Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
wrapper-windows-x86-64-3.5.59-pro.exe

Overview

General Information

Sample name:wrapper-windows-x86-64-3.5.59-pro.exe
Analysis ID:1532860
MD5:4cb008375a7b737c1a6ccf569327df9e
SHA1:67eb89f50b067628ad733ba3b1a47cdd42dd0364
SHA256:4c65e4b6f9909d4d4bfc74852c33fd05de53a952d98968bd94d323ec14573992
Infos:

Detection

Score:2
Range:0 - 100
Whitelisted:false
Confidence:40%

Compliance

Score:34
Range:0 - 100

Signatures

Creates a process in suspended mode (likely to inject code)
Drops PE files
EXE planting / hijacking vulnerabilities found
Found dropped PE file which has not been started or loaded
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Uses 32bit PE files

Classification

Process Tree

  • System is w10x64_ra
  • wrapper-windows-x86-64-3.5.59-pro.exe (PID: 7044 cmdline: "C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe" MD5: 4CB008375A7B737C1A6CCF569327DF9E)
    • notepad.exe (PID: 4048 cmdline: "C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_en.txt MD5: E92D3A824A0578A50D2DD81B5060145F)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeEXE: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapper.exeJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeEXE: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapperw.exeJump to behavior

Compliance

barindex
EXE planting / hijacking vulnerabilities found
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeEXE: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapper.exeJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeEXE: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapperw.exeJump to behavior
Uses 32bit PE files
Source: wrapper-windows-x86-64-3.5.59-pro.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Found installer window with terms and condition text
Source: C:\Windows\SysWOW64\notepad.exeWindow detected: -------------------------------------------------------------------------------Java Service Wrapper Professional Edition 3.5.59Copyright (C) 1999-2024 Tanuki Software Ltd. All Rights Reserved.https://wrapper.tanukisoftware.com-------------------------------------------------------------------------------Summary:1. What is the Java Service Wrapper?2. Documentation3. Installation4. License Options5. How to Purchase6. Getting Updates7. FAQ8. Support9. System Requirements1. What is the Java Service Wrapper?-------------------------------------------------------------------------------The Java Service Wrapper is an application that has evolved out of a desire to solve a number of problems common to many Java applications. Some of the Wrapper's features are: * Run a Java application as a Windows Service or Unix Daemon * Java Application Reliability * Automatic detection and recovery of Crashes Freezes and Deadlocks * On-Demand Restarts * Standard Out-of-the Box Scripting * Flexible Cross-Platform Configuration * Ease Application Installations * Logging * Many more...See our Product Features page for a more detailed feature list: => https://wrapper.tanukisoftware.com/doc/english/product-features.htmlFor more information please visit: => https://wrapper.tanukisoftware.com/doc/english/introduction.html2. Documentation-------------------------------------------------------------------------------Please visit our website for the full documentation.Here are some ways to get you started. * Complete documentation can be found online: => https://wrapper.tanukisoftware.com/ * How to integrate the Java Service Wrapper with an Application: => https://wrapper.tanukisoftware.com/doc/english/integrate.html * Configuration Properties: => https://wrapper.tanukisoftware.com/doc/english/properties.html * HOWTOs: => https://wrapper.tanukisoftware.com/doc/english/howto.html * Javadocs for advanced users: => https://wrapper.tanukisoftware.com/doc/english/javadocs.html * Tanuki Software Ltd. Corporate site: => https://www.tanukisoftware.com/3. Installation-------------------------------------------------------------------------------If you are reading this it means you have successfully unpacked this software.The Standard and Professional Editions of the Java Service Wrapper ship witha time-limited but full-featured trial license key which allows you to runthe Wrapper as many times as you want for up to 15 minutes. This is meantfor quick no-hassle testing.You can also request a FREE 1-month trial license that allows you to run theWrapper for the validity of the license (one month) on a single server withoutthe 15-minute limit per session.Trial licenses can be obtained at the following URL: => https://wrapper.tanukisoftware.com/doc/english/requestTrial.jspPermanent licenses can be purchased at the following URL: => https://wrapper.tanukisoftware.com/doc/english/accountLicenses.jspIf you have already purchased a license you can generate and
Creates license or readme file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_de.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_en.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_es.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_ja.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\doc\wrapper-development-license-1.3.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\doc\wrapper-server-license-1.3.txtJump to behavior
PE / OLE file has a valid certificate
Source: wrapper-windows-x86-64-3.5.59-pro.exeStatic PE information: certificate valid
Contains modern PE file flags such as dynamic base (ASLR) or NX
Source: wrapper-windows-x86-64-3.5.59-pro.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Binary contains paths to debug symbols
Source: Binary string: C:\jenkins-agent\workspace\wrapper\wrapper-64\wrapper_prerelease_3.5.59-pro\src\c\wrapperJNI64_VC8__Win32_Release\wrapper.pdb source: wrapper.dll.0.dr
Source: Binary string: C:\jenkins-agent\workspace\wrapper\wrapper-64\wrapper_prerelease_3.5.59-pro\src\c\wrapper64_VC8__Win32_Release\wrapper.pdb source: wrapper.exe.0.dr
Source: Binary string: C:\jenkins-agent\workspace\wrapper\wrapper-64\wrapper_prerelease_3.5.59-pro\src\c\wrapperw32_VC8__Win32_Release\wrapperw.pdb source: wrapperw.exe.0.dr
Source: revisions.txt.0.drString found in binary or memory: http://bugs.sun.com/view_bug.do?bug_id=6965962
Source: wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04
Source: wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl0
Source: wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
Source: wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
Source: wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0#
Source: wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
Source: wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
Source: wrapper-windows-x86-64-3.5.59-pro.exeString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
Source: wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: http://ocsp.comodoca.com0
Source: wrapper.exe.0.drString found in binary or memory: http://ocsp.sectigo.com0
Source: demoapp.conf.0.dr, wrapper.conf.0.dr, wrapper.conf.in.0.drString found in binary or memory: http://wrapper.tanukisoftware.com/doc/english/integrate.html
Source: TestWrapper.bat.0.dr, StartTestWrapper-NT.bat.0.dr, AppTemplate.bat.in.0.dr, AppTemplatePassThrough.bat.in.0.dr, DemoApp.bat.0.dr, ResumeApp-NT.bat.in.0.dr, StopTestWrapper-NT.bat.0.dr, App.bat.in.0.dr, TestWrapperCommand.bat.0.dr, TeardownApp.bat.in.0.dr, InstallApp-NT.bat.in.0.dr, AppNoWrapper.bat.in.0.dr, InstallTestWrapper-NT.bat.0.dr, StopApp-NT.bat.in.0.dr, TeardownTestWrapper.bat.0.dr, PauseTestWrapper-NT.bat.0.dr, QueryTestWrapper-NT.bat.0.dr, GetHostId.bat.0.dr, UninstallApp-NT.bat.in.0.dr, SetupApp.bat.in.0.dr, QueryApp-NT.bat.in.0.drString found in binary or memory: http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html
Source: wrapper.conf.in_ja.0.drString found in binary or memory: http://wrapper.tanukisoftware.com/doc/japanese/integrate.html
Source: demoapp.conf.0.dr, wrapper.conf.0.dr, wrapper-license.conf.0.dr, wrapper-license-time.conf.0.dr, wrapper.conf.in_ja.0.dr, wrapper.conf.in.0.drString found in binary or memory: http://wrapper.tanukisoftware.com/purchase
Source: demoapp.conf.0.dr, wrapper.conf.0.dr, wrapper-license.conf.0.dr, wrapper-license-time.conf.0.dr, wrapper.conf.in_ja.0.dr, wrapper.conf.in.0.drString found in binary or memory: http://wrapper.tanukisoftware.com/trial
Source: index.html.0.dr, wrapper-development-license-1.3.txt.0.dr, wrapper-server-license-1.3.txt.0.drString found in binary or memory: http://wrapper.tanukisoftware.org
Source: revisions.txt.0.drString found in binary or memory: http://wrapper.tanukisoftware.org/doc/english/licenseOverview.html
Source: index.html.0.drString found in binary or memory: http://wrapper.tanukisoftware.org/jdoc/index.html
Source: TestWrapper.bat.0.dr, StartTestWrapper-NT.bat.0.dr, AppTemplate.bat.in.0.dr, AppTemplatePassThrough.bat.in.0.dr, DemoApp.bat.0.dr, ResumeApp-NT.bat.in.0.dr, StopTestWrapper-NT.bat.0.dr, App.bat.in.0.dr, TestWrapperCommand.bat.0.dr, TeardownApp.bat.in.0.dr, InstallApp-NT.bat.in.0.dr, AppNoWrapper.bat.in.0.dr, InstallTestWrapper-NT.bat.0.dr, StopApp-NT.bat.in.0.dr, TeardownTestWrapper.bat.0.dr, PauseTestWrapper-NT.bat.0.dr, QueryTestWrapper-NT.bat.0.dr, GetHostId.bat.0.dr, UninstallApp-NT.bat.in.0.dr, SetupApp.bat.in.0.dr, QueryApp-NT.bat.in.0.drString found in binary or memory: http://www.tanukisoftware.com
Source: wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: https://sectigo.com/CPS0
Source: notepad.exe, 00000009.00000002.2486216320.0000000002CA4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wrapper.tan
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.dr, README_ja.txt.0.dr, README_de.txt.0.dr, README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.dr, README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/
Source: wrapper-windows-x86-64-3.5.59-pro.exe, 00000000.00000002.1496372828.00000000009A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wrapper.tanukisoftware.com/doc/
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/accountDevLicenses.jsp
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/accountLicenses.jsp
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/accountServerLicenses.jsp
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CBD000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/debugging.html
Source: notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/download.jsp
Source: notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/faq.html
Source: notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/howto-upgrade.html
Source: README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/howto.html
Source: wrapper_de.mo.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/integrate.html
Source: wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/integrate.htmlThe
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/introduction.html
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/javadocs.html
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/licenseOverview.html
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/product-features.html
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/properties.html
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CBD000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/qna.html
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/requestTrial.jsp
Source: wrapperTestApp_de.mo.0.dr, wrapperTestApp_ja.mo.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/security-model.html
Source: wrapperTestApp_de.mo.0.dr, wrapperTestApp_ja.mo.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/security-model.htmlThrow
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CBD000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/support.jsp
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CBD000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/supported-platforms.html
Source: notepad.exe, 00000009.00000002.2486216320.0000000002CA4000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CBD000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/english/troubleshooting.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/accountDevLicenses.jsp
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/accountLicenses.jsp
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/accountServerLicenses.jsp
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/debugging.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/download.jsp
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/faq.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/howto-upgrade.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/howto.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/integrate.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/introduction.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/javadocs.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/licenseOverview.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/properties.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/qna.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/requestTrial.jsp
Source: wrapperTestApp_de.mo.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/security-model.html
Source: wrapperTestApp_de.mo.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/security-model.htmlGibt
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/support.jsp
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/supported-platforms.html
Source: README_de.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/german/troubleshooting.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/accountDevLicenses.jsp
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/accountLicenses.jsp
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/accountServerLicenses.jsp
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/debugging.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/download.jsp
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/faq.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/howto-upgrade.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/howto.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/integrate.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/introduction.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/javadocs.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/licenseOverview.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/product-features.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/properties.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/qna.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/requestTrial.jsp
Source: wrapperTestApp_ja.mo.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/security-model.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/support.jsp
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/supported-platforms.html
Source: README_ja.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/japanese/troubleshooting.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/accountDevLicenses.jsp
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/accountLicenses.jsp
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/accountServerLicenses.jsp
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/debugging.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/download.jsp
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/faq.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/howto-upgrade.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/howto.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/integrate.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/introduction.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/javadocs.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/licenseOverview.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/product-features.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/properties.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/qna.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/requestTrial.jsp
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/support.jsp
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/supported-platforms.html
Source: README_es.txt.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/doc/spanish/troubleshooting.html
Source: wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/integrateGetNativeSystemInfokernel32.dllMicrosoft
Source: wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/purchaseYou
Source: wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: https://wrapper.tanukisoftware.com/trialLicense
Source: wrapperw.exe.0.dr, wrapper.exe.0.drString found in binary or memory: https://wrapper.tanukisoftware.com2024GVBtWUThis
Source: wrapper_ja.mo.0.drString found in binary or memory: https://wrapper.tanukisoftware.org/doc/japanese/integrate.html
Source: notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.dr, README_de.txt.0.drString found in binary or memory: https://www.tanukisoftware.com/
Source: notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.dr, README_de.txt.0.drString found in binary or memory: https://www.tanukisoftware.com/en/distributors.php
Source: README_es.txt.0.drString found in binary or memory: https://www.tanukisoftware.com/es/
Source: README_es.txt.0.drString found in binary or memory: https://www.tanukisoftware.com/es/distributors.php
Source: README_ja.txt.0.drString found in binary or memory: https://www.tanukisoftware.com/ja/
Source: README_ja.txt.0.drString found in binary or memory: https://www.tanukisoftware.com/ja/distributors.php
Source: wrapper-windows-x86-64-3.5.59-pro.exe, 00000000.00000003.1494919897.0000000000A36000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameNOTEPAD.EXE.MUIj% vs wrapper-windows-x86-64-3.5.59-pro.exe
Source: wrapper-windows-x86-64-3.5.59-pro.exe, 00000000.00000003.1494919897.0000000000A36000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameNOTEPAD.EXEj% vs wrapper-windows-x86-64-3.5.59-pro.exe
Source: wrapper-windows-x86-64-3.5.59-pro.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: classification engineClassification label: clean2.winEXE@3/59@0/0
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-proJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\AppData\Local\Temp\nsd7139.tmpJump to behavior
Source: wrapper-windows-x86-64-3.5.59-pro.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile read: C:\Users\desktop.iniJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile read: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe "C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe"
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess created: C:\Windows\SysWOW64\notepad.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_en.txt
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess created: C:\Windows\SysWOW64\notepad.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_en.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: shfolder.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: riched20.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: usp10.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: msls31.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: slc.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: sppc.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: mrmcorer.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: efswrt.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Windows\SysWOW64\notepad.exeWindow detected: -------------------------------------------------------------------------------Java Service Wrapper Professional Edition 3.5.59Copyright (C) 1999-2024 Tanuki Software Ltd. All Rights Reserved.https://wrapper.tanukisoftware.com-------------------------------------------------------------------------------Summary:1. What is the Java Service Wrapper?2. Documentation3. Installation4. License Options5. How to Purchase6. Getting Updates7. FAQ8. Support9. System Requirements1. What is the Java Service Wrapper?-------------------------------------------------------------------------------The Java Service Wrapper is an application that has evolved out of a desire to solve a number of problems common to many Java applications. Some of the Wrapper's features are: * Run a Java application as a Windows Service or Unix Daemon * Java Application Reliability * Automatic detection and recovery of Crashes Freezes and Deadlocks * On-Demand Restarts * Standard Out-of-the Box Scripting * Flexible Cross-Platform Configuration * Ease Application Installations * Logging * Many more...See our Product Features page for a more detailed feature list: => https://wrapper.tanukisoftware.com/doc/english/product-features.htmlFor more information please visit: => https://wrapper.tanukisoftware.com/doc/english/introduction.html2. Documentation-------------------------------------------------------------------------------Please visit our website for the full documentation.Here are some ways to get you started. * Complete documentation can be found online: => https://wrapper.tanukisoftware.com/ * How to integrate the Java Service Wrapper with an Application: => https://wrapper.tanukisoftware.com/doc/english/integrate.html * Configuration Properties: => https://wrapper.tanukisoftware.com/doc/english/properties.html * HOWTOs: => https://wrapper.tanukisoftware.com/doc/english/howto.html * Javadocs for advanced users: => https://wrapper.tanukisoftware.com/doc/english/javadocs.html * Tanuki Software Ltd. Corporate site: => https://www.tanukisoftware.com/3. Installation-------------------------------------------------------------------------------If you are reading this it means you have successfully unpacked this software.The Standard and Professional Editions of the Java Service Wrapper ship witha time-limited but full-featured trial license key which allows you to runthe Wrapper as many times as you want for up to 15 minutes. This is meantfor quick no-hassle testing.You can also request a FREE 1-month trial license that allows you to run theWrapper for the validity of the license (one month) on a single server withoutthe 15-minute limit per session.Trial licenses can be obtained at the following URL: => https://wrapper.tanukisoftware.com/doc/english/requestTrial.jspPermanent licenses can be purchased at the following URL: => https://wrapper.tanukisoftware.com/doc/english/accountLicenses.jspIf you have already purchased a license you can generate and
Source: wrapper-windows-x86-64-3.5.59-pro.exeStatic PE information: certificate valid
Source: wrapper-windows-x86-64-3.5.59-pro.exeStatic file information: File size 2002192 > 1048576
Source: wrapper-windows-x86-64-3.5.59-pro.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Source: Binary string: C:\jenkins-agent\workspace\wrapper\wrapper-64\wrapper_prerelease_3.5.59-pro\src\c\wrapperJNI64_VC8__Win32_Release\wrapper.pdb source: wrapper.dll.0.dr
Source: Binary string: C:\jenkins-agent\workspace\wrapper\wrapper-64\wrapper_prerelease_3.5.59-pro\src\c\wrapper64_VC8__Win32_Release\wrapper.pdb source: wrapper.exe.0.dr
Source: Binary string: C:\jenkins-agent\workspace\wrapper\wrapper-64\wrapper_prerelease_3.5.59-pro\src\c\wrapperw32_VC8__Win32_Release\wrapperw.pdb source: wrapperw.exe.0.dr
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\AppData\Local\Temp\nst714A.tmp\LangDLL.dllJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lib\wrapper.dllJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapper.exeJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapperw.exeJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\AppData\Local\Temp\nst714A.tmp\System.dllJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\AppData\Local\Temp\nst714A.tmp\nsDialogs.dllJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_de.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_en.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_es.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_ja.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\doc\wrapper-development-license-1.3.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile created: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\doc\wrapper-server-license-1.3.txtJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nst714A.tmp\LangDLL.dllJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeDropped PE file which has not been started: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lib\wrapper.dllJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeDropped PE file which has not been started: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapper.exeJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeDropped PE file which has not been started: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapperw.exeJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nst714A.tmp\System.dllJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nst714A.tmp\nsDialogs.dllJump to dropped file
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile Volume queried: C:\Users\user\Desktop FullSizeInformationJump to behavior
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeFile Volume queried: C:\Users\user\Desktop FullSizeInformationJump to behavior
Source: revisions.txt.0.drBinary or memory string: Azure or Hyper-V Virtual Machines.
Source: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exeProcess created: C:\Windows\SysWOW64\notepad.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_en.txtJump to behavior
Source: C:\Windows\SysWOW64\notepad.exeQueries volume information: C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_en.txt VolumeInformationJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
DLL Side-Loading		11
Process Injection		1
Masquerading		OS Credential Dumping1
Security Software Discovery		Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Search Order Hijacking		1
DLL Side-Loading		11
Process Injection		LSASS Memory1
File and Directory Discovery		Remote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
DLL Search Order Hijacking		1
DLL Side-Loading		Security Account Manager12
System Information Discovery		SMB/Windows Admin SharesData from Network Shared DriveSteganographyAutomated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
DLL Search Order Hijacking		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
wrapper-windows-x86-64-3.5.59-pro.exe0%ReversingLabs
wrapper-windows-x86-64-3.5.59-pro.exe1%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Local\Temp\nst714A.tmp\LangDLL.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nst714A.tmp\System.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nst714A.tmp\nsDialogs.dll0%ReversingLabs
C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapper.exe0%ReversingLabs
C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapperw.exe0%ReversingLabs
C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lib\wrapper.dll0%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl00%URL Reputationsafe
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl00%URL Reputationsafe
http://nsis.sf.net/NSIS_ErrorError0%URL Reputationsafe
http://ocsp.sectigo.com00%URL Reputationsafe
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#0%URL Reputationsafe
https://sectigo.com/CPS00%URL Reputationsafe
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t0%URL Reputationsafe
https://wrapper.tanukisoftware.com/doc/english/requestTrial.jsp0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/english/accountServerLicenses.jsp0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/german/licenseOverview.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/german/javadocs.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/japanese/support.jsp0%VirustotalBrowse
http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0#0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/german/accountServerLicenses.jsp0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/japanese/qna.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/spanish/faq.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/german/download.jsp0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/japanese/faq.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/integrateGetNativeSystemInfokernel32.dllMicrosoft0%VirustotalBrowse
https://wrapper.tanukisoftware.org/doc/japanese/integrate.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/spanish/troubleshooting.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/japanese/requestTrial.jsp0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/spanish/qna.html0%VirustotalBrowse
http://bugs.sun.com/view_bug.do?bug_id=69659620%VirustotalBrowse
https://www.tanukisoftware.com/en/distributors.php0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/japanese/introduction.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/spanish/integrate.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/english/howto.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/english/integrate.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/german/integrate.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/german/0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/german/properties.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/trialLicense0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/japanese/properties.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/german/security-model.htmlGibt0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/english/howto-upgrade.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/japanese/licenseOverview.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/japanese/security-model.html0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/german/troubleshooting.html0%VirustotalBrowse
https://www.tanukisoftware.com/es/0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/spanish/support.jsp0%VirustotalBrowse
http://wrapper.tanukisoftware.com/purchase0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/english/support.jsp0%VirustotalBrowse
https://wrapper.tanukisoftware.com/doc/japanese/integrate.html0%VirustotalBrowse
http://wrapper.tanukisoftware.org0%VirustotalBrowse
http://wrapper.tanukisoftware.org/jdoc/index.html0%VirustotalBrowse

