IOC Report
SecuriteInfo.com.Trojan.Win32.Crypt.12164.3161.exe

loading gif

Files

File Path
Type
Category
Malicious
SecuriteInfo.com.Trojan.Win32.Crypt.12164.3161.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
C:\Program Files (x86)\ImBatch\ContextMenuEditor.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\DirectXTex.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\Finished.wav (copy)
RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 44100 Hz
dropped
C:\Program Files (x86)\ImBatch\Graphics\Logo1.png (copy)
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
dropped
C:\Program Files (x86)\ImBatch\Graphics\Logo2.png (copy)
PNG image data, 512 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Program Files (x86)\ImBatch\Graphics\is-2JKU1.tmp
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
dropped
C:\Program Files (x86)\ImBatch\Graphics\is-V4CLQ.tmp
PNG image data, 512 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Program Files (x86)\ImBatch\Help\QuickStartGuide.pdf (copy)
PDF document, version 1.4
dropped
C:\Program Files (x86)\ImBatch\Help\is-MOFJV.tmp
PDF document, version 1.4
dropped
C:\Program Files (x86)\ImBatch\ImBatch.exe (copy)
MS-DOS executable PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\ImBatchContextMenuHandler-X64.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\ImBatchContextMenuHandler.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\ImBatchExtra.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\ImBatchFormats.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\ImBatchOpenCV.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\ImageMonitor.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\Languages\Arabic.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Catalan.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Chinese Simplified.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Dutch.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\English.lng (copy)
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Finnish.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\French.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\German.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Greek.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-ar_SA.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-ca_ES.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-de_DE.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-el_GR.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-en_EN.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-es_ES.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-fi_FI.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1683), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-fr_FR.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1711), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-hu_HU.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-it_IT.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1957), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-ja_JP.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-ko_KR.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (951), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-nl_NL.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-pl_PL.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-pt_BR.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1817), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-pt_PT.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1746), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-ru_RU.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1640), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-sv_SE.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1434), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-uk_UA.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (1641), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Help-zh_CN.txt (copy)
Unicode text, UTF-16, little-endian text, with very long lines (778), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Hungarian.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Italian.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Japanese.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Korean.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Polish.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Portuguese, Brazilian.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Portuguese.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Russian.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Spanish.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Swedish.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\Ukrainian.lng (copy)
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-10LAA.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-1LA5H.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-1NJ4I.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-1SDML.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-3CGJC.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-6OJUG.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-86UG0.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-8TL17.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-A29PC.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1434), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-BERO4.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-D71JQ.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-DQFN4.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-EBNQN.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-FRNUI.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-G4B3I.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-GQOH0.tmp
Unicode text, UTF-16, little-endian text, with very long lines (951), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-JDKJP.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1957), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-JO7CT.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-JQ1H3.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-K5AH1.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1641), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-L54GG.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1817), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-L8LUO.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-LQJK9.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-MN1JQ.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-MQNV4.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-OK2MV.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1746), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-OU938.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-OUL1V.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-REBDS.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-RLP02.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-RQ0NU.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-S2CP4.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1683), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-SKI8O.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-TRHK1.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1711), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-TU4SP.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1792), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-U6QK1.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-UF06K.tmp
Unicode text, UTF-16, little-endian text, with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-UM0OK.tmp
Unicode text, UTF-16, little-endian text, with very long lines (778), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-USUHG.tmp
Unicode text, UTF-16, little-endian text, with very long lines (1640), with CR line terminators
dropped
C:\Program Files (x86)\ImBatch\Languages\is-V5P70.tmp
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\License-En.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\Plugins\heif\heif.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\Plugins\heif\is-A1M78.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\Plugins\imagemagick\License.txt (copy)
ASCII text, with very long lines (951)
dropped
C:\Program Files (x86)\ImBatch\Plugins\imagemagick\imagemagick.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\Plugins\imagemagick\is-1E3EV.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\Plugins\imagemagick\is-AS8B9.tmp
ASCII text, with very long lines (951)
dropped
C:\Program Files (x86)\ImBatch\Plugins\is-QE09U.tmp
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\Plugins\jbig\is-9AH33.tmp
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Program Files (x86)\ImBatch\Plugins\jbig\is-C9MDF.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\Plugins\jbig\jbiglib.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Program Files (x86)\ImBatch\Plugins\jbig\license.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\Plugins\plugins.cfg (copy)
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\Plugins\webp\is-HNP1I.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\Plugins\webp\webp.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\ReadMe-En.txt (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (396), with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\ReadMe-Ru.txt (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (487), with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\UserRegisterCMH.cmd (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\UserUnRegisterCMH.cmd (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\ielib32.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-00VUD.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-187E4.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-27TQD.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-3AKKO.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (487), with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\is-3GFF4.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-3GIR2.tmp
RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 44100 Hz
dropped
C:\Program Files (x86)\ImBatch\is-4IE2K.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-7C04I.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-7HQ59.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-8GFDD.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-99KO6.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-9K996.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-9LNGL.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (396), with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\is-AVM6R.tmp
