Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
v.1.6.3__x64__.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 1252,
Revision Number: {7C966DCE-3EF1-417E-A97B-D3DC00249CD3}, Number of Words: 10, Subject: KcozApp, Author: Tiqs Via Q, Name of
Creating Application: KcozApp, Template: x64;2057, Comments: This installer database contains the logic and data required
to install KcozApp., Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Sat Oct 12 16:04:29
2024, Last Saved Time/Date: Sat Oct 12 16:04:29 2024, Last Printed: Sat Oct 12 16:04:29 2024, Number of Pages: 450
|
initial sample
|
 |
|
|
C:\Windows\Installer\549968.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 1252,
Revision Number: {7C966DCE-3EF1-417E-A97B-D3DC00249CD3}, Number of Words: 10, Subject: KcozApp, Author: Tiqs Via Q, Name of
Creating Application: KcozApp, Template: x64;2057, Comments: This installer database contains the logic and data required
to install KcozApp., Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Sat Oct 12 16:04:29
2024, Last Saved Time/Date: Sat Oct 12 16:04:29 2024, Last Printed: Sat Oct 12 16:04:29 2024, Number of Pages: 450
|
dropped
|
|
|
|
C:\Config.Msi\54996a.rbs
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\MSI5c630.LOG
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\box-add-remove.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\box-custom.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\box-remove.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\box-repair.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\box.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\client.png
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\client_server.png
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\common.js
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\customize.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\diskcost.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\exit.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\fatalerror.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\fileinuse.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\folder.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\jquery-1.3.2.js
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\maintwelcome.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\maintype.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\outofdisk.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\outofrbdisk.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\prepare.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\progress.html
|
HTML document, Unicode text, UTF-8 (with BOM) text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\progress\progressbar.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\progress\progressbar.js
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\resume.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\rmfiles.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\server.png
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\setuptype.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\style.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\userexit.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\varstyle.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\verifyready.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\verifyremove.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\verifyrepair.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\Spring.742DA8B7\welcome.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\icon_29.exe
|
MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel,
-128x-128, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\icon_33.exe
|
MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel,
-128x-128, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\avsfaq.rar
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\classes.jsa
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\java.naming.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\java.net.http.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\java.prefs.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\java.rmi.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\java.scripting.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\java.se.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\java.security.jgss.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\java.security.sasl.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\java.smartcardio.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\java.sql.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\jvm.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\trup_si.rar
|
RAR archive data, v5
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\UnRAR.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-core-profile-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-core-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-core-synch-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-core-synch-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-core-timezone-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-core-util-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-conio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-convert-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-environment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-locale-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-math-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-multibyte-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-private-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-process-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\api-ms-win-crt-time-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\avformat-60.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\avutil-58.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\bin\bash.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\bin\git.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\bin\sh.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\cmd\git-gui.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\cmd\git.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\cmd\gitk.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\cmd\scalar.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\git-bash.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\git-cmd.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\kafkjo.rar
|
RAR archive data, v5
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\libEGL.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\libGLESv2.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\msvcp140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\node.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\obs-ffmpeg-mux.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\obs.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\smartgit-updater.exe
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\smartgit.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\smartgit.launcher
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\smartgit.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Icon number=0,
Archive, ctime=Mon Apr 22 14:09:26 2024, mtime=Sat Oct 12 22:42:46 2024, atime=Mon Apr 22 14:09:26 2024, length=460144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\smartgit.vmoptions
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\smartgitc.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\swresample-4.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\swscale-7.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\vcruntime140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\vcruntime140_1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\w32-pthreads.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\zlib.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI96EA.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI972A.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI9825.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI9864.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSIA035.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\MSIA148.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSIA1C6.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSIA206.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSIA264.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSIA2B3.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSIA303.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSIA342.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF0E429BDD48A82D5C.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF3EAB5EF6824B8668.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF5450961170C8C9E4.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFBB6285DF3414010F.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
There are 116 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\v.1.6.3__x64__.msi"
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 12E499341769C229580CC44839D4DDCA
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://key-crack.com/licenseUser.php
|
172.67.221.87
|
|
|
|
https://github.com/nodejs/node/pull/36061#discussion_r533718029
|
unknown
|
||
|
https://url.spec.whatwg.org/#concept-url-origin
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-NonemptyClassRangesNoDash
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#sec-atomescape
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-Atom
|
unknown
|
||
|
https://gist.github.com/XVilka/8346728#gistcomment-2823421
|
unknown
|
||
|
https://github.com/nodejs/node-v0.x-archive/issues/2876.