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
https://wrapper.tanukisoftware.com/doc/english/requestTrial.jspnotepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalseunknown
https://wrapper.tanukisoftware.com/doc/german/javadocs.htmlREADME_de.txt.0.drfalseunknown
https://wrapper.tanukisoftware.com/doc/english/accountServerLicenses.jspnotepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalseunknown
https://wrapper.tanukisoftware.com/doc/japanese/support.jspREADME_ja.txt.0.drfalseunknown
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drfalse
  • URL Reputation: safe
  • URL Reputation: safe
unknown
https://wrapper.tanukisoftware.com/doc/german/licenseOverview.htmlREADME_de.txt.0.drfalseunknown
https://wrapper.tanukisoftware.com/integrateGetNativeSystemInfokernel32.dllMicrosoftwrapperw.exe.0.dr, wrapper.exe.0.drfalseunknown
https://wrapper.tanukisoftware.com/doc/german/accountServerLicenses.jspREADME_de.txt.0.drfalseunknown
http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0#wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drfalseunknown
https://wrapper.tanukisoftware.com/doc/japanese/qna.htmlREADME_ja.txt.0.drfalseunknown
https://wrapper.tanukisoftware.com/doc/japanese/faq.htmlREADME_ja.txt.0.drfalseunknown
https://wrapper.tanukisoftware.com/doc/spanish/faq.htmlREADME_es.txt.0.drfalseunknown
https://wrapper.tanukisoftware.com/doc/german/download.jspREADME_de.txt.0.drfalseunknown
https://wrapper.tanukisoftware.com/doc/japanese/introduction.htmlREADME_ja.txt.0.drfalseunknown
https://wrapper.tanukisoftware.com/doc/spanish/troubleshooting.htmlREADME_es.txt.0.drfalseunknown
https://wrapper.tanukisoftware.com2024GVBtWUThiswrapperw.exe.0.dr, wrapper.exe.0.drfalse
    		unknown
    https://wrapper.tanukisoftware.org/doc/japanese/integrate.htmlwrapper_ja.mo.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/japanese/requestTrial.jspREADME_ja.txt.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/spanish/integrate.htmlREADME_es.txt.0.drfalseunknown
    http://bugs.sun.com/view_bug.do?bug_id=6965962revisions.txt.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/spanish/qna.htmlREADME_es.txt.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/german/README_de.txt.0.drfalseunknown
    https://www.tanukisoftware.com/en/distributors.phpnotepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.dr, README_de.txt.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/english/howto.htmlREADME_en.txt.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/english/integrate.htmlwrapper_de.mo.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/japanese/licenseOverview.htmlREADME_ja.txt.0.drfalseunknown
    http://wrapper.tanukisoftware.com/purchasedemoapp.conf.0.dr, wrapper.conf.0.dr, wrapper-license.conf.0.dr, wrapper-license-time.conf.0.dr, wrapper.conf.in_ja.0.dr, wrapper.conf.in.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/japanese/properties.htmlREADME_ja.txt.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/german/integrate.htmlREADME_de.txt.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/english/howto-upgrade.htmlnotepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/german/properties.htmlREADME_de.txt.0.drfalseunknown
    https://wrapper.tanukisoftware.com/trialLicensewrapperw.exe.0.dr, wrapper.exe.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/german/security-model.htmlGibtwrapperTestApp_de.mo.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/spanish/support.jspREADME_es.txt.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/german/troubleshooting.htmlREADME_de.txt.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/japanese/security-model.htmlwrapperTestApp_ja.mo.0.drfalseunknown
    http://wrapper.tanukisoftware.orgindex.html.0.dr, wrapper-development-license-1.3.txt.0.dr, wrapper-server-license-1.3.txt.0.drfalseunknown
    http://nsis.sf.net/NSIS_ErrorErrorwrapper-windows-x86-64-3.5.59-pro.exefalse
    • URL Reputation: safe
    		unknown
    https://wrapper.tanukisoftware.com/doc/japanese/integrate.htmlREADME_ja.txt.0.drfalseunknown
    https://www.tanukisoftware.com/es/README_es.txt.0.drfalseunknown
    http://wrapper.tanukisoftware.org/jdoc/index.htmlindex.html.0.drfalseunknown
    https://wrapper.tanukisoftware.com/doc/english/support.jspnotepad.exe, 00000009.00000003.1496079559.0000000002CBD000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalseunknown
    https://www.tanukisoftware.com/notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.dr, README_de.txt.0.drfalse
      		unknown
      http://wrapper.tanukisoftware.com/doc/japanese/integrate.htmlwrapper.conf.in_ja.0.drfalse
        		unknown
        https://wrapper.tanukisoftware.com/doc/japanese/accountDevLicenses.jspREADME_ja.txt.0.drfalse
          		unknown
          https://wrapper.tanukisoftware.com/doc/spanish/accountLicenses.jspREADME_es.txt.0.drfalse
            		unknown
            https://wrapper.tanukisoftware.com/notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.dr, README_es.txt.0.drfalse
              		unknown
              http://wrapper.tanukisoftware.com/doc/english/licenseOverview.htmlTestWrapper.bat.0.dr, StartTestWrapper-NT.bat.0.dr, AppTemplate.bat.in.0.dr, AppTemplatePassThrough.bat.in.0.dr, DemoApp.bat.0.dr, ResumeApp-NT.bat.in.0.dr, StopTestWrapper-NT.bat.0.dr, App.bat.in.0.dr, TestWrapperCommand.bat.0.dr, TeardownApp.bat.in.0.dr, InstallApp-NT.bat.in.0.dr, AppNoWrapper.bat.in.0.dr, InstallTestWrapper-NT.bat.0.dr, StopApp-NT.bat.in.0.dr, TeardownTestWrapper.bat.0.dr, PauseTestWrapper-NT.bat.0.dr, QueryTestWrapper-NT.bat.0.dr, GetHostId.bat.0.dr, UninstallApp-NT.bat.in.0.dr, SetupApp.bat.in.0.dr, QueryApp-NT.bat.in.0.drfalse
                		unknown
                https://wrapper.tanukisoftware.com/doc/german/security-model.htmlwrapperTestApp_de.mo.0.drfalse
                  		unknown
                  https://wrapper.tanukisoftware.com/doc/japanese/accountLicenses.jspREADME_ja.txt.0.drfalse
                    		unknown
                    https://wrapper.tanukisoftware.comnotepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.dr, README_ja.txt.0.dr, README_de.txt.0.dr, README_es.txt.0.drfalse
                      		unknown
                      https://wrapper.tanukisoftware.com/doc/english/faq.htmlnotepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalse
                        		unknown
                        https://wrapper.tanukisoftware.com/doc/spanish/accountDevLicenses.jspREADME_es.txt.0.drfalse
                          		unknown
                          http://ocsp.sectigo.com0wrapper.exe.0.drfalse
                          • URL Reputation: safe
                          		unknown
                          https://wrapper.tanukisoftware.com/doc/english/security-model.htmlwrapperTestApp_de.mo.0.dr, wrapperTestApp_ja.mo.0.drfalse
                            		unknown
                            http://wrapper.tanukisoftware.org/doc/english/licenseOverview.htmlrevisions.txt.0.drfalse
                              		unknown
                              https://wrapper.tanukisoftware.com/doc/english/javadocs.htmlnotepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalse
                                		unknown
                                https://wrapper.tanukisoftware.com/doc/spanish/properties.htmlREADME_es.txt.0.drfalse
                                  		unknown
                                  https://wrapper.tanukisoftware.com/doc/spanish/accountServerLicenses.jspREADME_es.txt.0.drfalse
                                    		unknown
                                    https://wrapper.tanukisoftware.com/doc/german/debugging.htmlREADME_de.txt.0.drfalse
                                      		unknown
                                      http://wrapper.tanukisoftware.com/doc/english/integrate.htmldemoapp.conf.0.dr, wrapper.conf.0.dr, wrapper.conf.in.0.drfalse
                                        		unknown
                                        https://wrapper.tanukisoftware.com/doc/spanish/howto.htmlREADME_es.txt.0.drfalse
                                          		unknown
                                          https://wrapper.tanukisoftware.com/doc/english/licenseOverview.htmlnotepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalse
                                            		unknown
                                            http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drfalse
                                            • URL Reputation: safe
                                            		unknown
                                            https://wrapper.tanukisoftware.com/doc/japanese/supported-platforms.htmlREADME_ja.txt.0.drfalse
                                              		unknown
                                              https://wrapper.tanukisoftware.com/doc/spanish/requestTrial.jspREADME_es.txt.0.drfalse
                                                		unknown
                                                http://wrapper.tanukisoftware.com/trialdemoapp.conf.0.dr, wrapper.conf.0.dr, wrapper-license.conf.0.dr, wrapper-license-time.conf.0.dr, wrapper.conf.in_ja.0.dr, wrapper.conf.in.0.drfalse
                                                  		unknown
                                                  https://wrapper.tanukisoftware.com/doc/spanish/product-features.htmlREADME_es.txt.0.drfalse
                                                    		unknown
                                                    https://wrapper.tanukisoftware.com/doc/english/qna.htmlnotepad.exe, 00000009.00000003.1496079559.0000000002CBD000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalse
                                                      		unknown
                                                      https://wrapper.tanukisoftware.com/doc/german/support.jspREADME_de.txt.0.drfalse
                                                        		unknown
                                                        https://wrapper.tanukisoftware.com/doc/japanese/javadocs.htmlREADME_ja.txt.0.drfalse
                                                          		unknown
                                                          https://wrapper.tanukisoftware.com/doc/wrapper-windows-x86-64-3.5.59-pro.exe, 00000000.00000002.1496372828.00000000009A8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		unknown
                                                            https://wrapper.tanukisoftware.com/doc/japanese/howto-upgrade.htmlREADME_ja.txt.0.drfalse
                                                              		unknown
                                                              https://wrapper.tanukisoftware.com/doc/english/accountDevLicenses.jspnotepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalse
                                                                		unknown
                                                                https://wrapper.tanukisoftware.com/doc/english/properties.htmlnotepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalse
                                                                  		unknown
                                                                  https://wrapper.tanukisoftware.com/doc/english/supported-platforms.htmlnotepad.exe, 00000009.00000003.1496079559.0000000002CBD000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalse
                                                                    		unknown
                                                                    https://wrapper.tanukisoftware.com/doc/japanese/accountServerLicenses.jspREADME_ja.txt.0.drfalse
                                                                      		unknown
                                                                      https://www.tanukisoftware.com/es/distributors.phpREADME_es.txt.0.drfalse
                                                                        		unknown
                                                                        https://wrapper.tanukisoftware.com/doc/german/accountDevLicenses.jspREADME_de.txt.0.drfalse
                                                                          		unknown
                                                                          https://wrapper.tanukisoftware.com/doc/german/accountLicenses.jspREADME_de.txt.0.drfalse
                                                                            		unknown
                                                                            https://wrapper.tanukisoftware.com/doc/japanese/debugging.htmlREADME_ja.txt.0.drfalse
                                                                              		unknown
                                                                              https://wrapper.tanukisoftware.com/doc/spanish/supported-platforms.htmlREADME_es.txt.0.drfalse
                                                                                		unknown
                                                                                http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl0wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drfalse
                                                                                  		unknown
                                                                                  https://wrapper.tanukisoftware.com/doc/japanese/product-features.htmlREADME_ja.txt.0.drfalse
                                                                                    		unknown
                                                                                    https://www.tanukisoftware.com/ja/README_ja.txt.0.drfalse
                                                                                      		unknown
                                                                                      https://sectigo.com/CPS0wrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drfalse
                                                                                      • URL Reputation: safe
                                                                                      		unknown
                                                                                      https://wrapper.tanukisoftware.com/doc/spanish/howto-upgrade.htmlREADME_es.txt.0.drfalse
                                                                                        		unknown
                                                                                        https://wrapper.tanukisoftware.com/doc/spanish/download.jspREADME_es.txt.0.drfalse
                                                                                          		unknown
                                                                                          https://wrapper.tanukisoftware.com/doc/german/requestTrial.jspREADME_de.txt.0.drfalse
                                                                                            		unknown
                                                                                            https://wrapper.tanukisoftware.com/doc/english/integrate.htmlThewrapperw.exe.0.dr, wrapper.exe.0.drfalse
                                                                                              		unknown
                                                                                              https://wrapper.tanukisoftware.com/doc/german/faq.htmlREADME_de.txt.0.drfalse
                                                                                                		unknown
                                                                                                http://www.tanukisoftware.comTestWrapper.bat.0.dr, StartTestWrapper-NT.bat.0.dr, AppTemplate.bat.in.0.dr, AppTemplatePassThrough.bat.in.0.dr, DemoApp.bat.0.dr, ResumeApp-NT.bat.in.0.dr, StopTestWrapper-NT.bat.0.dr, App.bat.in.0.dr, TestWrapperCommand.bat.0.dr, TeardownApp.bat.in.0.dr, InstallApp-NT.bat.in.0.dr, AppNoWrapper.bat.in.0.dr, InstallTestWrapper-NT.bat.0.dr, StopApp-NT.bat.in.0.dr, TeardownTestWrapper.bat.0.dr, PauseTestWrapper-NT.bat.0.dr, QueryTestWrapper-NT.bat.0.dr, GetHostId.bat.0.dr, UninstallApp-NT.bat.in.0.dr, SetupApp.bat.in.0.dr, QueryApp-NT.bat.in.0.drfalse
                                                                                                  		unknown
                                                                                                  https://wrapper.tanukisoftware.com/doc/german/supported-platforms.htmlREADME_de.txt.0.drfalse
                                                                                                    		unknown
                                                                                                    https://wrapper.tanukisoftware.com/doc/english/accountLicenses.jspnotepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalse
                                                                                                      		unknown
                                                                                                      https://wrapper.tanukisoftware.com/doc/spanish/javadocs.htmlREADME_es.txt.0.drfalse
                                                                                                        		unknown
                                                                                                        https://wrapper.tanukisoftware.com/doc/english/security-model.htmlThrowwrapperTestApp_de.mo.0.dr, wrapperTestApp_ja.mo.0.drfalse
                                                                                                          		unknown
                                                                                                          https://wrapper.tanukisoftware.com/doc/spanish/debugging.htmlREADME_es.txt.0.drfalse
                                                                                                            		unknown
                                                                                                            https://wrapper.tanukisoftware.com/doc/german/howto.htmlREADME_de.txt.0.drfalse
                                                                                                              		unknown
                                                                                                              https://wrapper.tanukisoftware.com/doc/english/troubleshooting.htmlnotepad.exe, 00000009.00000002.2486216320.0000000002CA4000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CBD000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000002.2486216320.0000000002CCA000.00000004.00000020.00020000.00000000.sdmp, notepad.exe, 00000009.00000003.1496079559.0000000002CC4000.00000004.00000020.00020000.00000000.sdmp, README_en.txt.0.drfalse
                                                                                                                		unknown
                                                                                                                http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0twrapper-windows-x86-64-3.5.59-pro.exe, wrapper.dll.0.dr, wrapperw.exe.0.dr, wrapper.exe.0.drfalse
                                                                                                                • URL Reputation: safe
                                                                                                                		unknown