MS-DOS executable PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-C4JUH.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-FBACC.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-FNB5F.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-GR2NP.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-J21TG.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-LD7EM.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-LH3K9.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\is-LHMKI.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-LKQB2.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-NOB8F.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\is-OHCKU.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-Q6F2H.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\is-RHGSN.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\ImBatch\is-UGCE9.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\jpeg62.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\libde265.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\libeay32.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\libheif.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\potrace.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\pspiHost.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\ssleay32.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\tbb.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\unins000.dat
InnoSetup Log ImBatch (32-bit) {5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}, version 0x418, 29679 bytes, 878411\37\user\37, C:\Program Files (x86)\ImBatch\376\377\377
dropped
C:\Program Files (x86)\ImBatch\unins000.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\wPDFView03.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\wp_type1ttf.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\ImBatch\zlib1.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High Motion Software\ImBatch (32-bit)\Context Menu Editor (32-bit).lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Mon Oct 7 21:40:58 2024, mtime=Mon Oct 7 21:40:58 2024, atime=Tue Aug 13 19:28:14 2024, length=10704296, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High Motion Software\ImBatch (32-bit)\ImBatch (32-bit) on the Web.url
MS Windows 95 Internet shortcut text (URL=<https://www.HighMotionSoftware.com/>), ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High Motion Software\ImBatch (32-bit)\ImBatch (32-bit).lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Mon Oct 7 21:40:58 2024, mtime=Mon Oct 7 21:40:59 2024, atime=Tue Aug 13 19:28:18 2024, length=7767944, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High Motion Software\ImBatch (32-bit)\Image Monitor (32-bit).lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Mon Oct 7 21:40:57 2024, mtime=Mon Oct 7 21:40:58 2024, atime=Tue Aug 13 19:28:16 2024, length=9384872, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High Motion Software\ImBatch (32-bit)\Uninstall ImBatch (32-bit).lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Mon Oct 7 21:40:57 2024, mtime=Mon Oct 7 21:40:57 2024, atime=Mon Oct 7 21:40:49 2024, length=3266109, window=hide
dropped
C:\Users\Public\Desktop\ImBatch (32-bit).lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Mon Oct 7 21:40:58 2024, mtime=Mon Oct 7 21:41:02 2024, atime=Tue Aug 13 19:28:18 2024, length=7767944, window=hide
dropped
C:\Users\user\AppData\Local\BolideLog\{DC960FFD-14A7-48B7-83D1-6FA0A6445A05}.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\09BE95FDFECC4CF693589C616F4473D2.tmp
zlib compressed data
dropped
C:\Users\user\AppData\Local\Temp\29B6F2811A824321A0D318C40444292A.tmp
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\506FB78A5B1D4327AABFA9509B223B48.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\80AB26EB77BB4B8BABDF4FE25DCB5392.tmp
zlib compressed data
dropped
C:\Users\user\AppData\Local\Temp\ADF24A5EC39A4B00BD85BE8387D107CF.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\DD3E20BFA9834B29BA4A9E55DF873DA8.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\ICACHE-3D1EF046.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\ILIST-3B0E580D.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\is-1DOA7.tmp\SecuriteInfo.com.Trojan.Win32.Crypt.12164.3161.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-AUHB1.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames01.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:44:41], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames02.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:44:58], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames03.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:45:12], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames04.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:45:26], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames05.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:45:39], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames06.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:45:51], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames07.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:46:06], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames08.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:46:18], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames09.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:46:32], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames10.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:46:49], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames11.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:47:10], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames12.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:47:34], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames13.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:47:49], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames14.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:48:02], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames15.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:48:14], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames20.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:07:17], baseline, precision 8, 512x512, components 1
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames21.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:18:32], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames22.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:18:45], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames23.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:28:44], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames24.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:34:33], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames25.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:42:07], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames26.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:25 09:57:46], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames27.jpg (copy)
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Comment", baseline, precision 8, 600x800, components 1
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames28.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:25 10:05:53], baseline, precision 8, 512x512, components 1
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames29.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:25 10:08:06], baseline, precision 8, 512x512, components 1
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\Frames30.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:25 10:09:19], baseline, precision 8, 512x512, components 1
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-18VQ3.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:45:12], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-5CC1Q.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:46:32], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-5DIFJ.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:45:39], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-6NSM5.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:28:44], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-9IMPU.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:44:58], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-AHR28.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:46:49], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-B6LQI.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:46:18], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-C7T6I.tmp
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Comment", baseline, precision 8, 600x800, components 1
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-CEO54.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:45:26], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-D8N19.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:47:34], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-DQK5E.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:42:07], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-FD145.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:45:51], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-FUDHN.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:47:10], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-GK2D5.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:18:45], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-GOHAG.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:25 10:05:53], baseline, precision 8, 512x512, components 1
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-HTMTG.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:34:33], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-ICMF0.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:07:17], baseline, precision 8, 512x512, components 1
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-ID9C6.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:46:06], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-IJPLF.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:48:14], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-J2D8J.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:25 10:09:19], baseline, precision 8, 512x512, components 1
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-OF8AU.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:44:41], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-RHFDF.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:25 10:08:06], baseline, precision 8, 512x512, components 1