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/#sec-timeclip
|
unknown
|
||
|
https://bugs.chromium.org/p/v8/issues/detail?id=10704
|
unknown
|
||
|
https://console.spec.whatwg.org/#table
|
unknown
|
||
|
https://www.iana.org/assignments/tls-extensiontype-values
|
unknown
|
||
|
https://github.com/nodejs/node/issues/35475
|
unknown
|
||
|
https://console.spec.whatwg.org/#console-namespace
|
unknown
|
||
|
https://url.spec.whatwg.org/#url
|
unknown
|
||
|
https://encoding.spec.whatwg.org/#textencoder
|
unknown
|
||
|
https://github.com/nodejs/node/issues/13435
|
unknown
|
||
|
https://github.com/chromium/chromium/blob/master/third_party/blink/public/platform/web_crypto_algori
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-ClassAtomNoDash
|
unknown
|
||
|
https://github.com/tc39/proposal-weakrefs
|
unknown
|
||
|
https://goo.gl/t5IS6M).
|
unknown
|
||
|
https://tools.ietf.org/html/rfc7230#section-3.2.2
|
unknown
|
||
|
https://github.com/nodejs/node/commit/f7620fb96d339f704932f9bb9a0dceb9952df2d4
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-ClassAtom
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-Assertion
|
unknown
|
||
|
https://tc39.github.io/ecma262/#sec-%iteratorprototype%-object
|
unknown
|
||
|
https://url.spec.whatwg.org/#concept-urlencoded-serializer
|
unknown
|
||
|
https://wiki.squid-cache.org/SquidFaq/InnerWorkings#What_is_a_half-closed_filedescriptor.3F
|
unknown
|
||
|
https://nodejs.org/api/fs.html
|
unknown
|
||
|
https://github.com/chalk/ansi-regex/blob/master/index.js
|
unknown
|
||
|
https://github.com/nodejs/node/pull/21313
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-ClassRanges
|
unknown
|
||
|
https://github.com/mysticatea/abort-controller
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-NonemptyClassRanges
|
unknown
|
||
|
http://www.midnight-commander.org/browser/lib/tty/key.c
|
unknown
|
||
|
https://nodejs.org/
|
unknown
|
||
|
https://tools.ietf.org/html/rfc7540#section-8.1.2.5
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-ControlEscape
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-Hex4Digits
|
unknown
|
||
|
http://www.squid-cache.org/Doc/config/half_closed_clients/
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-DecimalEscape
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-ClassControlLetter
|
unknown
|
||
|
https://stackoverflow.com/a/5501711/3561
|
unknown
|
||
|
https://github.com/nodejs/node/pull/33661
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-CharacterClassEscape
|
unknown
|
||
|
http://narwhaljs.org)
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/#sec-promise.all
|
unknown
|
||
|
https://code.google.com/p/chromium/issues/detail?id=25916
|
unknown
|
||
|
http://www.zlib.net/D
|
unknown
|
||
|
https://v8.dev/blog/v8-release-89
|
unknown
|
||
|
https://nodejs.org/download/release/v15.9.0/node-v15.9.0.tar.gz
|
unknown
|
||
|
http://dashif.org/guidelines/trickmode
|
unknown
|
||
|
https://github.com/nodejs/node/pull/12607
|
unknown
|
||
|
https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/#sec-line-terminators
|
unknown
|
||
|
https://www.unicode.org/Public/UNIDATA/EastAsianWidth.txt
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-Pattern
|
unknown
|
||
|
http://html4/loose.dtd
|
unknown
|
||
|
https://sourcemaps.info/spec.html
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://invisible-island.net/xterm/ctlseqs/ctlseqs.html
|
unknown
|
||
|
https://github.com/nodejs/node/pull/12342
|
unknown
|
||
|
https://bugs.chromium.org/p/v8/issues/detail?id=6593
|
unknown
|
||
|
https://nodejs.org/download/release/v15.9.0/node-v15.9.0.tar.gzhttps://nodejs.org/download/release/v
|
unknown
|
||
|
https://github.com/nodejs/node/pull/34375
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-ExtendedAtom
|
unknown
|
||
|
http://.css
|
unknown
|
||
|
https://nodejs.org/download/release/v15.9.0/win-x64/node.lib
|
unknown
|
||
|
https://github.com/nodejs/node/pull/34010
|
unknown
|
||
|
https://heycam.github.io/webidl/#dfn-default-iterator-object
|
unknown
|
||
|