                                                                                                                World Map of Contacted IPs

                                                                                                                No contacted IP infos

                                                                                                                General Information

                                                                                                                Joe Sandbox version:41.0.0 Charoite
                                                                                                                Analysis ID:1532860
                                                                                                                Start date and time:2024-10-14 02:34:40 +02:00
                                                                                                                Joe Sandbox product:CloudBasic
                                                                                                                Overall analysis duration:0h 4m 31s
                                                                                                                Hypervisor based Inspection enabled:false
                                                                                                                Report type:full
                                                                                                                Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                Number of analysed new started processes analysed:13
                                                                                                                Number of new started drivers analysed:0
                                                                                                                Number of existing processes analysed:0
                                                                                                                Number of existing drivers analysed:0
                                                                                                                Number of injected processes analysed:0
                                                                                                                Technologies:
                                                                                                                • EGA enabled
                                                                                                                • AMSI enabled
                                                                                                                Analysis Mode:default
                                                                                                                Analysis stop reason:Timeout
                                                                                                                Sample name:wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                Detection:CLEAN
                                                                                                                Classification:clean2.winEXE@3/59@0/0
                                                                                                                Cookbook Comments:
                                                                                                                • Found application associated with file extension: .exe

                                                                                                                Warnings

                                                                                                                • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                                                                                                • Excluded domains from analysis (whitelisted): fs.microsoft.com, slscr.update.microsoft.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                • Not all processes where analyzed, report is missing behavior information
                                                                                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                • Report size getting too big, too many NtQueryValueKey calls found.

                                                                                                                Simulations

                                                                                                                Behavior and APIs

                                                                                                                No simulations

                                                                                                                Joe Sandbox View / Context

                                                                                                                IPs

                                                                                                                No context

                                                                                                                Domains

                                                                                                                No context

                                                                                                                ASNs

                                                                                                                No context

                                                                                                                JA3 Fingerprints

                                                                                                                No context

                                                                                                                Dropped Files

                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                C:\Users\user\AppData\Local\Temp\nst714A.tmp\LangDLL.dllLisectAVT_2403002A_176.exeGet hashmaliciousALLLQBrowse
                                                                                                                  kJs0JTLO6I.exeGet hashmaliciousMetasploitBrowse
                                                                                                                    kJs0JTLO6I.exeGet hashmaliciousMetasploitBrowse
                                                                                                                      https://www.dropbox.com/scl/fi/2u0ns17aqf2nkkout3i4e/Wion-Setup.exe?rlkey=bczprnlv9lpsjsrcm2mwnqhrh&st=tkdq1g8n&dl=1Get hashmaliciousUnknownBrowse
                                                                                                                        C:\Users\user\AppData\Local\Temp\nst714A.tmp\System.dllSecuriteInfo.com.Win32.Malware-gen.4932.17674.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                          SecuriteInfo.com.Win32.Malware-gen.4932.17674.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                            D#U00dcZELT#U0130LD#U0130 S#U00d6ZLE#U015eME-pdf.bat.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                              D#U00dcZELT#U0130LD#U0130 S#U00d6ZLE#U015eME-pdf.bat.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                UMOWA_PD.BAT.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                  UMOWA_PD.BAT.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                    Payment_Advice.1.bat.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                      Payment_Advice..exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                        Payment_Advice..exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                          Payment_Advice.1.bat.exeGet hashmaliciousGuLoaderBrowse

                                                                                                                                            Created / dropped Files

                                                                                                                                            C:\Users\user\AppData\Local\Temp\nst714A.tmp\LangDLL.dll

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):5632
                                                                                                                                            Entropy (8bit):3.81833601044378
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:48:S46+/pTKYKxbWsptIp5tCZ0iVEAWyMEv9v/ft2O2B8m/ofjLl:zbuPbO5tCZBVEAWyMEFv2CmCL
                                                                                                                                            MD5:50016010FB0D8DB2BC4CD258CEB43BE5
                                                                                                                                            SHA1:44BA95EE12E69DA72478CF358C93533A9C7A01DC
                                                                                                                                            SHA-256:32230128C18574C1E860DFE4B17FE0334F685740E27BC182E0D525A8948C9C2E
                                                                                                                                            SHA-512:ED4CF49F756FBF673449DCA20E63DCE6D3A612B61F294EFC9C3CCEBEFFA6A1372667932468816D3A7AFDB7E5A652760689D8C6D3F331CEDEE7247404C879A233
                                                                                                                                            Malicious:false
                                                                                                                                            Antivirus:
                                                                                                                                            • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                            Joe Sandbox View:
                                                                                                                                            • Filename: LisectAVT_2403002A_176.exe, Detection: malicious, Browse
                                                                                                                                            • Filename: kJs0JTLO6I.exe, Detection: malicious, Browse
                                                                                                                                            • Filename: kJs0JTLO6I.exe, Detection: malicious, Browse
                                                                                                                                            • Filename: , Detection: malicious, Browse
                                                                                                                                            Reputation:moderate, very likely benign file
                                                                                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.....................>..........:..........Rich..........................PE..L...P.d...........!........."......?........ ...............................p............@.........................`"..I...\ ..P....P..`....................`....................................................... ..\............................text............................... ..`.rdata....... ......................@..@.data........0......................@....rsrc...`....P......................@..@.reloc..`....`......................@..B................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                            C:\Users\user\AppData\Local\Temp\nst714A.tmp\System.dll

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):12288
                                                                                                                                            Entropy (8bit):5.805604762622714
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
                                                                                                                                            MD5:4ADD245D4BA34B04F213409BFE504C07
                                                                                                                                            SHA1:EF756D6581D70E87D58CC4982E3F4D18E0EA5B09
                                                                                                                                            SHA-256:9111099EFE9D5C9B391DC132B2FAF0A3851A760D4106D5368E30AC744EB42706
                                                                                                                                            SHA-512:1BD260CABE5EA3CEFBBC675162F30092AB157893510F45A1B571489E03EBB2903C55F64F89812754D3FE03C8F10012B8078D1261A7E73AC1F87C82F714BCE03D
                                                                                                                                            Malicious:false
                                                                                                                                            Antivirus:
                                                                                                                                            • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                            Joe Sandbox View:
                                                                                                                                            • Filename: SecuriteInfo.com.Win32.Malware-gen.4932.17674.exe, Detection: malicious, Browse
                                                                                                                                            • Filename: SecuriteInfo.com.Win32.Malware-gen.4932.17674.exe, Detection: malicious, Browse
                                                                                                                                            • Filename: D#U00dcZELT#U0130LD#U0130 S#U00d6ZLE#U015eME-pdf.bat.exe, Detection: malicious, Browse
                                                                                                                                            • Filename: D#U00dcZELT#U0130LD#U0130 S#U00d6ZLE#U015eME-pdf.bat.exe, Detection: malicious, Browse
                                                                                                                                            • Filename: UMOWA_PD.BAT.exe, Detection: malicious, Browse
                                                                                                                                            • Filename: UMOWA_PD.BAT.exe, Detection: malicious, Browse
                                                                                                                                            • Filename: Payment_Advice.1.bat.exe, Detection: malicious, Browse
                                                                                                                                            • Filename: Payment_Advice..exe, Detection: malicious, Browse
                                                                                                                                            • Filename: Payment_Advice..exe, Detection: malicious, Browse
                                                                                                                                            • Filename: Payment_Advice.1.bat.exe, Detection: malicious, Browse
                                                                                                                                            Reputation:moderate, very likely benign file
                                                                                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qr*.5.D.5.D.5.D...J.2.D.5.E.!.D.....2.D.a0t.1.D.V1n.4.D..3@.4.D.Rich5.D.........PE..L...S.d...........!....."...........*.......@...............................p............@..........................B.......@..P............................`.......................................................@..X............................text.... .......".................. ..`.rdata..c....@.......&..............@..@.data...x....P.......*..............@....reloc.......`.......,..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                            C:\Users\user\AppData\Local\Temp\nst714A.tmp\modern-header.bmp

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:PC bitmap, Windows 3.x format, 150 x 57 x 24, image size 25764, resolution 3543 x 3543 px/m, cbSize 25818, bits offset 54
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):25818
                                                                                                                                            Entropy (8bit):3.7877261482644444
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:Ft01Um91Y1Dx1Xa3C1C1jES6WJzjbOxMJDs62Geew1dKbxUAkBxR96IK:PmK23/1teZ1Nv6IK
                                                                                                                                            MD5:10C7EA910D0FCE3FB24F5086788B67D4
                                                                                                                                            SHA1:81A886DAF2E3D6A4131767CCA0F15666B5E508D7
                                                                                                                                            SHA-256:AAAA7569450EEBE23B4EA62302B4A27C60BCD29E06542BEA6269A081D7683BA2
                                                                                                                                            SHA-512:3DF4E9492A4A8CCD0C0CF5BC5A46EE291D5546D9736E3E7E1464CD13810FFB97B09006C9A6BF296BD2C2214662C7F4A052B6FCD46DB6D570FE854B5A9F58C1C5
                                                                                                                                            Malicious:false
                                                                                                                                            Reputation:low
                                                                                                                                            Preview:BM.d......6...(.......9............d....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                            C:\Users\user\AppData\Local\Temp\nst714A.tmp\modern-wizard.bmp