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-RL2G0.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:48:02], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-TBR60.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 18:18:32], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-ULGTE.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:25 09:57:46], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\Frames\is-UVFQC.tmp
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2011:07:24 14:47:49], baseline, precision 8, 512x512, components 3
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\commands.cfg
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\is-6654O.tmp
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\High Motion Software\ImBatch\options.dat (copy)
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 21:41:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 21:41:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 21:41:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 21:41:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 21:41:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 230
ASCII text
downloaded
Chrome Cache Entry: 231
GIF image data, version 89a, 1000 x 46
dropped
Chrome Cache Entry: 232
PNG image data, 13 x 39, 8-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 233
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 234
GIF image data, version 89a, 1200 x 130
downloaded
Chrome Cache Entry: 235
PNG image data, 20 x 110, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 236
ASCII text
dropped
Chrome Cache Entry: 237
ASCII text, with very long lines (7809)
downloaded
Chrome Cache Entry: 238
ASCII text
dropped
Chrome Cache Entry: 239
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3
dropped
Chrome Cache Entry: 240
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 526x395, components 3
dropped
Chrome Cache Entry: 241
ASCII text
dropped
Chrome Cache Entry: 242
ASCII text
dropped
Chrome Cache Entry: 243
ASCII text, with very long lines (6040)
downloaded
Chrome Cache Entry: 244
ASCII text
downloaded
Chrome Cache Entry: 245
PNG image data, 20 x 110, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 246
PNG image data, 18 x 12, 2-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 247
ASCII text, with very long lines (45534)
downloaded
Chrome Cache Entry: 248
PNG image data, 13 x 39, 8-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 249
ASCII text, with very long lines (45534)
dropped
Chrome Cache Entry: 250
PNG image data, 24 x 12, 4-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 251
GIF image data, version 89a, 150 x 130
downloaded
Chrome Cache Entry: 252
ASCII text
dropped
Chrome Cache Entry: 253
ASCII text, with very long lines (19948), with no line terminators
dropped
Chrome Cache Entry: 254
GIF image data, version 89a, 1000 x 150
downloaded
Chrome Cache Entry: 255
C source, ASCII text, with very long lines (10048)
downloaded
Chrome Cache Entry: 256
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3
downloaded
Chrome Cache Entry: 257
ASCII text, with very long lines (7809)
dropped
Chrome Cache Entry: 258
ASCII text
dropped
Chrome Cache Entry: 259
GIF image data, version 89a, 150 x 46
downloaded
Chrome Cache Entry: 260
ASCII text
downloaded
Chrome Cache Entry: 261
ASCII text, with very long lines (1140)
downloaded
Chrome Cache Entry: 262
ASCII text
downloaded
Chrome Cache Entry: 263
GIF image data, version 89a, 1000 x 46
downloaded
Chrome Cache Entry: 264
assembler source, ASCII text, with very long lines (409)
downloaded
Chrome Cache Entry: 265
ASCII text, with very long lines (327)
downloaded
Chrome Cache Entry: 266
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
dropped
Chrome Cache Entry: 267
ASCII text
downloaded
Chrome Cache Entry: 268
ASCII text
downloaded
Chrome Cache Entry: 269
ASCII text, with very long lines (6040)
dropped
Chrome Cache Entry: 270
ASCII text, with very long lines (20634)
dropped
Chrome Cache Entry: 271
GIF image data, version 89a, 1000 x 150
downloaded
Chrome Cache Entry: 272
ASCII text
downloaded
Chrome Cache Entry: 273
ASCII text
downloaded
Chrome Cache Entry: 274
ASCII text, with very long lines (4279)
downloaded
Chrome Cache Entry: 275
ASCII text
downloaded
Chrome Cache Entry: 276
ASCII text, with very long lines (820)
dropped
Chrome Cache Entry: 277
ASCII text
downloaded
Chrome Cache Entry: 278
PNG image data, 24 x 12, 4-bit colormap, non-interlaced
downloaded
Chrome Cache Entry: 279
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 526x395, components 3
downloaded
Chrome Cache Entry: 280
ASCII text, with very long lines (327)
dropped
Chrome Cache Entry: 281
C source, ASCII text, with very long lines (10048)
dropped
Chrome Cache Entry: 282
ASCII text
dropped
Chrome Cache Entry: 283
GIF image data, version 89a, 150 x 130
dropped
Chrome Cache Entry: 284
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
dropped
Chrome Cache Entry: 285
ASCII text
downloaded
Chrome Cache Entry: 286
ASCII text
downloaded
Chrome Cache Entry: 287
ASCII text, with very long lines (1984)
dropped
Chrome Cache Entry: 288
ASCII text, with very long lines (22304)
dropped
Chrome Cache Entry: 289
ASCII text, with very long lines (820)
downloaded
Chrome Cache Entry: 290
GIF image data, version 89a, 1000 x 150
dropped
Chrome Cache Entry: 291
ASCII text
downloaded
Chrome Cache Entry: 292
ASCII text
downloaded
Chrome Cache Entry: 293
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
downloaded
Chrome Cache Entry: 294
ASCII text, with very long lines (19948), with no line terminators
downloaded
Chrome Cache Entry: 295
ASCII text
downloaded
Chrome Cache Entry: 296
ASCII text, with very long lines (1305)
downloaded
Chrome Cache Entry: 297
ASCII text, with very long lines (22304)
downloaded
Chrome Cache Entry: 298
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
downloaded
Chrome Cache Entry: 299
ASCII text, with very long lines (20634)
downloaded
Chrome Cache Entry: 300
GIF image data, version 89a, 290 x 39
downloaded
Chrome Cache Entry: 301
troff or preprocessor input, ASCII text
downloaded
Chrome Cache Entry: 302
ASCII text, with very long lines (1984)
downloaded
Chrome Cache Entry: 303
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
downloaded
Chrome Cache Entry: 304
ASCII text
downloaded
Chrome Cache Entry: 305
ASCII text, with very long lines (1140)
dropped
Chrome Cache Entry: 306
ASCII text, with very long lines (1305)
dropped
Chrome Cache Entry: 307
GIF image data, version 89a, 290 x 39
dropped
Chrome Cache Entry: 308
GIF image data, version 89a, 1000 x 150
dropped
Chrome Cache Entry: 309
ASCII text
downloaded
Chrome Cache Entry: 310
GIF image data, version 89a, 150 x 46
dropped
Chrome Cache Entry: 311
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 312
HTML document, Non-ISO extended-ASCII text, with very long lines (7298)
downloaded
Chrome Cache Entry: 313
GIF image data, version 89a, 1200 x 130
dropped
Chrome Cache Entry: 314
ASCII text
downloaded
Chrome Cache Entry: 315
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
downloaded
Chrome Cache Entry: 316
PNG image data, 18 x 12, 2-bit colormap, non-interlaced
dropped
Chrome Cache Entry: 317
ASCII text
downloaded
There are 314 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Win32.Crypt.12164.3161.exe
"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Win32.Crypt.12164.3161.exe"
C:\Users\user\AppData\Local\Temp\is-1DOA7.tmp\SecuriteInfo.com.Trojan.Win32.Crypt.12164.3161.tmp
"C:\Users\user\AppData\Local\Temp\is-1DOA7.tmp\SecuriteInfo.com.Trojan.Win32.Crypt.12164.3161.tmp" /SL5="$1040C,24100606,908800,C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Win32.Crypt.12164.3161.exe"
C:\Program Files (x86)\ImBatch\ImBatch.exe
"C:\Program Files (x86)\ImBatch\ImBatch.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.highmotionsoftware.com/products/imbatch/thankyou
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2464 --field-trial-handle=2436,i,14634067751005810082,15773404869222309641,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

URLs

Name
IP
Malicious
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
unknown
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
104.16.79.73
https://icons8.ru/
unknown
https://www.highmotionsoftware.com/sites/all/modules/languageicons/flags/ru.png
104.21.11.4
http://www.imagemagick.org=h#
unknown
http://www.libpng.org/pub/mng/
unknown
https://www.highmotionsoftware.com/products/imbatch/thankyouP
unknown
https://www.highmotionsoftware.com/products/imbatch/thankyouW
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/O0Uz2Q0jyKe.css
157.240.251.9
https://www.highmotionsoftware.com/sites/all/themes/freshmade/img/content-wrapper.gif
104.21.11.4
http://www.wvware.com/libwmf:
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/PNStWZQ9T-1.js
157.240.251.9
http://www.indyproject.org/
unknown
https://www.HighMotionSoftware.com/
unknown
https://www.HighMotionSoftware.com/)
unknown
https://www.highmotionsoftware.com/download-center/imbatch
unknown
https://www.highmotionsoftware.com/sites/all/modules/languageicons/flags/en.png
104.21.11.4
https://www.highmotionsoftware.com/modules/system/system.theme.css?s7978o
104.21.11.4
https://www.HighMotionSoftware.com)
unknown
https://www.highmotionsoftware.com/modules/system/system.menus.css?s7978o
104.21.11.4
https://www.highmotionsoftware.com/upd/imbatch/versionpp
unknown
https://www.bolidesoft.com/a/banner/check.php?pid=110&b=762&l=0&f=n&ab=%3CClick%20to%20set%20your%20name%20here%3E&c=91DA9E9C&cid={DC960FFD-14A7-48B7-83D1-6FA0A6445A05}&rc=1&nocache=148
104.193.111.117
http://www.wvware.com/
unknown
https://img.youtube.com/vi/m4a7nHpFuzw/0.jpg
142.250.186.78
https://www.highmotionsoftware.com/products/imbatch/thankyou$
unknown
https://www.highmotionsoftware.com/sites/all/libraries/superfish/images/arrows-ffffff.png
104.21.11.4
https://www.remobjects.com/ps
unknown
https://www.innosetup.com/
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js
157.240.251.9
https://www.highmotionsoftware.com/upd/imbatch/versionR
unknown
https://www.highmotionsoftware.com/upd/imbatch/urlU
unknown
https://www.highmotionsoftware.com/products/imbatch/thankyou3
unknown
https://www.highmotionsoftware.com/products/imbatch/thankyou5
unknown
http://headhtml%.20s%ddefault%d%.20s
unknown
https://www.HighMotionSoftware.com/Fhttps://www.HighMotionSoftware.com/Fhttps://www.HighMotionSoftwa
unknown
http://www.highmotionsoftware.com/products/imbatch)
unknown
http://umich.edu/~shameem)
unknown
https://www.highmotionsoftware.com/upd/imbatch/versiona
unknown
http://www.wvware.com/c:
unknown
http://www.cl.cam.ac.uk/~mgk25/
unknown
http://www.imagemagick.orgindex.htmlQ16ImageMagick
unknown
https://www.highmotionsoftware.com/cdn-cgi/rum?
104.21.11.4
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
unknown
http://medical.nema.org/.
