 fa 03 fc 03 fd 03 00 04 02 04 04 04 06 04 08 04 0a 04 0b 04 12 04 13 04 14 04 16 04 17 04 18 04 19 04 1a 04 1b 04 01 80 01 84 01 80 01 84 01 80 01 8c 01 80 01 80 01 8d 01 8c |
General | |
---|---|
Stream Path: | \x18496\x17998\x17512\x15799\x17508\x17004\x17832\x18487 |
File Type: | data |
Stream Size: | 4 |
Entropy: | 2.0 |
Base64 Encoded: | False |
Data ASCII: | a . . . |
Data Raw: | 61 02 cb 04 |
General | |
---|---|
Stream Path: | \x18496\x17998\x17512\x15799\x17636\x17203\x17073 |
File Type: | data |
Stream Size: | 104 |
Entropy: | 3.91368871811 |
Base64 Encoded: | False |
Data ASCII: | } . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . " . . . " . . . . . . . . . . . . . . . . . . . . . " . . . " . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 7d 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 93 02 da 02 da 02 de 02 de 02 85 02 99 02 9b 02 9f 02 a6 02 a8 02 aa 02 aa 02 ac 02 22 00 dd 02 22 00 f3 02 cc 04 cd 04 cd 04 cd 04 cf 04 d0 04 d1 04 d2 04 d2 04 22 00 dd 02 22 00 d4 04 cc 04 ce 04 ce 04 ce 04 1f 00 1f 00 1f 00 d3 04 d3 04 1f 00 1f 00 1f 00 d5 04 |
Network Behavior |
---|
No network behavior found |
---|
Code Manipulations |
---|
Statistics |
---|
Behavior |
---|
Click to jump to process
System Behavior |
---|
Start time: | 15:49:27 |
Start date: | 01/12/2021 |
Path: | C:\Windows\System32\msiexec.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff777c90000 |
File size: | 66048 bytes |
MD5 hash: | 4767B71A318E201188A0D0A420C8B608 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Start time: | 15:49:28 |
Start date: | 01/12/2021 |
Path: | C:\Windows\System32\msiexec.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff777c90000 |
File size: | 66048 bytes |
MD5 hash: | 4767B71A318E201188A0D0A420C8B608 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Start time: | 15:49:29 |
Start date: | 01/12/2021 |
Path: | C:\Windows\System32\msiexec.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff777c90000 |
File size: | 66048 bytes |
MD5 hash: | 4767B71A318E201188A0D0A420C8B608 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Registry Activities
Start time: | 15:49:49 |
Start date: | 01/12/2021 |
Path: | C:\Windows\SysWOW64\msiexec.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x30000 |
File size: | 59904 bytes |
MD5 hash: | 12C17B5A5C2A7B97342C362CA467E9A2 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
File Activities
Start time: | 15:49:57 |
Start date: | 01/12/2021 |
Path: | C:\Windows\System32\msiexec.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff777c90000 |
File size: | 66048 bytes |
MD5 hash: | 4767B71A318E201188A0D0A420C8B608 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Start time: | 15:49:59 |
Start date: | 01/12/2021 |
Path: | C:\Windows\SysWOW64\msiexec.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x30000 |
File size: | 59904 bytes |
MD5 hash: | 12C17B5A5C2A7B97342C362CA467E9A2 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Start time: | 15:50:14 |
Start date: | 01/12/2021 |
Path: | C:\Windows\System32\msiexec.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff777c90000 |
File size: | 66048 bytes |
MD5 hash: | 4767B71A318E201188A0D0A420C8B608 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Registry Activities
Start time: | 15:50:15 |
Start date: | 01/12/2021 |
Path: | C:\Windows\SysWOW64\msiexec.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x30000 |
File size: | 59904 bytes |
MD5 hash: | 12C17B5A5C2A7B97342C362CA467E9A2 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Start time: | 15:50:17 |
Start date: | 01/12/2021 |
Path: | C:\Windows\SysWOW64\wevtutil.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xd10000 |
File size: | 167936 bytes |
MD5 hash: | 27C3944EC1E3CAD62641ECBCEB107EE9 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
File Activities
Start time: | 15:50:17 |
Start date: | 01/12/2021 |
Path: | C:\Windows\System32\conhost.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff724c50000 |
File size: | 625664 bytes |
MD5 hash: | EA777DEEA782E8B4D7C7C33BBF8A4496 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Start time: | 15:50:18 |
Start date: | 01/12/2021 |
Path: | C:\Windows\System32\wevtutil.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7d9db0000 |
File size: | 236032 bytes |
MD5 hash: | 17C934058CEC0E97D424EBD8413F01E2 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
File Activities
Registry Activities
Start time: | 15:50:34 |
Start date: | 01/12/2021 |
Path: | C:\Program Files\App Dynamic\AirServer\AirServer.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6c5e90000 |
File size: | 17128288 bytes |
MD5 hash: | 071272D03169059BDAE6EBC2F9AA4E95 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Antivirus matches: |
|
File Activities
Disassembly |
---|
Code Analysis |
---|