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:PC bitmap, Windows 3.x format, 164 x 314 x 24, image size 154488, resolution 3543 x 3543 px/m, cbSize 154542, bits offset 54
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):154542
                                                                                                                                            Entropy (8bit):6.7381889495141225
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:3072:WBxZb1H6cnAQl7A3BzlqSATNwf7XXX0lBq0ng+16sO9+:M4k++16F9+
                                                                                                                                            MD5:2BF9DE020C2B6CE10EF79AD63FA3D182
                                                                                                                                            SHA1:76E10E3A591F795BAA4D670A34D0B6AE1845202C
                                                                                                                                            SHA-256:5C82DDC879A3B0F2B6E1048ADC000112890B6B4AE8AAB2F3724B4669FE08C896
                                                                                                                                            SHA-512:EFE755C5F51DC2FCF4160371E05F7F48A8B6C10A9DE577D095AA52BFF73067AEAAECA62E7020C5D205824991F50F8656B12A1AB19F6A4AFAEAEA8DDCDF77C3AE
                                                                                                                                            Malicious:false
                                                                                                                                            Reputation:low
                                                                                                                                            Preview:BM.[......6...(.......:...........x[....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                            C:\Users\user\AppData\Local\Temp\nst714A.tmp\nsDialogs.dll

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):9728
                                                                                                                                            Entropy (8bit):5.158585441954107
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:o4Ev02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YsNqkzfFc:o4EvCu5e81785qHFcU0PuAw0uyGIFc
                                                                                                                                            MD5:1D8F01A83DDD259BC339902C1D33C8F1
                                                                                                                                            SHA1:9F7806AF462C94C39E2EC6CC9C7AD05C44EBA04E
                                                                                                                                            SHA-256:4B7D17DA290F41EBE244827CC295CE7E580DA2F7E9F7CC3EFC1ABC6898E3C9ED
                                                                                                                                            SHA-512:28BF647374B4B500A0F3DBCED70C2B256F93940E2B39160512E6E486AC31D1D90945ACECEF578F61B0A501F27C7106B6FFC3DEAB2EC3BFB3D9AF24C9449A1567
                                                                                                                                            Malicious:false
                                                                                                                                            Antivirus:
                                                                                                                                            • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                            Reputation:moderate, very likely benign file
                                                                                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......|..c8O`08O`08O`08Oa0.O`0.@=05O`0llP0=O`0.If09O`0.od09O`0Rich8O`0........PE..L...Q.d...........!.........0......g........0............................................@..........................6..k....0.......p...............................................................................0...............................text............................... ..`.rdata..{....0......................@..@.data...h!...@......................@....rsrc........p....... ..............@..@.reloc..~............"..............@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_de.txt

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):6787
                                                                                                                                            Entropy (8bit):4.819566386998369
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:7JTRELan8RLDKuoQzZU4+EKz/Vyf2iFowGoM6MzZENyTDzyTfeVy8n99t9Cywy4q:dTWWAg/V9ioG/LTfeBWtiILIR
                                                                                                                                            MD5:D088A67F5AB6DE2DA52E0E95B19D5350
                                                                                                                                            SHA1:F38E644644546B9E7F39B9EFAAE52BFC9C2761B2
                                                                                                                                            SHA-256:6F15A197C54D027BA77F956535361ECF2F28B51F41F6F8AC5492380E2E7048C7
                                                                                                                                            SHA-512:4369A816D3C5E3094ECBE121EB1A9B661DCB9A07F1A38A518183F450DBF86CD0DEA1BC2B6A9A02097B7194BA41E03D557E82BA45E95C6A4EC7F780A87CBD8F66
                                                                                                                                            Malicious:false
                                                                                                                                            Reputation:low
                                                                                                                                            Preview:.-------------------------------------------------------------------------------..Java Service Wrapper Professional Edition 3.5.59..Copyright (C) 1999-2024 Tanuki Software, Ltd. All Rights Reserved...https://wrapper.tanukisoftware.com..-------------------------------------------------------------------------------....Zusammenfassung:....1. Was ist der Java Service Wrapper?..2. Dokumentation..3. Installation..4. Lizenzoptionen..5. Wie zu erwerben?..6. Aktualisieren..7. FAQ..8. Support..9. Systemvoraussetzungen........1. Was ist der Java Service Wrapper?..-------------------------------------------------------------------------------....Der Java Service Wrapper ist eine Anwendung, die aus dem Wunsch heraus erstellt..worden ist, eine Vielzahl von Java bedingten Problem und Einschr.nkungen zu..beheben.....Einige der M.glichkeiten des Wrappers sind:.. * Eine Java-Anwendung als Windows-Dienst und Unix Daemon zu starten.. * Erh.hung der Zuverl.ssigkeit von Javaanwendungen... * Automa

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_en.txt

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):6251
                                                                                                                                            Entropy (8bit):4.743031550483347
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:LKdh5PRXffAWSaeTwvWH/palS6Bm4AqrQlbyTMFC5GWybajgBExB2cxLwc:GdhbXAWQ/p0qoTZ5AetP
                                                                                                                                            MD5:49AB109C1E32DEF6B4C27E8355C3174A
                                                                                                                                            SHA1:859EE33C85DB3C4874917D0363DDD741C6F7E800
                                                                                                                                            SHA-256:AF59036005E0CD153905785ADB9BCEE5868C14104317FC63A114AF3085994F1F
                                                                                                                                            SHA-512:2E652C660CB2BAFEB13846AB6D1EC87849A7652756558172C48B6290F450BF2135E9A664FF1A024B719040520E2C6C980866A510CD5D6E9E3B8F63E46386AFEB
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:-------------------------------------------------------------------------------..Java Service Wrapper Professional Edition 3.5.59..Copyright (C) 1999-2024 Tanuki Software, Ltd. All Rights Reserved...https://wrapper.tanukisoftware.com..-------------------------------------------------------------------------------....Summary:....1. What is the Java Service Wrapper?..2. Documentation..3. Installation..4. License Options..5. How to Purchase..6. Getting Updates..7. FAQ..8. Support..9. System Requirements........1. What is the Java Service Wrapper?..-------------------------------------------------------------------------------....The Java Service Wrapper is an application that has evolved out of a desire ..to solve a number of problems common to many Java applications. ....Some of the Wrapper's features are:.. * Run a Java application as a Windows Service or Unix Daemon.. * Java Application Reliability.. * Automatic detection and recovery of Crashes, Freezes and Deadlocks.. * On-Demand

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_es.txt

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):6722
                                                                                                                                            Entropy (8bit):4.791635168545599
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:srneXsuN+bMiVXNg/73pEBkoFRVXZ2XyU2Qj/eLUUa7ni3R0BDh+fts:sreTN2VQpEimayvKDDuWl
                                                                                                                                            MD5:C222CB7AA4F73C02476AFB7148B2A1F9
                                                                                                                                            SHA1:660804ABE3880118EAC929C1DA257CCAD26925B9
                                                                                                                                            SHA-256:1B2A5A6A8B5C623FAF5474D27A02E140A53286FBF6F53E4FA7A754CD775457EB
                                                                                                                                            SHA-512:0CA50A4F9880AE727E5D902210C4F86BE9C72B7A94C87C90987ADB4AC8957963892CB29FB2EE4D62CE80900832D7A6AAB9635B938043FB26206DB7B1AC945A3B
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:.-------------------------------------------------------------------------------..Java Service Wrapper Professional Edition 3.5.59..Copyright (C) 1999-2024 Tanuki Software, Ltd. All Rights Reserved...https://wrapper.tanukisoftware.com..-------------------------------------------------------------------------------....Resumen:....1. .Qu. es el Java Service Wrapper?..2. Documentaci.n..3. Instalaci.n..4. Opciones de Licencia..5. C.mo Comprar..6. Actualizaciones..7. FAQ..8. Soporte T.cnico..9. Requisitos del Sistema........1. .Qu. es el Java Service Wrapper?..-------------------------------------------------------------------------------....El Java Service Wrapper es una aplicaci.n que ha evolucionado con el deseo de..resolver una seria de problemas com.nes encontrados en aplicaciones Java.....Alguna de las caracter.sticas del Wrapper son:.. * Ejecutar aplicaciones Java como Servicio de Windows o Demonio de Unix.. * Fiabilidad en Aplicaciones Java.. * Detecci.n y recuperac

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_ja.txt

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):7941
                                                                                                                                            Entropy (8bit):5.5464172342658085
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:PFrqG2Mg//7ixf8xPkTHj1QsCvztN4wqRLhJmn6Un6bVnzA1Vl6/Apgk6PfONY14:7Lk8pyzjQDpIVfy/f9rol
                                                                                                                                            MD5:82CC25F10C47E6A6066339A0AED47345
                                                                                                                                            SHA1:09E71FA50A56D3BB43030CDB0A1F7E294A1A9134
                                                                                                                                            SHA-256:2F7165599F72C4991231C497194CAA53FC3F70C307603126CAA9A8FD5F7EB37B
                                                                                                                                            SHA-512:4D2CF44CA3DBD56C626DCB879E7F49742546508EDEFCCC0772D43DED25EC76B619399E4F13356BB6A162E43E2EB1ABC8780A3BC4C84CC6D2C97A14A9B5B45A36
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:.-------------------------------------------------------------------------------..Java Service Wrapper Professional Edition 3.5.59..Copyright (C) 1999-2024 Tanuki Software, Ltd. All Rights Reserved...https://wrapper.tanukisoftware.com..-------------------------------------------------------------------------------......:....1. Java Service Wrapper .....2. ............3. ........4. ..........5. ...........6. ..........7. ...... FAQ..8. ......9. ..............1. Java Service Wrapper .....-------------------------------------------------------------------------------....Java Service Wrapper ..... Java ........................................................ Wrapper ...... * Windows ..... Unix ....... Java .....

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\DemoApp.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):7980
                                                                                                                                            Entropy (8bit):5.312877393406308
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:K0Mg9LOdESeRAZ8Kl7/fAD1T1yBBjxDcDY6mjX:ig9LOdjtZ8qDfAnSto6
                                                                                                                                            MD5:CE5C3047AB22B3E923387070779003CC
                                                                                                                                            SHA1:C4624EF18DFC2C4CEB8F1F867D92412C831254FE
                                                                                                                                            SHA-256:55327F633C056FF523EF11C79D38676FC9DF692FCE264F05752A0F38A6574274
                                                                                                                                            SHA-512:64E0BB9CFFD6E90A1FDF007F4938321ADAD44DEB535AF49CF0C4538B5B1B937DA354BFAC533161A8E6D3DD406880C9412F3027AC1E60FEEF408DD3ED8D4538D3
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Run as a console application...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..s

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\GetHostId.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):2137
                                                                                                                                            Entropy (8bit):5.193281673255612
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:48:p9Q13ijuSv4QIhxMMuox44j0Zm+7ApPp7BY7Bo3zuMDeSMv:KsS3MMZtx+7AN7i
                                                                                                                                            MD5:FA62DCDD04D7EC9E41D6004B74F1C61C
                                                                                                                                            SHA1:093FE666873E60B62AC64A00473AB0E38A0CDC1B
                                                                                                                                            SHA-256:490B3376B9AE612B37564DC894A4767927F8BF5492D188415398ABF7A983153E
                                                                                                                                            SHA-512:75D0ED4F0614FDDFDDEDEEF529D4B6A7F460BF49C8DCAA69E4CD71A6EC912293F0B9937AB9419305A47F66BDF9C8BFB0329CCBFAE6374DF1BB4D9005957FE181
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper hostid helper script...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem Do not modify anything beyond this point..rem -----------------------------------------------------------------------------....if "%OS%"=="Windows_NT" goto nt..echo This script only works with NT-based versions of Windows...goto :

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\InstallTestWrapper-NT.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):8489
                                                                                                                                            Entropy (8bit):5.325222102031833
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:K2A3j3Fg9LEdESeRNZ8Kl7/fAD1T1yBBjxDcDYamjX:Wg9LEdjoZ8qDfAnStoe
                                                                                                                                            MD5:3C58D2DA94F2ADBCA8BB2FB1D9A08613
                                                                                                                                            SHA1:4DC03D21AA2A542F5B0B986CC62F29151D2FE3A4
                                                                                                                                            SHA-256:8E95C300802F66BA56C3A812A020D3F9F3B95384A8D79341713290C8215F721F
                                                                                                                                            SHA-512:C96FDEAC4F45490C0817ADDA976EA42407C6416A9C2A9C5FBA7A3A94DC562F1BD909493609E0D9B66DBF7014DA9915347F58577BD9D3F75C018E09786B14CF42
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Install as an NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper...rem..rem ********************************************************************..rem NOTE - This script has been modified to run the TestWrapper sample..rem application and should NOT be used as a base for your own..rem applications. All of the documentation assumes that you are

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\PauseTestWrapper-NT.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4966
                                                                                                                                            Entropy (8bit):5.323252746906217
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KsdMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3Q3mjX:KEMg9LEd/Z8Kl7/fgD8mjX
                                                                                                                                            MD5:E72F141CCD6B50D5137A97C868F9417F
                                                                                                                                            SHA1:8BAE5D8B3DF13B2DA75B647F380668280B6B24CB
                                                                                                                                            SHA-256:A6B30BA819CEEFA88C4C775541F2E379695FAB2FA25568AE72DD81049E4DD290
                                                                                                                                            SHA-512:9A5D319E09431BB39CC0F14312F936BA53FAE50B3172B20B4B958942F825A1F93F1040036099E43B30B7ACD4039B743975BAC0B52162CBCB61F818A44BAF4B3B
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Pause a running NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\QueryTestWrapper-NT.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4977
                                                                                                                                            Entropy (8bit):5.3223499574206485
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KsJMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QHmjX:K+Mg9LEd/Z8Kl7/fgDsmjX
                                                                                                                                            MD5:1E6D275EA634F3F219643AB76A9AEAF4
                                                                                                                                            SHA1:05328633A5233A707CDA45486F52E6C24CE44D51
                                                                                                                                            SHA-256:8050AC8CE814285E40816248490F36484C6FFB710761DFB815F1958F0DE5B35D
                                                                                                                                            SHA-512:DD1493E276289B8C81831ED4D8FAC47DF8388DC64C947AA38B240FF53D2EE4919750F578B84BC6EDB538968BF4A6611A6C125A8C8D228C4A88B0A3F80BEEE189
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Query the current status of a service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the vari

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\ResumeTestWrapper-NT.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4966
                                                                                                                                            Entropy (8bit):5.322600337660085
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KsZMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QbmjX:KUMg9LEd/Z8Kl7/fgD4mjX
                                                                                                                                            MD5:9D79EE1C615CED1C15529AFD5AACB599
                                                                                                                                            SHA1:834E62ED524E0D2BC623F442BB2CA87BC1793AC1
                                                                                                                                            SHA-256:559BA28D13FD19E20C069DC6EC08C89AB13C8220545F42BE0D61930436DDAC5C
                                                                                                                                            SHA-512:F27F4A073EF6E43E6C7955037896FAFAD55C712CF23D6ED50C4663E91BB43E08440C04E0F65A7F807C78168B62013281849585344A041EF05DB6E6DF40A0A298
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Resume a paused NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\SetupTestWrapper.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4944
                                                                                                                                            Entropy (8bit):5.325042481769513
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KsUh3MMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QqmjX:KpMg9LEd/Z8Kl7/fgDrmjX
                                                                                                                                            MD5:98E4F8A247694D96B18ECD867F66C06D
                                                                                                                                            SHA1:0C8328369F5658131E11D736F961F25DF181CD79
                                                                                                                                            SHA-256:5B28B27C1A14E95CA5F71483AD00F99D82330FD8727E6E4A992C106DB2A4CD15
                                                                                                                                            SHA-512:DC49D86758F47B489FF78B896DB0403BA6A4EB31A7481601CFBB044136789EF5955AC114E162575CA3D9866B4E49BC949C3C84744666B866BD25FEC7878DBCB0
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper setup script...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set _WRAPPER_DIR=....rem T