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
157.240.251.9
https://www.highmotionsoftware.com/sites/default/files/favicon.ico
104.21.11.4
https://www.highmotionsoftware.com/imb_order.php?LangID=
unknown
https://www.highmotionsoftware.com/modules/locale/locale.css?s7978o
104.21.11.4
https://www.highmotionsoftware.com/sites/all/modules/ctools/css/ctools.css?s7978o
104.21.11.4
https://www.highmotionsoftware.com/misc/jquery-html-prefilter-3.5.0-backport.js?v=1.4.4
104.21.11.4
https://www.highmotionsoftware.com/misc/jquery.once.js?v=1.2
104.21.11.4
https://stats.g.doubleclick.net/j/collect?
unknown
https://www.bolidesoft.com/bc/put.php?v=1&pid=110&w=cd&cid=
unknown
https://www.highmotionsoftware.com/products/imbatch/thankyoues
unknown
https://www.highmotionsoftware.com/upd/imbatch/url
172.67.164.223
https://static.xx.fbcdn.net/rsrc.php/v3issO4/yc/l/en_US/YYUppJnv9Es.js
157.240.251.9
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/u5OMVLVnVwH.js
157.240.251.9
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/Vvet8_5H-wT.js
157.240.251.9
https://www.bolidesoft.com/a/banner/check.php?pid=110&b=762&l=0&f=n&ab=%3CClick%20to%20set%20your%20
unknown
https://www.bolidesoft.com:443/bc/put.php?v=1&pid=110&w=cd&cid={DC960FFD-14A7-48B7-83D1-6FA0A6445A05}&h=1a5f27020f5d05939025c0cc7616f480
104.193.111.117
https://imagemagick.org/script/download.php#windowsopen
unknown
http://www.imagemagick.org
unknown
https://www.highmotionsoftware.com/lucent
unknown
https://www.highmotionsoftware.com/sites/all/themes/freshmade/style.css?s7978o
104.21.11.4
https://www.bolidesoft.com/bc/put.php?v=1&pid=
unknown
https://www.highmotionsoftware.com/
unknown
https://www.highmotionsoftware.com/sites/all/libraries/superfish/style/coffee.css?s7978o
104.21.11.4
https://www.highmotionsoftware.com/sites/all/themes/freshmade/img/footer-wrapper.gif
104.21.11.4
https://www.bolidesoft.com/
unknown
ftp://swrinde.nde.swri.edu/pub/mng/documents/.See
unknown
https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
unknown
https://crowdin.com/project/imbatchU
unknown
https://www.highmotionsoftware.com/sites/all/libraries/superfish/superfish.js?s7978o
104.21.11.4
https://www.highmotionsoftware.com/modules/system/system.base.css?s7978o
104.21.11.4
http://www.eurekalog.com/help/eurekalog/internal_errors.phpEurekaLog
unknown
https://www.HighMotionSoftware.com/$not
unknown
https://www.google.%/ads/ga-audiences?
unknown
https://www.highmotionsoftware.com/upd/imbatch/version
172.67.164.223
https://www.highmotionsoftware.com/products/imbatch/thankyougx
unknown
https://www.highmotionsoftware.com/sites/all/themes/freshmade/img/navigation-wrapper-2.gif
104.21.11.4
https://www.google.com/analytics/web/inpage/pub/inpage.js?
unknown
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FImBatch&width=550&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=254901247880888
157.240.251.35
https://www.highmotionsoftware.com/modules/user/user.css?s7978o
104.21.11.4
https://www.highmotionsoftware.com/modules/system/system.messages.css?s7978o
104.21.11.4
https://www.bolidesoft.com/a/activate/activate.php?pid=110&kid=112&hw=
unknown
https://www.facebook.com/ajax/bz?__a=1&__ccg=GOOD&__dyn=7wKxa13wt8K2Wmh0Sw8W5U4e0yoW1DwfG1-wd-4o3Bw5VCwjE3awbG0MU2aw7Bx61vw5zw78w5Uw64w8W1uwc-0pa0h-0Lo6-0uS0ue0QU&__hs=20003.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7423167547787923565&__req=1&__rev=1017120959&__s=%3A%3Akwak1i&__sp=1&__user=0&dpr=1&jazoest=21864&lsd=zEMCM_Ae440ReJt2zgxGVr
157.240.253.35
https://www.highmotionsoftware.com/sites/all/libraries/superfish/css/superfish.css?s7978o
104.21.11.4
https://www.highmotionsoftware.com/help/imbatch/filter_taskU
unknown
http://www.HighMotionSoftware.com/
unknown
https://www.highmotionsoftware.com/modules/field/theme/field.css?s7978o
104.21.11.4
https://www.highmotionsoftware.com/products/imbatch/thankyouC:
unknown
https://img.youtube.com/vi/gMkjyUNksR4/0.jpg
142.250.186.78
http://www.smtpe.org
unknown
https://scontent-msp1-1.xx.fbcdn.net/v/t39.30808-1/305658665_411128564497493_3948090867100769521_n.jpg?stp=cp0_dst-jpg_s50x50&_nc_cat=110&ccb=1-7&_nc_sid=6738e8&_nc_ohc=ILFttH4rPpYQ7kNvgEXQC67&_nc_ht=scontent-msp1-1.xx&edm=AEDRbFQEAAAA&_nc_gid=A4syIzp1y9Bx-a7cihdwta0&oh=00_AYA9WCkZOMo01cK7VhGgG8y9efecxW6MGJWI6xwYX39svg&oe=670A2166
157.240.26.27
https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0
unknown
https://www.highmotionsoftware.com/products/imbatch/uninstall
unknown
http://www.imagemagick.org/www/Notice.html.