https://heycam.github.io/webidl/#es-iterable-entries
|
unknown
|
||
|
https://heycam.github.io/webidl/#es-interfaces
|
unknown
|
||
|
https://html.spec.whatwg.org/multipage/browsers.html#concept-origin-opaque
|
unknown
|
||
|
https://github.com/da-x/rxvt-unicode/tree/v9.22-with-24bit-color
|
unknown
|
||
|
https://github.com/nodejs/node/issues
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-HexDigits
|
unknown
|
||
|
https://tc39.github.io/ecma262/#sec-object.prototype.tostring
|
unknown
|
||
|
https://url.spec.whatwg.org/#urlsearchparams
|
unknown
|
||
|
https://github.com/chalk/supports-color
|
unknown
|
||
|
https://github.com/nodejs/node/pull/30380#issuecomment-552948364
|
unknown
|
||
|
https://html.spec.whatwg.org/multipage/timers-and-user-prompts.html#dom-setinterval
|
unknown
|
||
|
https://heycam.github.io/webidl/#dfn-class-string
|
unknown
|
||
|
https://heycam.github.io/webidl/#dfn-iterator-prototype-object
|
unknown
|
||
|
http://.jpg
|
unknown
|
||
|
https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode).
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-ControlLetter
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-Quantifier
|
unknown
|
||
|
https://github.com/nodejs/node/issues/10673
|
unknown
|
||
|
https://key-crack.com/licenseUser.phpDoAppSearchExAI_SET_RESUMEAI_SET_INSTALLSendCollectedDataAI_Ext
|
unknown
|
||
|
https://github.com/acornjs/acorn/issues/575
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
|
unknown
|
||
|
https://github.com/mafintosh/pump
|
unknown
|
||
|
https://tc39.es/ecma262/#sec-%typedarray%-intrinsic-object
|
unknown
|
||
|
https://github.com/nodejs/node/issues/19009
|
unknown
|
||
|
https://url.spec.whatwg.org/#concept-urlencoded-parser
|
unknown
|
||
|
https://tc39.github.io/ecma262/#sec-%typedarray%.of
|
unknown
|
||
|
https://github.com/google/caja/blob/master/src/com/google/caja/ses/repairES5.js
|
unknown
|
||
|
https://bugs.chromium.org/p/v8/issues/detail?id=10201
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
key-crack.com
|
172.67.221.87
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.221.87
|
key-crack.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\54996a.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\54996a.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\61A469CFD9BAFEA40A993A392563EBD4
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\296D0B16CDD8D824A867B2B957512C71
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\B7FC879F61A5B7D4CA4DF936DEF5658A
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\80CF82D352D1C08478860F9CE5A6D934
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\A50730CC4FA26A24C92BEDDA7936E61A
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\07127436A8A2F3849AC27115146D6E1C
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\E12E84E2FECEEB2498EE976A78E2DF2E
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\C33BBCCA5F3391247B77EF8553247CE8
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\5DCC38DE69E57F34DB085988751E2C9A
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\BA42363B1DA39E541BEDDFE547025E75
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\1A91A2D4E5D12464BA4D9FAD99E2C7BB
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\5DE3D7E0B010CC04D935638594AF2C40
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\327A26A4846FF9946A0B8DDA68C6B303
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\C6519B46E148DF64886E6FEB8E54C3F5
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\3C4E0B5D0D1184940A4ECF60D6FEF8ED
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\56CD3A7951908384680301953D0A9A47
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\75051ABF07C321C44A33BE1B8F60E876
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\2712BA7C8D41F284480372E0B42A012F
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\36A38309C2734B448AEDD72491916196
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\52885984284E1E24197775A1540D88C6
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\3EFB0612225C0B74DB59C281F05C2FAD