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\StartTestWrapper-NT.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4962
                                                                                                                                            Entropy (8bit):5.322702512593209
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KsMMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QXSmjX:KhMg9LEd/Z8Kl7/fgD4SmjX
                                                                                                                                            MD5:BFE379DF92440E0925926FE6AEEB4197
                                                                                                                                            SHA1:F94AD87E0123EAFF585A8CA560D9BAFE40A04FBB
                                                                                                                                            SHA-256:CA1D76E47A1466A44FB418FE797ECC82FD05DD16214A42055A4C85CF6B91CD27
                                                                                                                                            SHA-512:C912978B87F8A6B8013B331D8F839818C59AB9FE473E9E8F4B8DD762A917E8E184172B72C8A7DDE505AC6E4D4F40CB930D347C72CE1DD0549DF5EEABC41BE567
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Start as an NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set _WR

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\StopTestWrapper-NT.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4965
                                                                                                                                            Entropy (8bit):5.32271611922965
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KshhMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QOmjX:KMMg9LEd/Z8Kl7/fgDVmjX
                                                                                                                                            MD5:2BE057A6FA1811972B4D61805645488E
                                                                                                                                            SHA1:FCA67B03EB619708C63F1F199D5308FF0168671C
                                                                                                                                            SHA-256:683B8F2531042156BAD95939BBB56EE408F20916FE57F0F1DE98CFE50FA5DD1E
                                                                                                                                            SHA-512:4AEC9560FE6B7DD796FC8B8073B0D4BC225B2BFA33FED4156467177A870B742772FC545ABA2772815F4E131E70BA31A1FBF8868FEFA27FC7650C573BAA701527
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Stop a started NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\TeardownTestWrapper.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4947
                                                                                                                                            Entropy (8bit):5.324811435153823
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:Ks53MMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QimjX:KkMg9LEd/Z8Kl7/fgDzmjX
                                                                                                                                            MD5:E79CDF147657F721C014AD748B7A73FD
                                                                                                                                            SHA1:0DFD8179153824D7A6A610C79F2299DE0A1CF4B3
                                                                                                                                            SHA-256:2A248C606A8117868D5E402FAB240609794DB0BDEA0642FAE2A8A180776EDDC3
                                                                                                                                            SHA-512:508D7AFAD932D45A7E00980D5AC36923B7E7BD61F33F382114CA8DAFDD55CA598AEDDCE1E8AF86C4849A0C4395D945CB911C6F09D807FAC8699E5E18DE42E7DE
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper teardown script...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set _WRAPPER_DIR=....re

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\TestWrapper.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):8493
                                                                                                                                            Entropy (8bit):5.324687713410063
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:K0A3j3Fg9LEdESeRNZ8Kl7/fAD1T1yBBjxDcDY6mjX:og9LEdjoZ8qDfAnSto6
                                                                                                                                            MD5:85D359C35FA0F4149DFA5C32F191251B
                                                                                                                                            SHA1:591988FBC1AB72E850A55766895C3034ED6D4EFA
                                                                                                                                            SHA-256:A4354463D2BBB76ED26E5674B4A8F148745BAF87AC0F418B52A4C7C08A4DE00B
                                                                                                                                            SHA-512:D0D6E9CCC20928AB55B19DF9ACFC6DED90041AF8A25C744F5F01B41C58A674C31A3B9D8ED52A618E782851B7B5737717094E610078C00FC1E3584FAF4FE1FBF6
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Run as a console application...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper...rem..rem ********************************************************************..rem NOTE - This script has been modified to run the TestWrapper sample..rem application and should NOT be used as a base for your own..rem applications. All of the documentation assumes that you

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\TestWrapperCommand.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):12719
                                                                                                                                            Entropy (8bit):5.275973607216618
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:KSA3j3Fg93WiSeRwpZ8Kl7/+Dv3Q/1yBBjxDcDY5O2ZmjX:4g93WJPpZ8qD+TQ9Stovf
                                                                                                                                            MD5:D2EBCDC9DB83DA236FA92261B02E0D59
                                                                                                                                            SHA1:148B41A349020AFF420682133D71E02615E5FA66
                                                                                                                                            SHA-256:CED5E895AA2EDD808C771BCAE02B1A96C01312E9A16826A7AC3EA8B1CBCF117D
                                                                                                                                            SHA-512:012DE49EE83A3FB93E025D3C49BC4C7992C3DA3F6F91C95500638C8B6A996AAA631BFBBB4D818A996E487872F3AEFCBD7DF068E8CB568689636D3DC2019B9554
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper command based script...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper...rem..rem ********************************************************************..rem NOTE - This script has been modified to run the TestWrapper sample..rem application and should NOT be used as a base for your own..rem applications. All of the documentation assumes that you are..rem

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\UninstallTestWrapper-NT.bat

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4970
                                                                                                                                            Entropy (8bit):5.324209246341133
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KstMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QYmjX:KoMg9LEd/Z8Kl7/fgD7mjX
                                                                                                                                            MD5:8A14B1F06C83AF23D141A7E50D7939B2
                                                                                                                                            SHA1:D5B41DC8C1A3C98D7132D4EB35C48DF541FD73FA
                                                                                                                                            SHA-256:CFB1852F3829CA10BB982B7DB989A49E34E9F744E548F593659E32F18761936E
                                                                                                                                            SHA-512:DB7E12E8D088AF1F4DC4626DE1D0A2F82CEAA16A303FB7BE15EEFF9A4C557BBFABB2A361CD7C3A57FDE6C34B0760B801E650ED4F0D3F025C2FF7A7E261E24E50
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Uninstall/remove an NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. .

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapper.exe

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):993440
                                                                                                                                            Entropy (8bit):5.916272952742879
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:24576:3T069c/r0DrnXcJ7Vt/cjfMVwtpum04f3cBGtir53uA:h9coDrnXcJ7VtEjfOCF04Pt8
                                                                                                                                            MD5:4A15F9039361AF0E3BB5D8BE1EC0FA16
                                                                                                                                            SHA1:B9075EBA50A62976E633A2E0AF760257E17A4332
                                                                                                                                            SHA-256:7FCC01AECB75707D5CC041CE644ECE79D30E866ECC96E7A2A0B5EB71D1C5BEDA
                                                                                                                                            SHA-512:07B5F7E67F98DDBCD07E1E0F9FDDE7AC51B03BC0C0AFF1DE7AB40BBA0AA9C9918000EDDF72ED824A5B50F4DB702DB4FFB2D896302D058B2FE17E02274C232774
                                                                                                                                            Malicious:false
                                                                                                                                            Antivirus:
                                                                                                                                            • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......0...t.f.t.f.t.f....q.f.j...D.f.j.....f.j...y.f.S?..w.f.S?..u.f.S?..S.f.t.g.7.f.j...o.f.j...u.f.j...u.f.Richt.f.........PE..d....G.f..........".................,..........@..........................................@..........................................................0..lp.......].......P..............................................................P............................text............................... ..`.rdata..^...........................@..@.data...............................@....pdata...].......^..................@..@.rsrc...lp...0...r...V..............@..@.reloc..............................@..B........................................................................................................................................................................................................................................................

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\bin\wrapperw.exe

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):1346208
                                                                                                                                            Entropy (8bit):6.639648228653071
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:24576:ucS/tFw7utW86xfbE4oNf0ORrcFdhtj0wDJienbb9wtQ7Sf/aDGllubgTK:uF/tK7mW86xfbE4oN8MrcvPjzJUtnhO
                                                                                                                                            MD5:D748FCFCCE9F2459085D5F60B0C83FA4
                                                                                                                                            SHA1:C37C35B176048E9D4B359BE3FB6D5AA51DBFE734
                                                                                                                                            SHA-256:EAA057DDE29DA3906C76CDB4D6BBCBCC656F4688731B77EEF942D1A290E62C9A
                                                                                                                                            SHA-512:A57F19639E1E08D09FF1776D418B309271897F67E79C0024D1BFEFD44573B0ECC680E34D57446EFEB57D01BAA8632A27DBFB9B8538EA6CA73CDC32D3BE1E4D37
                                                                                                                                            Malicious:false
                                                                                                                                            Antivirus:
                                                                                                                                            • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................D.................9...........:.......:.......:..................................Rich............PE..d....G.f.........."..........<.................@..........................................@.................................................H........P.........p_...:...P..............................................................@............................text............................... ..`.rdata..............................@..@.data...(...........................@....pdata..p_.......`..................@..@.rsrc.......P.......z..............@..@.reloc..x............*..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\conf\demoapp.conf

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):9357
                                                                                                                                            Entropy (8bit):4.968822798576736
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:0vYpLrO2uDbmzko36yMRypyMdbyxsoHyNqRaiNwDlDdaRt2DPw:1Lrbzko3qEdvqRaiNIpaRIDPw
                                                                                                                                            MD5:51D1BC7E0711673ADA763DA8BE5A34D2
                                                                                                                                            SHA1:12E08E0E7EA4D71950723803ED89E4C8CAE80334
                                                                                                                                            SHA-256:FF1AF8593B6EEBB28539EB1B327BEBAF2A30BD318D7C24155D09DBD509E50EDF
                                                                                                                                            SHA-512:55949FF6604BD13EEFD253C1E708AB1CEBC33A81EC9FD3B0EDB7B9ADBFE129C6EA2FA8394634577298B22F0227BCBC9AA3307647E8DB72D5F54AFEE13735F960
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:#encoding=UTF-8..# Configuration files must begin with a line specifying the encoding..# of the the file.....#********************************************************************..# Wrapper License Properties (Ignored by Community Edition)..#********************************************************************..# Professional and Standard Editions of the Wrapper require a valid..# License Key to start. Licenses can be purchased or a trial license..# requested on the following pages:..# http://wrapper.tanukisoftware.com/purchase..# http://wrapper.tanukisoftware.com/trial....# Include file problems can be debugged by leaving only one '#'..# at the beginning of the following line:..##include.debug....# The Wrapper will look for either of the following optional files for a..# valid License Key. License Key properties can optionally be included..# directly in this configuration file...#include ../conf/wrapper-license.conf..#include ../conf/wrapper-license-%WRAPPER_HOST_NAME%.conf....

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\conf\wrapper-license.conf

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):1507
                                                                                                                                            Entropy (8bit):4.889852945667597
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:24:AuirL0ehacM/x/rNxXM1ZD9WsRtPpnfUJWGhWR2ibrccXCGAAAKPvGAQJA3:wrXacqvpM1ZZWsR9BfUAGOJccjnfW5m
                                                                                                                                            MD5:C2E5FAFC194B32FCAFBE41A4C4271AA3
                                                                                                                                            SHA1:9BF8ACFD7369D60086019FBBFFF5ABBF0EB8DFAA
                                                                                                                                            SHA-256:1AB6476B9BB97594346588F309E7EB825A36865309B00568FB7C6A18630CBDFA
                                                                                                                                            SHA-512:D2BD4892DB07B089A274EF31BC7E744F40431DB12BE11A65372B9FF9F0E8498748CEDE7606C61D93037623AD6B8C4055FFE082B72322E4F487AD97731C0DF963
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:#encoding=UTF-8....# Thank you for your interest in the Java Service Wrapper...#..# This is a full featured trial License Key which will allow you to run or..# restart the Java Service Wrapper as many times as you like. Each..# invocation of the Wrapper will shutdown automatically after 15 minutes...#..# This limited trial License Key is useful for quick configuration tests..# on various machines without the need to request a trial license. If..# more time is required, you can also immediately obtain a one-month Free..# trial license:..# http://wrapper.tanukisoftware.com/trial..#..# The Java Service Wrapper requires a License Key to activate the..# software. License Keys can be purchased on the Java Service Wrapper..# web site:..# http://wrapper.tanukisoftware.com/purchase..#..# This trial License Key in intended for testing and development and should..# not be used as part of a deployed system...#..# If you obtain a one-month trial license or purchase a license, please..# repl

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\conf\wrapper.conf

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):9639
                                                                                                                                            Entropy (8bit):4.965818375359568
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:06YpLrO2uDxmLko3PyMRypyMdbyxsoHyNqRji/wDlDdaRt2DPw:iLrLLko31EdvqRji/IpaRIDPw
                                                                                                                                            MD5:9E2CAE47FE18158F7EFF3BBBD9A9C28B
                                                                                                                                            SHA1:84882389921F68DCB94A16154FB98224B132D97C
                                                                                                                                            SHA-256:13B61D495113FAD80B30E0C4B7C91406597681F5D99E8ADDE6C7D6CF3961EC73
                                                                                                                                            SHA-512:3B323D7A8FA7EFA4C354F080F9CE76487AFC103ADF149E2BDBCF444555577ED7450303C099A49DAEBAB3549049B78B0859C380E44C9FABB1EC9EC0A452CB2211
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:#encoding=UTF-8..# Configuration files must begin with a line specifying the encoding..# of the the file...#..# NOTE - Please use src/conf/wrapper.conf.in as a template for your..# own application rather than the values used for the..# TestWrapper sample.....#********************************************************************..# Wrapper License Properties (Ignored by Community Edition)..#********************************************************************..# Professional and Standard Editions of the Wrapper require a valid..# License Key to start. Licenses can be purchased or a trial license..# requested on the following pages:..# http://wrapper.tanukisoftware.com/purchase..# http://wrapper.tanukisoftware.com/trial....# Include file problems can be debugged by leaving only one '#'..# at the beginning of the following line:..##include.debug....# The Wrapper will look for either of the following optional files for a..# valid License Key. License Key properties can o

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\doc\index.html

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:HTML document, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):463
                                                                                                                                            Entropy (8bit):4.61934934095285
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:12:VK78kt5EkqfqCp0C/sZBdSKMeOWgcH/sZV+Vp+PGu:MUuCp0CU0lWUz28
                                                                                                                                            MD5:F07BD55A1707BC7B9AAC277CBBC1BA65
                                                                                                                                            SHA1:EC8B90C7E981242678EFD2740D4AC3FD2358891F
                                                                                                                                            SHA-256:0DE0A936CE56457E164A1F1882596B02A45366F2C15DA2C8D48A21981843327B
                                                                                                                                            SHA-512:D944C659C0FDB683D0E6CEA02438FB7BF0F8DF8C0D0ADD28C106A5E8F9BFB601E8045D4E174331D9B31E91BFBBF441FCF12D0883BBC20412535066201A9CE5A6
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:<html>.. <head>.. <title>Java Service Wrapper Documentation</title>.. </head>.. <body>.. Complete documentation can be found online:<br>.. <a href="http://wrapper.tanukisoftware.org">http://wrapper.tanukisoftware.org</a>.. <p>.. Java docs are available online as well:<br>.. <a href="http://wrapper.tanukisoftware.org/jdoc/index.html">http://wrapper.tanukisoftware.org/jdoc/index.html</a>.. </body>..</html>..