unknown
https://www.highmotionsoftware.com/ru/products/imbatch/thankyou
unknown
http://www.aiim.org/pdfa/ns/id/
unknown
https://www.highmotionsoftware.com/sites/all/libraries/superfish/supersubs.js?s7978o
104.21.11.4
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
img.youtube.com
unknown
 malicious
www.facebook.com
unknown
 malicious
www.bolidesoft.com
unknown
 malicious
badges.crowdin.net
unknown
 malicious
static.xx.fbcdn.net
unknown
 malicious
bolidesoft.com
104.193.111.117
star-mini.c10r.facebook.com
157.240.251.35
scontent.xx.fbcdn.net
157.240.251.9
static.cloudflareinsights.com
104.16.79.73
d322cqt584bo4o.cloudfront.net
13.32.27.32
www.google.com
142.250.186.68
www.highmotionsoftware.com
104.21.11.4
scontent-msp1-1.xx.fbcdn.net
157.240.26.27
ytimg.l.google.com
142.250.186.78
There are 4 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
142.250.186.68
www.google.com
United States
13.32.27.32
d322cqt584bo4o.cloudfront.net
United States
192.168.2.8
unknown
unknown
192.168.2.9
unknown
unknown
192.168.2.6
unknown
unknown
192.168.2.5
unknown
unknown
104.193.111.117
bolidesoft.com
United States
157.240.26.27
scontent-msp1-1.xx.fbcdn.net
United States
104.16.79.73
static.cloudflareinsights.com
United States
172.67.164.223
unknown
United States
104.21.11.4
www.highmotionsoftware.com
United States
142.250.186.78
ytimg.l.google.com
United States
216.58.206.46
unknown
United States
157.240.251.9
scontent.xx.fbcdn.net
United States
239.255.255.250
unknown
Reserved
157.240.253.35
unknown
United States
157.240.251.35
star-mini.c10r.facebook.com
United States
There are 7 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bsv
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImBatchSavedTasks
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImBatchSavedTasks\DefaultIcon
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImBatchSavedTasks\shell\open\command
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
Inno Setup: Setup Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
Inno Setup: App Path
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
Inno Setup: Icon Group
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
Inno Setup: User
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
Inno Setup: Language
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
DisplayIcon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
QuietUninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
URLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
URLUpdateInfo
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
NoRepair
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
MajorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
MinorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1
EstimatedSize
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Multimedia\DrawDib
1280x1024x32(BGR 0)
HKEY_CURRENT_USER\SOFTWARE\High Motion Software\ImBatch
LanguageFolder
There are 25 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
3FE1000
heap
page read and write
7B10000
heap
page read and write
F640000
heap
page read and write
7D4000
heap
page read and write
3B71000
heap
page read and write
7D0000
heap
page read and write
5890000
unkown
page readonly
1F5E000
unkown
page readonly
2314000
direct allocation
page read and write
7D4000
heap
page read and write
145F3000
direct allocation
page read and write
7D4000
heap
page read and write
2713000
heap
page read and write
F25F000
direct allocation
page read and write
48A0000
direct allocation
page read and write
7D4000
heap
page read and write
9CD000
heap
page read and write
4240000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
1451000
unkown
page readonly
3FE1000
heap
page read and write
102FE000
unkown
page readonly
6D429000
unkown
page readonly
29A9000
direct allocation
page read and write
3FE1000
heap
page read and write
9B7000
heap
page read and write
7D4000
heap
page read and write
7BE4000
heap
page read and write
1D45000
unkown
page readonly
151FE000
heap
page read and write
3FE1000
heap
page read and write
F27C000
direct allocation
page read and write
7D4000
heap
page read and write
2D10000
trusted library allocation
page read and write
2497000
direct allocation
page read and write
5560000
direct allocation
page read and write
96A000
heap
page read and write
5BEF000
stack
page read and write
7D4000
heap
page read and write
F16E000
direct allocation
page read and write
397C000
stack
page read and write
1460D000
direct allocation
page read and write
7D4000
heap
page read and write
4B20000
direct allocation
page read and write
95D000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
F79E000
stack
page read and write
6D301000
unkown
page execute read
14674000
direct allocation
page read and write
6D0000
unkown
page read and write
6E6A2000
unkown
page readonly
5161000
direct allocation
page read and write
15D4000
unkown
page readonly
51BE000
direct allocation
page read and write
3FE1000
heap
page read and write
19BC000
unkown
page readonly
1296000
unkown
page read and write
7D4000
heap
page read and write
1464B000
direct allocation
page read and write
55D4000
direct allocation
page read and write
4000000
heap
page read and write
648000
heap
page read and write
10AE000
unkown
page execute read
146C0000
direct allocation
page read and write
7D4000
heap
page read and write
22FF000
direct allocation
page read and write
7B3B000
heap
page read and write
26B1000
direct allocation
page read and write
20F8000
unkown
page execute and write copy
3FE1000
heap
page read and write
3FE1000
heap
page read and write
3FF0000
heap
page read and write
4FA000
unkown
page execute and read and write
436000
unkown
page execute read
7D4000
heap
page read and write
7D4000
heap
page read and write
12C4000
unkown
page readonly
7D4000
heap
page read and write
3FE1000
heap
page read and write
EE31000
unkown
page execute read
7D4000
heap
page read and write
730000
heap
page read and write
7D4000
heap
page read and write
6C662000
unkown
page readonly
1C5A000
unkown
page readonly
7D4000
heap
page read and write
1995000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
950000
heap
page read and write
51DF000
direct allocation
page read and write
269A000
direct allocation
page read and write
1865000
unkown
page readonly
7D4000
heap
page read and write
1A84000
unkown
page readonly
2420000
direct allocation
page read and write
512E000
direct allocation
page read and write
F0AD000
unkown
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
5580000
direct allocation
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
6C5F0000
unkown
page readonly
7D4000
heap
page read and write
6EB18000
unkown
page readonly
94E000
heap
page read and write
14D78000
direct allocation
page read and write
6D4CF000
unkown
page readonly
F201000
direct allocation
page read and write
6C696000
unkown
page readonly
10354000
unkown
page write copy
170E000
unkown
page readonly
3FE1000
heap
page read and write
756C000
stack
page read and write
3FE1000
heap
page read and write
103BC000
unkown
page read and write
DF0000
direct allocation
page read and write
40E000
unkown
page execute and read and write
3D95000
heap
page read and write
7D4000
heap
page read and write
12B5000
unkown
page read and write
1619000
unkown
page readonly
3FE1000
heap
page read and write
3FE1000
heap
page read and write
6C970000
unkown
page readonly
DF0000
direct allocation
page read and write
196A000
unkown
page readonly
589F000
unkown
page read and write
6C652000
unkown
page readonly
191D000
unkown
page readonly
18F1000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
3FE1000
heap
page read and write
7C0000
heap
page read and write
3FE1000
heap
page read and write
262C000
direct allocation
page read and write
7BDA000
heap
page read and write
2BB0000
heap
page read and write
49E0000
direct allocation
page read and write
239C000
heap
page read and write
971000
heap
page read and write
7D4000
heap
page read and write
50CA000
direct allocation
page read and write
F1C9000
direct allocation
page read and write
7D4000
heap
page read and write
F1BB000
direct allocation
page read and write
19E4000
unkown
page readonly
9B0000
heap
page read and write
178D000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
23FB000
heap
page read and write
20E2000
unkown
page readonly
FB9E000
stack
page read and write
184E000
unkown
page readonly
7D4000
heap
page read and write
3FE1000
heap
page read and write
F0C8000
unkown
