Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
EasyLogUSB+Installer.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
C:\Config.Msi\3eab18.rbs
|
data
|
modified
|
||
C:\Program Files (x86)\EasyLog USB\CustomControls.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\EL-USB Driver Setup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\EL-USB.inf
|
Windows setup INFormation
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\EasyLog USB.chm
|
MS Windows HtmlHelp Data
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\EasyLog USB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\EasyLogGraph.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\ExportToExcel.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\Sample CO.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\Sample Current.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\Sample Lite.txt
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\Sample RH.txt
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\Sample Temp.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\Sample Voltage.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\WPFToolkit.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\setup.ini
|
Generic INItialization configuration [Driver Version]
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\siusbxp.cat
|
data
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\x64\SiLib.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\x64\SiUSBXp.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\x86\SiLib.sys
|
PE32 executable (native) Intel 80386, for MS Windows
|
dropped
|
||
C:\Program Files (x86)\EasyLog USB\x86\SiUSBXp.sys
|
PE32 executable (native) Intel 80386, for MS Windows
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyLog USB\EasyLog USB.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, Icon number=0, ctime=Sun Dec 31 23:06:32
1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyLog USB\EasyLogGraph.lnk
|
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, Icon number=0, ctime=Sun Dec 31 23:06:32
1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
||
C:\Users\Public\Desktop\EasyLog USB.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu Feb 18 18:11:02
2021, mtime=Thu Aug 29 17:51:54 2024, atime=Thu Feb 18 18:11:02 2021, length=2468864, window=hide
|
dropped
|
||
C:\Users\Public\Desktop\EasyLog USB.lnk~RF3eb3d1.TMP (copy)
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu Feb 18 18:11:02
2021, mtime=Thu Aug 29 17:51:54 2024, atime=Thu Feb 18 18:11:02 2021, length=2468864, window=hide
|
dropped
|
||
C:\Users\Public\Desktop\~asyLog USB.tmp
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu Feb 18 18:11:02
2021, mtime=Thu Aug 29 17:51:54 2024, atime=Thu Feb 18 18:11:02 2021, length=2468864, window=hide
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\DLL_{B4E4EFE5-93D9-435B-BDE9-3525A9689EB9}.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\MSI9656.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\MSI96C5.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\{7F3BB4D9-1954-41B0-8FC6-1687CA4E557E}\0x0409.ini
|
Unicode text, UTF-16, little-endian text, with very long lines (308), with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\{7F3BB4D9-1954-41B0-8FC6-1687CA4E557E}\EasyLog USB.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Number of Characters: 0, Last
Saved By: InstallShield, Number of Words: 0, Title: Installation Database, Comments: Contact: Your local administrator, Keywords:
Installer,MSI,Database, Subject: EasyLog USB, Author: Lascar Electronics Ltd., Security: 1, Number of Pages: 200, Name of
Creating Application: InstallShield 2016 - Professional Edition 23, Last Saved Time/Date: Mon Aug 8 16:29:11 2022, Create
Time/Date: Mon Aug 8 16:29:11 2022, Last Printed: Mon Aug 8 16:29:11 2022, Revision Number: {8C7E2C80-4C6F-4A5C-9FDD-5AA316A9E29A},
Code page: 1252, Template: Intel;1033
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\{7F3BB4D9-1954-41B0-8FC6-1687CA4E557E}\_ISMSIDEL.INI
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\~7FE1.tmp
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\Windows\Installer\MSIAEF0.tmp
|
data
|
dropped
|
||
C:\Windows\Installer\SourceHash{B4E4EFE5-93D9-435B-BDE9-3525A9689EB9}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
C:\Windows\Installer\{B4E4EFE5-93D9-435B-BDE9-3525A9689EB9}\ARPPRODUCTICON.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Windows\Installer\{B4E4EFE5-93D9-435B-BDE9-3525A9689EB9}\EasyLogGraph.exe_3D39C605F6D0484A88F3AD4B82B13993.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Windows\Installer\{B4E4EFE5-93D9-435B-BDE9-3525A9689EB9}\EasyLog_USB.exe_63257A9301FB4EABA085D3C69F470EC4.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
C:\Windows\SysWOW64\SiUSBXp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Windows\Temp\~DF27AAA7E9E10F339B.TMP
|
data
|
dropped
|
||
C:\Windows\Temp\~DF4A57EFF6E7DD5F87.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
C:\Windows\Temp\~DF5D029E8F70E46DD8.TMP
|
data
|
dropped
|
||
C:\Windows\Temp\~DFDAF947B7A71A72C6.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
C:\Windows\Temp\~DFE4AC057D44E4FD3A.TMP
|
data
|
dropped
|
There are 36 hidden files, click here to show them.