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\doc\revisions.txt

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):337785
                                                                                                                                            Entropy (8bit):4.661258232975328
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:6144:+qd/Kx/getGqFMJUMOB/U3MRUQLCZkFYPu:ghWq6y7OeFgu
                                                                                                                                            MD5:8397A17F4EACFEDE9BAE4D0ECD66F002
                                                                                                                                            SHA1:C6C3279717BB2AA533C6DC72446662AEEEBAD413
                                                                                                                                            SHA-256:138EEFA0AA42B71E5F295D3DA768773D75516DCDF0228D85AAE87764AC63D91B
                                                                                                                                            SHA-512:77A483D31BDAB8B70ACD0BFDE7E5112F14130E9E2CDBE2B17A41E9839557C3DD4AE71E754A38ADE3705C2EB65D599B2E8127158D6C2972E56F44C902044FA61E
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:Java Service Wrapper Revision History...--------------------------------------..3.5.59..* Fix file extension in the message printed when the native library of the.. macOS "universal" distribution could not be loaded. This distribution ships.. with a '.jnilib' library for backward compatibility with older versions of.. Java, but the Wrapper with Java 7 and later referenced the native library.. with a ".dylib" extension...* Fix wrapper.java.classpath.1 not being set for the DemoApp, causing an error.. where the main class was not found. Since 3.5.55...* Fix a problem that would prevent startup during the bootstrap step if the.. application's main class contained a static reference to the WrapperManager.. class...* (Professional) Make it possible to call WrapperManager.fireUserEvent(int) up.. until the point that the backend has been closed down. Previously it was only.. possible until the shutdown process started...* (Professional) Make it possible to call WrapperManager.exec()

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\doc\wrapper-development-license-1.3.txt

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):31185
                                                                                                                                            Entropy (8bit):4.861535258034657
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:768:lY9qAEz4Ev1N0nFibM2f/wI1iVfuza2+a:lYI1N04Ai91iuzv
                                                                                                                                            MD5:C638D637C484599EF47F0F5947FE060C
                                                                                                                                            SHA1:9722C5CF2FD9CEC07FC20BE5475BE7B4684AB505
                                                                                                                                            SHA-256:09AE65DD73D1594D3FB24CC52E63D6ABDA62BB167A79AEE0881293C820F298DD
                                                                                                                                            SHA-512:C485D977A9EA9DA89FAB47B30FAD978455B2A84F18908FE4813ED5EDA11EA0D61D38F079CABC8F497EA42282EC628E206C4FADF781FF031974FED9E81D94D1EE
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:----------------------------------------------------------------------..---------------- ----------------.. Tanuki Software, Ltd... Development Software License Agreement.. Version 1.3....IMPORTANT-READ CAREFULLY: This License Agreement is a legal agreement..between you ("Licensee") and Tanuki Software, Ltd. ("TSI"), under..which TSI grants licenses with respect to computer software,..associated media, printed materials, and may include online or..electronic documentation. PLEASE READ THIS AGREEMENT CAREFULLY BEFORE..YOU INSTALL, COPY, DOWNLOAD OR USE THE SOFTWARE ACCOMPANYING THIS..PACKAGE. BY INSTALLING, COPYING, DOWNLOADING OR USING THE SOFTWARE,..YOU, ON BEHALF OF YOURSELF AND/OR THE BUSINESS YOU REPRESENT, AGREE TO..BE BOUND BY ALL TERMS AND CONDITIONS OF THIS AGREEMENT INCLUDING ALL..TERMS AND CONDITIONS INCORPORATED HEREIN BY REFERENCE. The Licensee..may optionally request

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\doc\wrapper-server-license-1.3.txt

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):22305
                                                                                                                                            Entropy (8bit):4.8225851314699275
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:384:bW7n2VzVmAnnias5eXW+/FhVdi6EdKmud63gaZc98:lznniaScb/hdiVPuHap
                                                                                                                                            MD5:9B688E24CA5080BE302FA3FB317B8D4F
                                                                                                                                            SHA1:3DAA0CA0A3743EB842A49273D60E29A91C4B9B23
                                                                                                                                            SHA-256:976C8ADD5A2613BC96867304F41D7F71F4BBDF5D19227EA284AAFA2074C9B060
                                                                                                                                            SHA-512:06D8FD008AD027A22BC44ADAB5D432C81FBF5E06782A4195DB26A8BB4DA1DE3E4350BB5D370CDE366F3469659594A1F935AAB54ACBF7F5CCE2094C8976E670E6
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:----------------------------------------------------------------------..---------------- ----------------.. Tanuki Software, Ltd... Server Software License Agreement.. Version 1.3....IMPORTANT-READ CAREFULLY: This License Agreement is a legal agreement..between you ("Licensee") and Tanuki Software, Ltd. ("TSI"), under..which TSI grants licenses with respect to computer software,..associated media, printed materials, and may include online or..electronic documentation. PLEASE READ THIS AGREEMENT CAREFULLY BEFORE..YOU INSTALL, COPY, DOWNLOAD OR USE THE SOFTWARE ACCOMPANYING THIS..PACKAGE. BY INSTALLING, COPYING, DOWNLOADING OR USING THE SOFTWARE,..YOU, ON BEHALF OF YOURSELF AND/OR THE BUSINESS YOU REPRESENT, AGREE TO..BE BOUND BY ALL TERMS AND CONDITIONS OF THIS AGREEMENT INCLUDING ALL..TERMS AND CONDITIONS INCORPORATED HEREIN BY REFERENCE.......Section 1 - Grant of License....Eff

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\doc\wrapper-tsims-addendum-1.3.txt

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):11712
                                                                                                                                            Entropy (8bit):4.72840726540414
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:THCDMYqtOJ0h1Mx4MJQN/Dzr/ku8FJ0qS9S3sfaKVxEGP9mm4lHEP6F2mj:oCtOJ0hKtJwbn/j+J0x9LFxU3pEo2A
                                                                                                                                            MD5:DF9AE096B58F68A5257D8F718672CDAB
                                                                                                                                            SHA1:E587A3BDD4DF31F8F0B3779AD668C4A97B26B497
                                                                                                                                            SHA-256:3705441426ACF81292D63BAFA2228F150094F0B35BA99999D649C620D0D99E5F
                                                                                                                                            SHA-512:4258AAFE1CEA04CAFF36DF8975DBFF4568F78ABA51B9F6B22903A1A2688B85D42804ADEA7C4D05B1769F75535901BA4AAA76601D4C298CF54254325C3834BA2C
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:----------------------------------------------------------------------..----------------- ----------------.. Tanuki Software, Ltd... Maintenance Support Services Addendum.. Version 1.3....Maintenance Support Agreement Number: TSIMS-_____________....This Maintenance Support Services Addendum to the Development Software..License Agreement, number TSILA-_______________ ("Agreement") is..effective on ______ __, ____. All terms and definitions contained in..the Agreement to which this Addendum refers shall apply to the..Software Program and services provided hereunder unless superseded by..the terms below.......1. DEFINITIONS: The following definitions apply to this Addendum.....1.1 "TSIMS" means the annual, prepaid Maintenance Support services..plan provided to Licensee by Tanuki Software, Ltd. ("TSI") which..includes email based technical support during business hours..(wrapper-support@

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lang\wrapperTestApp_de.mo

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:GNU message catalog (little endian), revision 0.0, 306 messages, Project-Id-Version: louserzationwrapper 3.5.0 ' TestAction access_violation_native '
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):33244
                                                                                                                                            Entropy (8bit):5.079894489435223
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:768:lhU6pLEO/7tTtheiOE4hDCD+h1cUG5oLvcPfYZ3sedq5wdBZ:xx7CRcdOvcPfKd7Z
                                                                                                                                            MD5:5A50BAAE87A72D6F9A4020A5C60B3574
                                                                                                                                            SHA1:5E5596CFD690F15417DA862094D6800E428C5BF1
                                                                                                                                            SHA-256:1092E7159F024CB2BDC24602AD2C01A1EE7F4A363DE781FF4E0939035C88AE50
                                                                                                                                            SHA-512:E8722D6B628FDD4699FB6C92463FFC00310AF8C683D2ED48661E6A487FC8DE6CA864F29C75C264DBA7FBD1C32C2BBD425F7132668A0E36B700F119EEF59617B5
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:........2...............<...........&.......J.......?.......@...S...@.......T.......W...*...@.......C.......W.......N..._...8.......F.......I.......?...x...@.......2.......2...,...Q..._...1.......Z.......@...>...@.......5.......?.......K...6 ..].... ..b.... ..Z...C!..H....!..H....!..<...0"..E...m"..]...."..:....#..:...L#..C....#..C....#..C....$..`...S$..`....$..N....%..9...d%..C....%..<....%.......&......3&......I&......S&......b&..+...{&..%....&.......&.......&..n....&......Y'......q'.......'.......'..L....'.......'.......(..!....(..&...2(..'...Y(.......(.......(.......(..@....(..0....(..n....)..P....)..P....)..P...$*..P...u*..=....*..[....+..O...`+..X....+..X....,..X...b,..a....,..m....-.......-..R....-.......-.......-..............................%.......+...*...;.......f...c..................../......./......"/......3/......:/......C/..6...^/..-..../..(..../......./..-..../......*0..(...10......Z0..?...r0..+....0.......0.......0.......1..2....1......O1......U1......h1......x1......

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lang\wrapperTestApp_ja.mo

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:GNU message catalog (little endian), revision 0.0, 306 messages, Project-Id-Version: Wrapper Test Application ' \343\202\242\343\202\257\343\202\267\343\203\247\343\203\263\343\201\256\343\203\206\343\202\271\343\203\210 access_violation_native '
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):37221
                                                                                                                                            Entropy (8bit):5.749432372798167
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:768:lhU6p82Nx/7tTtheiOE4hDCD+hLGseQfbbA/Mdr:xmwxCvq+bbf
                                                                                                                                            MD5:0ADAFD943F6C92B225A69B15361D2614
                                                                                                                                            SHA1:B890BE23DEA376C810BD6EE2BAA41B829B00B2EA
                                                                                                                                            SHA-256:56DDFEDA724CB900E233080527A2280B0637AD61A22D994DA8AC9343F391FA44
                                                                                                                                            SHA-512:D66A0FD69B7F95EE43585CFA17D67913D01405349E7DCD9B5B07FAB04F6A1E1C6148BEC1455E2B249DFFA4E90EBA456990C0E0F826700589C2F2AC0ADAEC7D8B
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:........2...............<...........&.......J.......?.......@...S...@.......T.......W...*...@.......C.......W.......N..._...8.......F.......I.......?...x...@.......2.......2...,...Q..._...1.......Z.......@...>...@.......5.......?.......K...6 ..].... ..b.... ..Z...C!..H....!..H....!..<...0"..E...m"..]...."..:....#..:...L#..C....#..C....#..C....$..`...S$..`....$..N....%..9...d%..C....%..<....%.......&......3&......I&......S&......b&..+...{&..%....&.......&.......&..n....&......Y'......q'.......'.......'..L....'.......'.......(..!....(..&...2(..'...Y(.......(.......(.......(..@....(..0....(..n....)..P....)..P....)..P...$*..P...u*..=....*..[....+..O...`+..X....+..X....,..X...b,..a....,..m....-.......-..R....-.......-.......-..............................%.......+...*...;.......f...c..................../......./......"/......3/......:/......C/..6...^/..-..../..(..../......./..-..../......*0..(...10......Z0..?...r0..+....0.......0.......0.......1..2....1......O1......U1......h1......x1......

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lang\wrapper_de.mo

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:GNU message catalog (little endian), revision 0.0, 2003 messages, Project-Id-Version: louserzationwrapper 3.5.0 'Rufe StartServiceCtrlDispatcher auf \342\200\246 bitte warten.'
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):292369
                                                                                                                                            Entropy (8bit):5.2685900446721785
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:6144:VrBTfA6LqQoIcfqRSy6iLlTMYkTtJyG5y1xW6P+/o0bWJ3MLHRBUk9SBFIMRX6ms:DjNLN2SRSqlT2JyGYZ90bW52HRM+vVsY
                                                                                                                                            MD5:74105488C87BDCC2A560EA73BC9B914C
                                                                                                                                            SHA1:F3B9332B4CB3D24084AF11A6286BDB956608A428
                                                                                                                                            SHA-256:4A83FABF1081548C973B345EAD9C06010CF9F03852EE6DD4F782DA505349E3D5
                                                                                                                                            SHA-512:5144B9B7FADA1B27F1FD77E54178C7426AECC8DFBA014DCE265F471685DBD8B4B8E646E52E43C69ED5BD96815F9332FA9B651B9208F59AE2C6B8A4C6A95101EE
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:.................>..o...L}..........3...........=.......L.......a...........0...............A......G.......X...V...O......./.........../...H..........4...O.......H...o...........O...C...........N...........n..._.......I...\...N.......4.......O...*...?...z...@.......1.......1...-......._... ...}...........'.......&......>.......C...I... .......+.......0..............@...'.......h...5......................%..............$.......D...C...8.......*....... ......'.......'...5.......].......{.........................."..................).......F.......c...&...|...........D.......8...........8.......O.......f.......}.................................. ..........................6...6...K...F.......N......"...........;...A...Q...........&..............D......:...........i.......p...P.......'...]...*.......,.......%......*.......P.......(.......7.......Q......)...2...Q...\...a......._.......`...p...1......!.......#...%...%...I...-...o...7..............%......-...........8.......

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lang\wrapper_ja.mo

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:GNU message catalog (little endian), revision 0.0, 1957 messages, Project-Id-Version: Wrapper louserzation 1.0 'StartServiceCtrlDispatcher \343\202\222\345\221\274\343\201\263\345\207\272\343\201\227\344\270\255\342\200\246\343\201\212\345\276\205\343\201\241\343\201\217\343\201\240\343\201\225\343\201\204\343\200\202'
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):315188
                                                                                                                                            Entropy (8bit):6.002630069572304
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:3072:2RnAp2mZZaisYtpBSYy/KMN5IeidaaW76Y5MY/lv08TGTJEtfEXLoB2zo:Np2miisYQ5yaqH92bEb3o
                                                                                                                                            MD5:B26266CDEC1D78E9748B3AC36851A7FC
                                                                                                                                            SHA1:66C95247A47463873E0F3976436ADC38013C1362
                                                                                                                                            SHA-256:659CCAB53200B0746AD70486861E625D8F05961ADB3A8ADA1C5EC4C9AE521CA7
                                                                                                                                            SHA-512:45C437E77B47FB4263D588DD74A602B4DFD837F57B25FBF8039CA3DDB07E9C5C73BD65A1F05CEB4AD8998D70F313FCC619E5FF2ED55E29C6B3D98362D745A801
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:................D=..1...lz......0...3...1.......e.......t...................0..............O......./...D.......t...H...0.......y...O...d...H...............O..............N...d..........._...A...I.......N......4...:...O...o...?.......@.......1...@...1...r........... .............'.......&...(...>...O...C....... ......+......0...........P...@...l...........5......................%...(.......N...$...c...D.......8......*....... ...1...'...R...'...z.........................................."...1.......T.......n...................&..............D.......8...D.......}........................................................ ...-.......N.......d.......{...6.......F......N......."...]...........A..............&...............D.......:...s...................P...Q...'.......*......,.......%..."...*...H...P...s...(......7......Q...%...)...w...Q.......a......_...U...`.......1.......!...H...#...j...%.......-.......7..............%...)...-...O.......}...........@.......h......)...