page read and write
517C000
direct allocation
page read and write
E00000
heap
page read and write
23BE000
heap
page read and write
411D000
stack
page read and write
179F000
unkown
page readonly
23D8000
heap
page read and write
3FE1000
heap
page read and write
10001000
unkown
page execute read
4260000
direct allocation
page read and write
7D4000
heap
page read and write
6D4B1000
unkown
page readonly
F186000
direct allocation
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
4F0000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
FF7E000
stack
page read and write
3AF0000
heap
page read and write
9A9000
heap
page read and write
968000
heap
page read and write
3FE1000
heap
page read and write
96F000
heap
page read and write
7D4000
heap
page read and write
3B71000
heap
page read and write
2200000
direct allocation
page read and write
40F000
unkown
page execute read
3FE1000
heap
page read and write
6D3D1000
unkown
page execute read
77E000
stack
page read and write
952000
heap
page read and write
3FE1000
heap
page read and write
96E000
heap
page read and write
1DFC000
unkown
page readonly
7D4000
heap
page read and write
6C9FF000
unkown
page readonly
22DA000
direct allocation
page read and write
10393000
unkown
page write copy
F0B5000
unkown
page write copy
900000
heap
page read and write
6D446000
unkown
page readonly
7D4000
heap
page read and write
182B000
unkown
page readonly
9C8000
heap
page read and write
1EB7000
unkown
page readonly
18C7000
unkown
page readonly
6C5C1000
unkown
page execute read
14666000
direct allocation
page read and write
6C6000
unkown
page read and write
3FE1000
heap
page read and write
145C8000
direct allocation
page read and write
21E4000
heap
page read and write
7D4000
heap
page read and write
6DD000
unkown
page readonly
3D63000
direct allocation
page read and write
1BE5000
unkown
page readonly
198F000
unkown
page readonly
9B9000
heap
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
3FE8000
heap
page read and write
3FE1000
heap
page read and write
6D4CA000
unkown
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
26AA000
direct allocation
page read and write
7D4000
heap
page read and write
960000
heap
page read and write
1644000
unkown
page readonly
3FE1000
heap
page read and write
7D4000
heap
page read and write
639000
unkown
page execute and read and write
7D4000
heap
page read and write
17D5000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
1484000
unkown
page readonly
6D39A000
unkown
page readonly
26B8000
direct allocation
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
F0CF000
unkown
page read and write
7D4000
heap
page read and write
51F3000
direct allocation
page read and write
1699000
unkown
page readonly
6D442000
unkown
page read and write
6CA23000
unkown
page read and write
3FE1000
heap
page read and write
145E7000
direct allocation
page read and write
12BE000
unkown
page read and write
407000
unkown
page execute and read and write
E05000
heap
page read and write
F225000
direct allocation
page read and write
7D4000
heap
page read and write
10394000
unkown
page read and write
15E3000
unkown
page readonly
76CE000
stack
page read and write
7D4000
heap
page read and write
6C6A3000
unkown
page read and write
7B19000
heap
page read and write
14DDC000
direct allocation
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
3FE1000
heap
page read and write
50CF000
direct allocation
page read and write
7D4000
heap
page read and write
4DA0000
direct allocation
page read and write
7D4000
heap
page read and write
3FE0000
heap
page read and write
12130000
remote allocation
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7BC8000
heap
page read and write
408000
unkown
page execute read
4F88000
direct allocation
page read and write
F160000
direct allocation
page read and write
14E1A000
direct allocation
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
1DBB000
unkown
page readonly
7D4000
heap
page read and write
2408000
heap
page read and write
6D4CC000
unkown
page read and write
1FB2000
unkown
page readonly
4260000
direct allocation
page read and write
962000
heap
page read and write
1784000
unkown
page readonly
1792000
unkown
page readonly
3FE1000
heap
page read and write
7D4000
heap
page read and write
4B7000
unkown
page read and write
7D4000
heap
page read and write
2661000
direct allocation
page read and write
9AC000
heap
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
1A5D000
unkown
page readonly
7D4000
heap
page read and write
6EB01000
unkown
page execute read
3FE1000
heap
page read and write
4FB000
unkown
page execute read
2668000
direct allocation
page read and write
640000
heap
page read and write
268C000
direct allocation
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
14E9000
unkown
page readonly
7FB30000
direct allocation
page read and write
6E670000
unkown
page readonly
5BF0000
heap
page read and write
F112000
unkown
page write copy
264B000
direct allocation
page read and write
F0B0000
unkown
page write copy
3FE1000
heap
page read and write
7D4000
heap
page read and write
145C0000
direct allocation
page read and write
1F60000
unkown
page readonly
7D4000
heap
page read and write
75C0000
heap
page read and write
250F000
stack
page read and write
3510000
direct allocation
page read and write
7D4000
heap
page read and write
10237000
unkown
page readonly
EC69000
direct allocation
page read and write
4230000
direct allocation
page execute and read and write
7D4000
heap
page read and write
2338000
direct allocation
page read and write
23DC000
heap
page read and write
1461000
unkown
page readonly
7D4000
heap
page read and write
7BE000
stack
page read and write
5FBF000
stack
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
364C000
stack
page read and write
7D4000
heap
page read and write
F20F000
direct allocation
page read and write
1E42000
unkown
page readonly
60AE000
direct allocation
page read and write
2659000
direct allocation
page read and write
704000
unkown
page execute read
1620000
unkown
page readonly
4EE0000
direct allocation
page read and write
7D4000
heap
page read and write
6C971000
unkown
page execute read
2652000
direct allocation
page read and write
3FE1000
heap
page read and write
51CF000
direct allocation
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
4270000
direct allocation
page read and write
7D4000
heap
page read and write
58A2000
unkown
page read and write
14E06000
direct allocation
page read and write
26C0000
direct allocation
page read and write
3FE1000
heap
page read and write
6F3000
unkown
page readonly
7D4000
heap
page read and write
F208000
direct allocation
page read and write
2685000
direct allocation
page read and write
47A3000
heap
page read and write
7D4000
heap
page read and write
14D75000
direct allocation
page read and write
103C5000
unkown
page readonly
7D4000
heap
page read and write
1B70000
unkown
page readonly
2580000
direct allocation
page read and write
7C9E000
stack
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
1624000
unkown
page readonly
3FE1000
heap
page read and write
1A34000
unkown
page readonly
3FE1000
heap
page read and write
FCC0000
heap
page read and write
F22C000
direct allocation
page read and write
2331000
direct allocation
page read and write
7D4000
heap
page read and write
F176000
direct allocation
page read and write
7D4000
heap
page read and write
3D10000
heap
page read and write
4270000
direct allocation
page read and write
1675000
unkown
page readonly
3FE1000
heap
page read and write
162D000
unkown
page readonly
14DEB000
direct allocation
page read and write
521F000
direct allocation
page read and write
14D8A000
direct allocation
page read and write
4DD4000
direct allocation
page read and write
8BE000
stack
page read and write
6D443000
unkown
page write copy
64D000
unkown
page execute read
3FE1000
heap
page read and write
962000
heap
page read and write
910000
heap
page read and write
7D4000
heap
page read and write
22F8000
direct allocation
page read and write
23E5000
heap
page read and write
7D4000
heap
page read and write
14D58000
direct allocation
page read and write
6CA2A000
unkown
page readonly
10319000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
14D67000
direct allocation
page read and write
1E90000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
DEF000
stack
page read and write
6CD000
unkown
page read and write
1F8D000
unkown
page readonly
7D4000
heap
page read and write
6EB00000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