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\B810A0A35B283FA4E8EDEA08C64B6CF9
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\4320B1324C9CF5040B8DDAB38C1A3820
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\BEF1F3EE8EA48B143BD98E302ABB3A56
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\B1381675DF6340E45A88371FA62DCDF0
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\D115FF682EA3CE444A542A5296874F21
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\5C41BC78887B05E4F8360D98F1442D8B
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\730EE675F14035F4EAD8129B0E824ADE
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\9653529A7F2F1B84A9C20121815B9E8A
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\1E556F853F74AB0448BA87E1E8B8D21F
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\47D83DAD26EE98B4BBAA45A4E9B0C29A
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\9810FA074A600B24981ED0B57C92A6AC
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\1312DA5FA69A2F641BA7B4F9A58E568C
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\5AD9F469363667649B1B246BF92F88A2
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\F5C22E98068626F49A37E7974627C2DC
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\58E20722EF4DA27459695A9484060EEB
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\4F232344672793B43816B7239E608665
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\CD64119DBC54D99448841D90395DA357
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\008FBBA8EB3DEF24287301A00E5D2139
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\F74401AE1915A334B947DB482D492FDB
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\132B359E5491B7449809CA9715284D85
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\5BF9386472632B74D982D7260F9068B1
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\F5DA669D27E7D294A8504105E7AB5487
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\8969A7B99B1FBC2478428E635041A998
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\F7A9B6B94FBF7C046A1BB3F761C76731
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\DB198804C46406544A552DEDE9D9A583
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\D4C1238CEFE72EA4AA2AFBEAF118043D
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\CEBC8399ACDD27340A4AA047CE04BD53
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\EBB41B9A5A377D14D8627A91AC55B490
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\D8BFFE41F6200A14D8D74E033776F729
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\1D6EB0389C590A74D944DA9DC48D2C05
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\B220025610B88814C8753FE8CA503151
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\69165165866E30E4EA69F321F7095B16
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\E929846B8EED4C948BDD37A6B9027C8C
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\5DE489FC408A7834AAF9E72F89FC5097
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\EF33FFD132C1C6F40AE48EE15644E93E
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\DBAF88F19253FDD42A36F53223D6AF60
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\816975CE14C8F934FB02E883834F5D07
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\814F2BC572DEAFB4EB31B3403E7EA22C
|
BDC4C53115FF4E444987C7F09B5B0D17
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\Required\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\bin\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Tiqs Via Q\KcozApp\git\cmd\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Tiqs Via Q\{84272F0D-3F98-4492-9664-3CCBC1C471AC}
|
LanguageIdent
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Caphyon\Advanced Installer\Prereqs\{135C4CDB-FF51-44E4-9478-7C0FB9B5D071}\4.3.2
|
C4FE6FD5B7C4D07B3A313E754A9A6A8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Tiqs Via Q\KcozApp
|
Version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Tiqs Via Q\KcozApp
|
Path
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings
|
JITDebug
|
There are 68 hidden registries, click here to show them.