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lang\wrapperjni_de.mo

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:GNU message catalog (little endian), revision 0.0, 511 messages, Project-Id-Version: louserzationwrapper 3.5.0 ' der Anwendung.'
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):66400
                                                                                                                                            Entropy (8bit):5.251936951234125
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:1536:avTEceOskJGnK2G1fSvlDNktx6PWyG8tFmVe8HKdP:kAvpkJ12GdS8tx6PWyG8qVe8HKdP
                                                                                                                                            MD5:F98FCD99647A712068BAD9AAFAB08012
                                                                                                                                            SHA1:6C776DB9294C895E8F80B0AAA7390339720D11C2
                                                                                                                                            SHA-256:CC56469C818449C3481A3727136F5FF66E45BCE159EE3ACECF34ACB418E04281
                                                                                                                                            SHA-512:83155A41D045FB1C95E6DB2677579B7A801458ADB816BF551202FD649CE4AD91958923F7CA644D066E5BD73C2ED449139D45FBAC140F420C800AA58A062221E5
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:......................... .......*.......*..8....*.......+..<...1+..A...n+..C....+..&....+..9....,..@...U,..I....,..J....,......+-......=-......Q-......^-.."...l-.. ....-.......-..@....-..<.......B...J...L.......)............/...... /......=/......[/......m/..X...}/......./..D...Y0..K....0..&....0..N....1..a...`1.......1..N....2..L....2..F...63..M...}3..K....3..E....4..M...]4.......4.......4.......4.......4.......4.......4.......5......45......@5......V5......c5......r5.. ....5.......5.......5.......5.......5.......6..#...#6..$...G6..*...l6..,....6.......6..#....6.."....7......+7.."...>7......a7..'...}7..$....7.......7..0....7../....8..+...<8..&...h8.......8..3....8..G....8......:9..&...O9..-...v9..%....9.......9..G....9..4...*:..1..._:.......:..#....:.......:.......:.......:.......;......';..%...;;..%...a;..%....;..1....;.......;.......;.......<..1...+<.. ...]<......~<.......=.......=..8....=..?....=..?...&>.."...f>..,....>..+....>..S....>../...6?..-...f?..'....?.......?..0....?../...

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lang\wrapperjni_ja.mo

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:GNU message catalog (little endian), revision 0.0, 522 messages, Project-Id-Version: Wrapper louserzation 1.0 ' \343\200\200'
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):75414
                                                                                                                                            Entropy (8bit):5.9065461836981905
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:768:1tjI8wg3HReQHXJG8dnOa19QSwoqn6R5YpIz2ZGbfAmVQHljhPi35X7c3Y4kTcUv:1tc8wwxeQ3JGnTc5P4jJS
                                                                                                                                            MD5:D5887D2A4E7FA8BB7E839316ECE5917B
                                                                                                                                            SHA1:9C72E8A36C57499AC74AC668BD53F89E33317AB3
                                                                                                                                            SHA-256:C710AEB50FF5AC07655F395C8DBB00BE15ACC7A1E0E1DE62EEA9060DDF9E93A7
                                                                                                                                            SHA-512:82EADEA87703DC9796F7F58C3E2ABA63D74343D2F33C6AFAFC4061AB416963247A9AC5B7ACB69D75AF2F2906A55BF5325DF4F0C8C8C83BEB139C0369BC10AEEB
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:................l........ .......+.......+..%....+..8....+......0,......P,..<...o,..A....,..C....,..&...2-..9...Y-..@....-..I....-..J...........i.......{..................."....... ...............@..../..<...K/..B..../..L..../..)....0......B0......^0......{0.......0.......0..X....0.......1..D....1..K....1..&...(2..N...O2..a....2.......3..N....3..L...'4..F...t4..M....4..K....5..E...U5..M....5.......5.......6.......6.......6......-6......;6......Y6......r6......~6.......6.......6.......6.. ....6.......6.......7......(7......;7......F7..#...a7..$....7..*....7..,....7.......8..#..."8.."...F8......i8.."...|8.......8..'....8..$....8.......9..0....9../...J9..+...z9..&....9.......9..3....9..G...0:......x:..&....:..-....:..%....:.......;..G... ;..4...h;..1....;.......;..#....;.......<.......<......0<......L<......e<..%...y<..%....<..%....<..1....<.......=......9=......Y=..1...i=.. ....=.......=......B>.......>..8....>..?...$?..?...d?.."....?..,....?..+....?..S... @../...t@..-....@..'....@......

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lib\wrapper.dll

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):414880
                                                                                                                                            Entropy (8bit):5.570947920967687
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:6144:cCVE/rPjwkIF/zv9MpNs6z6APzXP+ARkf0agyoazz:Ha/rLzI19MHvDzXvblazz
                                                                                                                                            MD5:71165922712AC864C946C9F1DB57E557
                                                                                                                                            SHA1:C73287F4E6F5E182E690DCAE2CA368690B3E7C91
                                                                                                                                            SHA-256:DA4EABE35B1589133FE6C49D98BBE3D06AA3580E25178BEFF50C31C32AF4106D
                                                                                                                                            SHA-512:9DD9EB7B46561E4FEE856D4032AC7BA1F9E1A704BD1E59B0AFE29948FBAB94D521AB5F70989D0ECE73D6EB41B964BD8F13FCE57E8E69600857B25135853ABC49
                                                                                                                                            Malicious:false
                                                                                                                                            Antivirus:
                                                                                                                                            • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......L.#^.mM..mM..mM..?..#mM..?...mM./.6..mM..mL..mM..?...mM..?...mM..?...mM..?...mM.Rich.mM.........................PE..d....G.f.........." .................................................................E....@.............................................2...............lp....... .......P...p.......+..................................................x............................text...]........................... ..`.rdata...w... ...x..................@..@.data...d...........................@....pdata..D%.......&...F..............@..@.idata...............l..............@....rsrc...lp.......r..................@..@.reloc.......p......................@..B........................................................................................................................................................................................................................

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lib\wrapper.jar

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):149034
                                                                                                                                            Entropy (8bit):7.912342903128196
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:3072:JD/iXaILWOWpqQ7gbrJkWwCYFbZ/X7Ds6BSAG73FNw8MEiye8ZdQb:JD/EaIaDpNgbmWYldXvBSAGDiPyehb
                                                                                                                                            MD5:070A70FBB1B1C7BAB82B7A2A7B5D8D68
                                                                                                                                            SHA1:CF6ABF27159C287205FB6DF39CDB48C66D1B345D
                                                                                                                                            SHA-256:1C84967ABC930275B5B69159A56CFEE96A52811B2F25B92C40E761B2EE2CA2CC
                                                                                                                                            SHA-512:E85C39180EEC52867654B32AA043EF6A118501E9C893C14D891467FFA681FCFC24BFFE7A37BA98D6D1BCE1EFFF7A67C8B2F49536667A8FDE3FD7F680456240B2
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:PK...........X................META-INF/MANIFEST.MF.ZI....;..!.o..z63......3.Ql:.A.b....eW.tYi){...A....=.JJ..i2._..........~.D5.qBuA.'/...C.+....'..._...}.+....%...2..E)....aL..Eh......=.....1h....I..2.?^.>......%..>....[.y....w.z`vIT.E.....b.nO.`.^...(yq....4q...b}C|1.C..E...|......W...I..*..f|....~........?....7D.-"....~o./...o...FU0..../0..a....?^2:6.CE........L..ot.V.-..N...YN.....[4..=...7.2o...."4"c.Z!..0.0mp.R.......Oa.M......@...?...W\..)[..j D...B.i....O.X4..^.n...5v..`.i..C.....r..Y]%.xL..T...5:`*y.}.!........u1.. ..9.4E!....K.8.....BN.$.b3...F=..1...:..L.E..Z.F.>...L......c.eZ....:>....F..m..k1a.....[6.|..px.) ..w.?..U..J(.....y....cC..ms...K%...8...h!..6;JWs.r"*.OY"..........v...2X.[Dh.uv.Dh.......w>,......yA....H.{.t...n1..m...a....,ggH.Yr..X1.e.c..|#...L.}[q.g.,.s.B....n.^.....i.l..............m.+...&K.w.)7... .....'hN,..#F#...8...*.H.<X.?...h.].,.&...pg...\.k.....:.jg..|..v.S~..CR.c.HH.6..6D/...{.Z=..>H]...............

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lib\wrapperdemo.jar

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):78343
                                                                                                                                            Entropy (8bit):7.926317789925667
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:1536:qQQxPVjY+Jl39gwr/lbl6FaH6PsYtoLwlQryqVathCFh9m5iQG3M:cHjYK39gqplaXUpr3VaQho5iQG3M
                                                                                                                                            MD5:317FEE7E30130FCBBBDE16C7C043C761
                                                                                                                                            SHA1:885729C54EFC955516C7631B417F98D8C111490D
                                                                                                                                            SHA-256:F2EA1A7BEE20508F0D160368306FBA00B4C79401A9BA957B90B48B22781531EB
                                                                                                                                            SHA-512:ABF6D7D270B66B33196D04E9C0564AAFAD399F34619DA947E3E85DC78034F4441A7204017CC428A038C4C9B8F7A8240596DB6A246ED92AB8D6F99CFF6812BA8F
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:PK...........X................META-INF/MANIFEST.MF..I..H...).w.C.f.Y..)i..0;^..s)..........Y.]]5T.."^....x.V.,.A.^@UGy...] .OT...U.n.^.qs.........^..7{|.}E.W.._....%r..~..H..!s..~~...y.o...G.O....|y.`.X.~...Xt.]..z~b..doo...h..V.7.#.n.6..I.].n...Tm.....^@........}C..En.....$X.V....$.E.R.5.....N...'.....e.tb.............x~z~..o<........v...u......N..7|.FQx..[..L..W.....F_1......)U;.^......#3#....9..cS...n..n Z.{...;.=.;..x:...f.kP.....(m.N.#.$a~.lO...<94....-.5......~....=9w.i...!..2:':q.o..6......\...FZZ. .......q...J.4h..[.l...,j...&..r.......0..6i2>.^2z..f/..~......C<0X....xE..8..{S.q./..P..\x:.|..^...<.{.T..vA.....J<..9H.3...M..Y.~...H/.z/3....V...g.g@<.d.2 .....M. .......*<...X..6c...>.Db$..]l.]2..'.a.;.V.t.A6!...r...N.b........c%O=r;..b&..;3.......p.."...N..tF..=....._..^...UA.n..r.{.w..h.IV.r......G...<....p...<..s.v.O.i.....F...t......,.. ......*_J.8..j{|....y.A...N/CP.B.."...b..........fv=.|../.Z.0...a.....k^{...8a...:v^

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\lib\wrappertest.jar

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):166012
                                                                                                                                            Entropy (8bit):7.926448522529392
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:3072:d8I8CgqUOEiRQKBQ0/I1S0VQDR4FHJS7yRrpKdwxvlH7oZSQzfjv/f20TUzNg:tbgxOEiRQEm9VIRKSChxNboZffjv/zT7
                                                                                                                                            MD5:7614F13F2062DBC5CA0378230C1FA018
                                                                                                                                            SHA1:D237E0AC2C781D4D3355B97E171F5DB3A4E6F483
                                                                                                                                            SHA-256:4021B936095C30E56D6C520479DDAD7AA38FF437217B1FD48558C3B5925A1B0F
                                                                                                                                            SHA-512:FEFDCEBBBD5FB86F403A08F09C9DBD3D69BE82E072386AE115027E7A3978B966F6725700A05FF0AFD8F33879D33DAEB8F9533A9DA47970A1D4C7CAD14DE3F6D8
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:PK...........X................META-INF/MANIFEST.MF.ZI.H..;....>..c.#.9 @B v..2../b.~.........."^UV..Y%yu.G....>k..?._......?t..i.i.o}I~.>~`........6.....L}.!....c.I.....U..K.|....cV._..^=.......^...../...x....2w^.F....2D..,>.^.....F..Y.........V.&..uS.D....5.:l..?."~2.C....~....&@.._p..K.Q...p....|.........e.g....g._.uG..^.6.....o...........@.....:x....7.K......?#8..u.....g....*s_!.X".......i+...ap...'.......7d.X....BX*k.7...+.F4~....Q.........6......7..N.._...Q.C..z.[.@..2.gN...(..b.......W.6..k...^...>2.[s@....`..S;.j....zHMGd..mI..J+Pf_{..F^xm........WV=.A$...%-t..._..q..?.S..../..l..-hXRe8K.k,....c.X..}.,....v....Q.;....t.Vs.gf.[.....h[.:2#....9..xu.*...K..~A/...kS'.X...W*L.f..[.2k....16.(6.........$..AG.....k..~.L.%...vs.\...H...U.....B......sN..'.9ov.~.g...A.:....\7...d...0.JgP+.J..x...i..S@.p.?.y...M...h.E.N/..sp...'..f.ig;..~..n...Y...~..o&.!n..f.ge.(....~rM......~../...Q.7]...f.O..jaW../..N9.N....u...L..."...q)..eV.....

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\App.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):7990
                                                                                                                                            Entropy (8bit):5.314749324480969
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:K0Mg9LEdESeRAZ8Kl7/fAD1T1yBBjxDcDY6mjX:ig9LEdjtZ8qDfAnSto6
                                                                                                                                            MD5:5EC2C7F99DF82C55ECEE38A0F83FB508
                                                                                                                                            SHA1:C49390FEBACC494EBA40E5D30FA058CBE684AC65
                                                                                                                                            SHA-256:D1663E79204B2438AE876549FBD33F27D5614AF244ABBC7B768C7BF267FB7B1B
                                                                                                                                            SHA-512:6226317FDA2744663EF3824FBF1848CF9F2A05F9B71D4F801B51088BB81B9E3EABAD0818C3B46DB7A1349F0E22780D8B60335DB2071E82CCED83510B4C86BB0C
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Run as a console application...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..s

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\AppCommand.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):12216
                                                                                                                                            Entropy (8bit):5.260595375615063
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:KSMg93WiSeRwcZ8Kl7/+Dv3Q/1yBBjxDcDY5O2ZmjX:yg93WJPcZ8qD+TQ9Stovf
                                                                                                                                            MD5:88FA78E820A09B2F369F5F1B66106F1C
                                                                                                                                            SHA1:611E79D97C0F760B1CF347F0E486FCFBBF8F7D16
                                                                                                                                            SHA-256:E601BA93F1BFF7782F6B150946B330A61FBEC874CB4A200E30D94DD601462131
                                                                                                                                            SHA-512:316515C2153BD96B55D872410B7B349DB4E2AD6DB55B0F2604F5A87633C69F710F022F799B63139925C92D13636FCA82C932724155A0C5F18188EBF96756DF21
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper command based script...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set _WRAPPER_DIR=.