14B0000
unkown
page readonly
9C5000
heap
page read and write
12F6000
unkown
page readonly
1CF7000
unkown
page readonly
400000
unkown
page readonly
234C000
heap
page read and write
1264000
unkown
page read and write
2110000
heap
page read and write
411000
unkown
page execute read
7D4000
heap
page read and write
7D4000
heap
page read and write
963000
heap
page read and write
9B3000
heap
page read and write
6C8000
unkown
page read and write
401000
unkown
page execute read
23E8000
heap
page read and write
4DC4000
direct allocation
page read and write
7D4000
heap
page read and write
4C2000
unkown
page write copy
12B9000
unkown
page execute and read and write
7D4000
heap
page read and write
7B8C000
heap
page read and write
5AA000
unkown
page execute read
22C0000
direct allocation
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
3FE1000
heap
page read and write
12BE000
unkown
page write copy
1025B000
unkown
page readonly
59C0000
heap
page read and write
237B000
heap
page read and write
10268000
unkown
page readonly
14E00000
direct allocation
page read and write
3BF0000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
6D3BB000
unkown
page write copy
7D4000
heap
page read and write
918000
heap
page read and write
6DF000
unkown
page readonly
7D4000
heap
page read and write
1CD0000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
26A1000
direct allocation
page read and write
77E000
stack
page read and write
968000
heap
page read and write
9C6000
heap
page read and write
231C000
direct allocation
page read and write
7D4000
heap
page read and write
EB20000
heap
page read and write
6D450000
unkown
page readonly
F11B000
unkown
page readonly
230D000
direct allocation
page read and write
13DAF000
stack
page read and write
1C81000
unkown
page readonly
F11A000
unkown
page read and write
51EE000
direct allocation
page read and write
7D4000
heap
page read and write
215E000
stack
page read and write
7D4000
heap
page read and write
55A000
unkown
page execute read
238F000
heap
page read and write
F113000
unkown
page read and write
F258000
direct allocation
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
4C6000
unkown
page readonly
7D4000
heap
page read and write
55A7000
direct allocation
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
12C3000
unkown
page write copy
3FE1000
heap
page read and write
6C5DA000
unkown
page readonly
7D4000
heap
page read and write
1734000
unkown
page readonly
7D4000
heap
page read and write
F298000
direct allocation
page read and write
7D4000
heap
page read and write
77CE000
stack
page read and write
3D2A000
direct allocation
page read and write
F153000
unkown
page readonly
F234000
direct allocation
page read and write
600000
heap
page read and write
2310000
heap
page read and write
14D60000
direct allocation
page read and write
7D4000
heap
page read and write
23DE000
heap
page read and write
7D4000
heap
page read and write
58EE000
stack
page read and write
7BB1000
heap
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
166A000
unkown
page readonly
F110000
unkown
page read and write
7D4000
heap
page read and write
146F1000
direct allocation
page read and write
421E000
stack
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
10AC000
unkown
page execute and read and write
3FE1000
heap
page read and write
2318000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
354E000
stack
page read and write
2160000
heap
page read and write
6C672000
unkown
page readonly
1C34000
unkown
page readonly
63A000
unkown
page execute read
7D4000
heap
page read and write
151F000
unkown
page readonly
2180000
direct allocation
page execute read
3FE1000
heap
page read and write
1266000
unkown
page read and write
21E0000
heap
page read and write
14660000
direct allocation
page read and write
3D59000
direct allocation
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
435000
unkown
page execute and read and write
401000
unkown
page execute read
F266000
direct allocation
page read and write
2382000
heap
page read and write
EA6C000
stack
page read and write
F0B1000
unkown
page read and write
14E10000
direct allocation
page read and write
1AD3000
unkown
page readonly
5D0000
heap
page read and write
18CF000
unkown
page readonly
7D4000
heap
page read and write
41C000
unkown
page execute and read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
267D000
direct allocation
page read and write
6E6EA000
unkown
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
23C4000
heap
page read and write
3FE1000
heap
page read and write
401000
unkown
page execute read
7D4000
heap
page read and write
1462A000
direct allocation
page read and write
9B000
stack
page read and write
1035A000
unkown
page write copy
90000
stack
page read and write
7B6E000
heap
page read and write
F283000
direct allocation
page read and write
59EF000
stack
page read and write
7D4000
heap
page read and write
6D8000
unkown
page write copy
F162000
direct allocation
page read and write
145D8000
direct allocation
page read and write
14D4A000
direct allocation
page read and write
6D3BD000
unkown
page read and write
7D4000
heap
page read and write
2324000
heap
page read and write
3FE1000
heap
page read and write
7FE15000
direct allocation
page read and write
4390000
direct allocation
page read and write
F14F000
unkown
page readonly
20DC000
unkown
page readonly
7D4000
heap
page read and write
1FE0000
unkown
page readonly
7D4000
heap
page read and write
6E6ED000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
14606000
direct allocation
page read and write
3D96000
direct allocation
page read and write
23BC000
heap
page read and write
9CB000
heap
page read and write
129C000
unkown
page read and write
1A18000
unkown
page readonly
1D95000
unkown
page readonly
14E08000
direct allocation
page read and write
7D4000
heap
page read and write
9A9000
heap
page read and write
7D4000
heap
page read and write
FF9C0000
direct allocation
page read and write
12C3000
unkown
page read and write
199000
stack
page read and write
14DA1000
direct allocation
page read and write
3FE1000
heap
page read and write
6020000
direct allocation
page read and write
64C000
unkown
page execute and read and write
3FE1000
heap
page read and write
3D6E000
direct allocation
page read and write
C0F000
stack
page read and write
20EC000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7BF3000
heap
page read and write
7D4000
heap
page read and write
1B48000
unkown
page readonly
703000
unkown
page execute and read and write
6D444000
unkown
page read and write
3D90000
heap
page read and write
3FE1000
heap
page read and write
9AA000
heap
page read and write
1B21000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
148C000
unkown
page readonly
7D4000
heap
page read and write
3FE1000
heap
page read and write
2676000
direct allocation
page read and write
F1D3000
direct allocation
page read and write
1529000
unkown
page readonly
21E4000
heap
page read and write
1D1C000
unkown
page readonly
7D4000
heap
page read and write
2207000
direct allocation
page read and write
3DA0000
direct allocation
page execute and read and write
6D3C3000
unkown
page readonly
3FE1000
heap
page read and write
1802000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
54B000
unkown
page execute and read and write
3FE1000
heap
page read and write
7CA0000
heap
page read and write
7D4000
heap
page read and write
23DA000
heap
page read and write
7D4000
heap
page read and write
2306000
direct allocation
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
6C5E5000
unkown
page readonly
4F83000
direct allocation
page read and write
5630000
direct allocation
page read and write
3FE1000
heap
page read and write
400000
unkown
page readonly
EB26000
heap
page read and write
3FE1000
heap
page read and write
410000
unkown
page execute and read and write
103C2000
unkown
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
3B71000
heap
page read and write
6C6000
unkown
page write copy
3B71000
heap
page read and write
14D35000
direct allocation
page read and write
2396000
heap
page read and write
58A7000
unkown
page readonly
3FE1000
heap
page read and write
1461C000
direct allocation
page read and write
1943000
unkown
page readonly
1CA8000
unkown
page readonly
5110000
direct allocation
page read and write
47A0000
heap
page read and write
13D4000
unkown
page readonly
12130000
remote allocation
page read and write
12A0000
unkown
page read and write
1523000
unkown
page readonly
51FA000
direct allocation
page read and write
151E8000
heap
page read and write
F17E000
direct allocation
page read and write
3D60000
heap
page read and write
6C683000
unkown
page readonly
6D3D0000
unkown
page readonly
3FE1000
heap
page read and write
178F000
unkown
page readonly
3D10000
trusted library allocation
page read and write
22E1000
direct allocation
page read and write
20F1000
unkown
page readonly
6CA19000
unkown
page read and write
7E8F000
stack
page read and write
4C4000
unkown
page readonly
21E4000
heap
page read and write
10391000
unkown
page write copy
7D4000
heap
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
559E000
direct allocation
page read and write
7D4000
heap
page read and write
10396000
unkown
page write copy
186A000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
58A0000
unkown
page write copy
7BAA000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
17AD000
unkown
page readonly
3CF0000
direct allocation
page read and write
7D4000
heap
page read and write
51F5000
direct allocation
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
4B7000
unkown
page write copy
EB2A000
heap
page read and write
2693000
direct allocation
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
F1A5000
direct allocation
page read and write
4390000
direct allocation
page read and write
23C8000
heap
page read and write
16E3000
unkown
page readonly
3510000
direct allocation
page read and write
178A000
unkown
page readonly
7D4000
heap
page read and write
EC4A000
direct allocation
page read and write
6C5E3000
unkown
page read and write
1D6D000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
151FC000
heap
page read and write
F250000
direct allocation
page read and write
1A0C000
unkown
page readonly
5020000
direct allocation
page read and write
1876000
unkown
page readonly
7D4000
heap
page read and write
4C0000
unkown
page read and write
7D4000
heap
page read and write
19D000
stack
page read and write
F99D000
stack
page read and write
14400000
heap
page read and write
9BB000
heap
page read and write
7D8E000
stack
page read and write
6D3BA000
unkown
page read and write
7D4000
heap
page read and write
1456E000
stack
page read and write
3FE1000
heap
page read and write
6D5000
unkown
page read and write
5FC0000
direct allocation
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
12AB000
unkown
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
14DD6000
direct allocation
page read and write
7D4000
heap
page read and write
4270000
direct allocation
page read and write
2006000
unkown
page readonly
DA0000
direct allocation
page execute and read and write
41D000
unkown
page execute read
7D4000
heap
page read and write
561C000
direct allocation
page read and write
1A23000
unkown
page readonly
23F8000
heap
page read and write
7D4000
heap
page read and write
22C0000
direct allocation
page execute and read and write
F21D000
direct allocation
page read and write
7CEE000
stack
page read and write
9BE000
heap
page read and write
7D4000
heap
page read and write
596C000
stack
page read and write
1418000
unkown
page readonly
7D4000
heap
page read and write
4260000
direct allocation
page read and write
7D4000
heap
page read and write
F274000
direct allocation
page read and write
7D4000
heap
page read and write
12B1000
unkown
page read and write
7D4000
heap
page read and write
4220000
heap
page read and write
7D4000
heap
page read and write
3BF1000
heap
page read and write
3FE1000
heap
page read and write
6C5C0000
unkown
page readonly
DE0000
heap
page read and write
151E0000
heap
page read and write
7D4000
heap
page read and write
7AF0000
direct allocation
page execute and read and write
6C6A5000
unkown
page readonly
F19D000
direct allocation
page read and write
196E000
unkown
page readonly
4B9000
unkown
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
3FE1000
heap
page read and write
6E671000
unkown
page execute read
15E0000
unkown
page readonly
ED6F000
stack
page read and write
50B0000
direct allocation
page read and write
E09000
heap
page read and write
142F000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
5AED000
stack
page read and write
6EB0F000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
F242000
direct allocation
page read and write
3D4D000
direct allocation
page read and write
6CA1A000
unkown
page write copy
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
55AE000
direct allocation
page read and write
6C5F1000
unkown
page execute read
22E8000
direct allocation
page read and write
2323000
direct allocation
page read and write
7D4000
heap
page read and write
185E000
unkown
page readonly
526B000
direct allocation
page read and write
559000
unkown
page execute and read and write
14D93000
direct allocation
page read and write
7D4000
heap
page read and write
7BC5000
heap
page read and write
1738000
unkown
page readonly
1F34000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
6D451000
unkown
page execute read
F196000
direct allocation
page read and write
6D300000
unkown
page readonly
7D4000
heap
page read and write
23EE000
heap
page read and write
54C000
unkown
page execute read
2710000
heap
page read and write
1760000
unkown
page readonly
59D0000
direct allocation
page read and write
F23B000
direct allocation
page read and write
17B1000
unkown
page readonly
9BE000
heap
page read and write
7D4000
heap
page read and write
20F8000
unkown
page execute and read and write
963000
heap
page read and write
1EDE000
unkown
page readonly
2644000
direct allocation
page read and write
3FE1000
heap
page read and write
14D6E000
direct allocation
page read and write
3FE1000
heap
page read and write
5160000
direct allocation
page read and write
65B000
heap
page read and write
151DF000
stack
page read and write
EA2F000
stack
page read and write
5EBE000
stack
page read and write
1C0D000
unkown
page readonly
7D4000
heap
page read and write
5088000
direct allocation
page read and write
7D4000
heap
page read and write
14D82000
direct allocation
page read and write
94E000
heap
page read and write
20A6000
unkown
page readonly
1036D000
unkown
page write copy
7D4000
heap
page read and write
7D4000
heap
page read and write
12130000
remote allocation
page read and write
F115000
unkown
page write copy
7D4000
heap
page read and write
266F000
direct allocation
page read and write
3FE1000
heap
page read and write
1826000
unkown
page readonly
87F000
stack
page read and write
39BE000
stack
page read and write
1AFB000
unkown
page readonly
9CB000
heap
page read and write
7D4000
heap
page read and write
14D8000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
10000000
unkown
page readonly
1271000
unkown
page read and write
7D4000
heap
page read and write
F0B7000
unkown
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
1462C000
direct allocation
page read and write
3FE1000
heap
page read and write
18C000
stack
page read and write
93000
stack
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
51BC000
direct allocation
page read and write
391F000
stack
page read and write
4C60000
direct allocation
page read and write
7D4000
heap
page read and write
B0E000
stack
page read and write
12C4000
unkown
page readonly
1539000
unkown
page readonly
1F05000
unkown
page readonly
3B71000
heap
page read and write
EE30000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
7D4000
heap
page read and write
141B000
unkown
page readonly
7D4000
heap
page read and write
7D4000
heap
page read and write
3FE1000
heap
page read and write
968000
heap
page read and write
F7A4000
heap
page read and write
6EB16000
unkown
page read and write
5891000
unkown
page execute read
381E000
stack
page read and write
9BB000
heap
page read and write
7D4000
heap
page read and write
400000
unkown
page readonly
7D4000
heap
page read and write
232A000
direct allocation
page read and write
7D4000
heap
page read and write
7D4000
heap
page read and write
10B8000
unkown
page read and write
7D4000
heap
page read and write
1854000
unkown
page readonly
15D8000
unkown
page readonly
16BD000
unkown
page readonly
1AAF000
unkown
page readonly
1E69000
unkown
page readonly
20E7000
unkown
page readonly
233D000
heap
page read and write
5A9000
unkown
page execute and read and write
521B000
direct allocation
page read and write
3DA0000
direct allocation
page read and write
94B000
heap
page read and write
There are 951 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://www.highmotionsoftware.com/products/imbatch/thankyou
https://www.highmotionsoftware.com/products/imbatch/thankyou