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\AppNoWrapper.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):1050
                                                                                                                                            Entropy (8bit):4.831847527623331
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:24:wQ93iXf132DW+u3Cv48VRyP2hKYZ90mvXVx1ElYATfSO8hI:p9Q13ijuSv40XDKmvFx11I
                                                                                                                                            MD5:2DA1AA2ABF9C3EA1CDFD43B2CFD7F256
                                                                                                                                            SHA1:2169BCEC0510B2A83744330CC6C0CF0CB7B2141F
                                                                                                                                            SHA-256:55E0E460CBCC4C096AA683B21662A08252F046E5E1B88A8E3EEC465F5527D0AC
                                                                                                                                            SHA-512:BC1FA91E47AAD42C2CCC9A2A175109AF57BA6356E95852B8F33A9F26199C99472869C4E28082E5D37C2C7B47F33E400D579375CA20C5D709A6F49C92AC4D2004
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem This script is an example of how to run your application without the Wrapper, but with the..rem Wrapper helper classes. You can obtain the actual command generated by the wrapper for..rem your application by running the Wrapper with the wrapper.java.command.loglevel=INFO..rem property set...rem....rem The wrapper.key property MUST be removed from the resulting command or it will fail to..rem run correctly.....java -Xms16m -Xmx64m -Djava.library.path="../lib" -Djava.class.path="../lib/wrapper.jar;../lib/wrappertest.jar" -Dwrapper.native_library="wrapper" -Dwrapper.deb

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\AppTemplate.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4944
                                                                                                                                            Entropy (8bit):5.329711424047462
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KsZMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QXmjX:KCMg9LEd/Z8Kl7/fgDWmjX
                                                                                                                                            MD5:92880960250207CA09326DEA7A60F382
                                                                                                                                            SHA1:7316CB80F8224471F1FAD5480B60674556643077
                                                                                                                                            SHA-256:F83CD735C05ED5D90458F57B6A9901321EA79FEBDB7F7938AD8DE75DFAB7911A
                                                                                                                                            SHA-512:9452903D3EE9AA9999FD7390885BE4B12417C9820084CDE000120D467CEF5E7BCB601DFDF5BC6E2A01CDB80C37A1327E842F8D5DF6C07CDEB7CA83AB3FF4629B
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem @script.description@..rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set _WRAPPER_DIR=....rem The name and lo

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\AppTemplatePassThrough.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):7981
                                                                                                                                            Entropy (8bit):5.321168264120539
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:KCMg9LEdESeRAZ8Kl7/fAD1T1yBBjxDcDY2mjX:+g9LEdjtZ8qDfAnStoW
                                                                                                                                            MD5:EA9ED2F7DA59C1D71140137C13B44EE4
                                                                                                                                            SHA1:F2A944174167BD8661FAB54B49DCAC941E1264F8
                                                                                                                                            SHA-256:E0346BA19E143071D57DD23EF7926D8DDC9CC6E011D57DD49ACA46B7F9EF4E4A
                                                                                                                                            SHA-512:3EA90E359C5CB98F41859B976514A0847C5F6FEBACC1236502D830DF3810C50B7DF33D26BE56B784C354EF86481410BAD1504A8D59EBC44FCB916F3711909379
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem @script.description@..rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set _WRAPPER_DIR=....rem The name and lo

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\InstallApp-NT.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):7986
                                                                                                                                            Entropy (8bit):5.315307714415175
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:K2Mg9LEdESeRAZ8Kl7/fAD1T1yBBjxDcDYamjX:Eg9LEdjtZ8qDfAnStoe
                                                                                                                                            MD5:406EDB4D392C7D215296BB4B1ADC7ABF
                                                                                                                                            SHA1:EC6ACEFEBC8554144037B3BCB1B6E7266604E207
                                                                                                                                            SHA-256:7220D1083583C8D2DD9A50E81229958BF376FE40F76DF2FB062BD529574DB490
                                                                                                                                            SHA-512:ED4D06FACE36586544D17307C3D9CB9354C42D0BF119C270A8622CC8E1A6C6660EFEF66E0CCF1AA9818ECBEDA0706C7568D213ED728015873768D6787AB715BE
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Install as an NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set _

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\PauseApp-NT.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4966
                                                                                                                                            Entropy (8bit):5.323252746906217
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KsdMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3Q3mjX:KEMg9LEd/Z8Kl7/fgD8mjX
                                                                                                                                            MD5:E72F141CCD6B50D5137A97C868F9417F
                                                                                                                                            SHA1:8BAE5D8B3DF13B2DA75B647F380668280B6B24CB
                                                                                                                                            SHA-256:A6B30BA819CEEFA88C4C775541F2E379695FAB2FA25568AE72DD81049E4DD290
                                                                                                                                            SHA-512:9A5D319E09431BB39CC0F14312F936BA53FAE50B3172B20B4B958942F825A1F93F1040036099E43B30B7ACD4039B743975BAC0B52162CBCB61F818A44BAF4B3B
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Pause a running NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\QueryApp-NT.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4977
                                                                                                                                            Entropy (8bit):5.3223499574206485
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KsJMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QHmjX:K+Mg9LEd/Z8Kl7/fgDsmjX
                                                                                                                                            MD5:1E6D275EA634F3F219643AB76A9AEAF4
                                                                                                                                            SHA1:05328633A5233A707CDA45486F52E6C24CE44D51
                                                                                                                                            SHA-256:8050AC8CE814285E40816248490F36484C6FFB710761DFB815F1958F0DE5B35D
                                                                                                                                            SHA-512:DD1493E276289B8C81831ED4D8FAC47DF8388DC64C947AA38B240FF53D2EE4919750F578B84BC6EDB538968BF4A6611A6C125A8C8D228C4A88B0A3F80BEEE189
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Query the current status of a service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the vari

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\ResumeApp-NT.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4966
                                                                                                                                            Entropy (8bit):5.322600337660085
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KsZMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QbmjX:KUMg9LEd/Z8Kl7/fgD4mjX
                                                                                                                                            MD5:9D79EE1C615CED1C15529AFD5AACB599
                                                                                                                                            SHA1:834E62ED524E0D2BC623F442BB2CA87BC1793AC1
                                                                                                                                            SHA-256:559BA28D13FD19E20C069DC6EC08C89AB13C8220545F42BE0D61930436DDAC5C
                                                                                                                                            SHA-512:F27F4A073EF6E43E6C7955037896FAFAD55C712CF23D6ED50C4663E91BB43E08440C04E0F65A7F807C78168B62013281849585344A041EF05DB6E6DF40A0A298
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Resume a paused NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\SetupApp.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4944
                                                                                                                                            Entropy (8bit):5.325042481769513
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KsUh3MMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QqmjX:KpMg9LEd/Z8Kl7/fgDrmjX
                                                                                                                                            MD5:98E4F8A247694D96B18ECD867F66C06D
                                                                                                                                            SHA1:0C8328369F5658131E11D736F961F25DF181CD79
                                                                                                                                            SHA-256:5B28B27C1A14E95CA5F71483AD00F99D82330FD8727E6E4A992C106DB2A4CD15
                                                                                                                                            SHA-512:DC49D86758F47B489FF78B896DB0403BA6A4EB31A7481601CFBB044136789EF5955AC114E162575CA3D9866B4E49BC949C3C84744666B866BD25FEC7878DBCB0
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper setup script...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set _WRAPPER_DIR=....rem T

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\StartApp-NT.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4962
                                                                                                                                            Entropy (8bit):5.322702512593209
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KsMMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QXSmjX:KhMg9LEd/Z8Kl7/fgD4SmjX
                                                                                                                                            MD5:BFE379DF92440E0925926FE6AEEB4197
                                                                                                                                            SHA1:F94AD87E0123EAFF585A8CA560D9BAFE40A04FBB
                                                                                                                                            SHA-256:CA1D76E47A1466A44FB418FE797ECC82FD05DD16214A42055A4C85CF6B91CD27
                                                                                                                                            SHA-512:C912978B87F8A6B8013B331D8F839818C59AB9FE473E9E8F4B8DD762A917E8E184172B72C8A7DDE505AC6E4D4F40CB930D347C72CE1DD0549DF5EEABC41BE567
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Start as an NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set _WR

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\StopApp-NT.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4965
                                                                                                                                            Entropy (8bit):5.32271611922965
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KshhMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QOmjX:KMMg9LEd/Z8Kl7/fgDVmjX
                                                                                                                                            MD5:2BE057A6FA1811972B4D61805645488E
                                                                                                                                            SHA1:FCA67B03EB619708C63F1F199D5308FF0168671C
                                                                                                                                            SHA-256:683B8F2531042156BAD95939BBB56EE408F20916FE57F0F1DE98CFE50FA5DD1E
                                                                                                                                            SHA-512:4AEC9560FE6B7DD796FC8B8073B0D4BC225B2BFA33FED4156467177A870B742772FC545ABA2772815F4E131E70BA31A1FBF8868FEFA27FC7650C573BAA701527
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Stop a started NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\TeardownApp.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4947
                                                                                                                                            Entropy (8bit):5.324811435153823
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:Ks53MMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QimjX:KkMg9LEd/Z8Kl7/fgDzmjX
                                                                                                                                            MD5:E79CDF147657F721C014AD748B7A73FD
                                                                                                                                            SHA1:0DFD8179153824D7A6A610C79F2299DE0A1CF4B3
                                                                                                                                            SHA-256:2A248C606A8117868D5E402FAB240609794DB0BDEA0642FAE2A8A180776EDDC3
                                                                                                                                            SHA-512:508D7AFAD932D45A7E00980D5AC36923B7E7BD61F33F382114CA8DAFDD55CA598AEDDCE1E8AF86C4849A0C4395D945CB911C6F09D807FAC8699E5E18DE42E7DE
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper teardown script...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. ..set _WRAPPER_DIR=....re

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\bin\UninstallApp-NT.bat.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):4970
                                                                                                                                            Entropy (8bit):5.324209246341133
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:KstMMNIM6aFpgdWYldP/Cta8Ku+7AqFpfJaDR3QYmjX:KoMg9LEd/Z8Kl7/fgD7mjX
                                                                                                                                            MD5:8A14B1F06C83AF23D141A7E50D7939B2
                                                                                                                                            SHA1:D5B41DC8C1A3C98D7132D4EB35C48DF541FD73FA
                                                                                                                                            SHA-256:CFB1852F3829CA10BB982B7DB989A49E34E9F744E548F593659E32F18761936E
                                                                                                                                            SHA-512:DB7E12E8D088AF1F4DC4626DE1D0A2F82CEAA16A303FB7BE15EEFF9A4C557BBFABB2A361CD7C3A57FDE6C34B0760B801E650ED4F0D3F025C2FF7A7E261E24E50
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@echo off..setlocal....rem..rem Copyright (c) 1999, 2024 Tanuki Software, Ltd...rem http://www.tanukisoftware.com..rem All rights reserved...rem..rem This software is the proprietary information of Tanuki Software...rem You shall use it only in accordance with the terms of the..rem license agreement you entered into with Tanuki Software...rem http://wrapper.tanukisoftware.com/doc/english/licenseOverview.html..rem..rem Java Service Wrapper script - Uninstall/remove an NT service...rem....rem -----------------------------------------------------------------------------..rem These settings can be modified to fit the needs of your application..rem Optimized for use with version 3.5.59-pro of the Wrapper.....rem The base name for the Wrapper binary...set _WRAPPER_BASE=wrapper....rem The directory where the Wrapper binary (.exe) file is located. It can be..rem either an absolute or a relative path. If the path contains any special ..rem characters, please make sure to quote the variable. .

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\conf\wrapper-license-time.conf

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):1507
                                                                                                                                            Entropy (8bit):4.889852945667597
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:24:AuirL0ehacM/x/rNxXM1ZD9WsRtPpnfUJWGhWR2ibrccXCGAAAKPvGAQJA3:wrXacqvpM1ZZWsR9BfUAGOJccjnfW5m
                                                                                                                                            MD5:C2E5FAFC194B32FCAFBE41A4C4271AA3
                                                                                                                                            SHA1:9BF8ACFD7369D60086019FBBFFF5ABBF0EB8DFAA
                                                                                                                                            SHA-256:1AB6476B9BB97594346588F309E7EB825A36865309B00568FB7C6A18630CBDFA
                                                                                                                                            SHA-512:D2BD4892DB07B089A274EF31BC7E744F40431DB12BE11A65372B9FF9F0E8498748CEDE7606C61D93037623AD6B8C4055FFE082B72322E4F487AD97731C0DF963
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:#encoding=UTF-8....# Thank you for your interest in the Java Service Wrapper...#..# This is a full featured trial License Key which will allow you to run or..# restart the Java Service Wrapper as many times as you like. Each..# invocation of the Wrapper will shutdown automatically after 15 minutes...#..# This limited trial License Key is useful for quick configuration tests..# on various machines without the need to request a trial license. If..# more time is required, you can also immediately obtain a one-month Free..# trial license:..# http://wrapper.tanukisoftware.com/trial..#..# The Java Service Wrapper requires a License Key to activate the..# software. License Keys can be purchased on the Java Service Wrapper..# web site:..# http://wrapper.tanukisoftware.com/purchase..#..# This trial License Key in intended for testing and development and should..# not be used as part of a deployed system...#..# If you obtain a one-month trial license or purchase a license, please..# repl

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\conf\wrapper.conf.in

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):9138
                                                                                                                                            Entropy (8bit):4.970071427575102
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:0vYpLrO2uDGmbko3QyMRypyMdbyxsoHy8hqRmiNwDlDdaMwJt2DPw:1Lrsbko3sEd6hqRmiNIpaMwJIDPw
                                                                                                                                            MD5:9AEB7FA196AAB9BE2DE3E85679ED36C0
                                                                                                                                            SHA1:7D36F98C5D81C94516FD96A9EE715A63AA935B6D
                                                                                                                                            SHA-256:5A19905692E7B91C3EBABD8460DA722491407E81928DFA2817E1D3CE52EED276
                                                                                                                                            SHA-512:B012A52A1C218BD7DF9A78E260704D35A5764E7E53DF4292AA07BA4918F0C27315ACD4EBA0E8E9B07D49D3C65A3D6AC7F18659F8AC366E140364B26EEF42F56D
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:#encoding=UTF-8..# Configuration files must begin with a line specifying the encoding..# of the the file.....#********************************************************************..# Wrapper License Properties (Ignored by Community Edition)..#********************************************************************..# Professional and Standard Editions of the Wrapper require a valid..# License Key to start. Licenses can be purchased or a trial license..# requested on the following pages:..# http://wrapper.tanukisoftware.com/purchase..# http://wrapper.tanukisoftware.com/trial....# Include file problems can be debugged by leaving only one '#'..# at the beginning of the following line:..##include.debug....# The Wrapper will look for either of the following optional files for a..# valid License Key. License Key properties can optionally be included..# directly in this configuration file...#include ../conf/wrapper-license.conf..#include ../conf/wrapper-license-%WRAPPER_HOST_NAME%.conf....

                                                                                                                                            C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\src\conf\wrapper.conf.in_ja

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File Type:C source, Unicode text, UTF-8 text, with CRLF line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):12526
                                                                                                                                            Entropy (8bit):5.750614529868481
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:96:p+ZIzJnPhnK3sE5yFH7Bw+0WkLvoLIgD1u7vJqsgOBwyndbljKfnxRmiZZvtIqG8:U0JhYRquAxRmirKq6DlDN/x3QndQPw
                                                                                                                                            MD5:723F1864401B7A81F88E4E2B5A948D15
                                                                                                                                            SHA1:8D614DE99F42A3676E3E6F548CD6C15ECC662BC3
                                                                                                                                            SHA-256:00796366C6DA71C7788DE4280EDB2B78CAEF40348CAF6DAED907F61A455B563E
                                                                                                                                            SHA-512:5A21276E0A17B889065DBC0843EFE98BDC29350F7A0DC8ABE33605DF696F8CDD949F445BF156C13CEEB8AB82BE0704673F2133CFCA7BF9DECD6A8C091B663A28
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:#encoding=UTF-8..# ....................................................#********************************************************************..# Wrapper .............................#********************************************************************..# Java Service Wrapper .........................# ............................# .................................:..# http://wrapper.tanukisoftware.com/purchase..# http://wrapper.tanukisoftware.com/trial....# ..................................# ............................# .............

                                                                                                                                            Static File Info

                                                                                                                                            General

                                                                                                                                            File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                            Entropy (8bit):7.958002648673866
                                                                                                                                            TrID:
                                                                                                                                            • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                            • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                            • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                            • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                            File name:wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            File size:2'002'192 bytes
                                                                                                                                            MD5:4cb008375a7b737c1a6ccf569327df9e
                                                                                                                                            SHA1:67eb89f50b067628ad733ba3b1a47cdd42dd0364
                                                                                                                                            SHA256:4c65e4b6f9909d4d4bfc74852c33fd05de53a952d98968bd94d323ec14573992
                                                                                                                                            SHA512:2d414973918428162ea37207e89c651650e6cacdec205c1b21b6cc8202f8109138ddcc7d5b8f5b9c258e9cf0db644875f7de9eebf5e05f03190ed3bf88b841ac
                                                                                                                                            SSDEEP:49152:p9VojKhVYRDBQwRWpbnjXN0SBE5cXhQxnauggsIjzbBomQe4UXzCJ:pHk+VYcwR2zjXg77mILe7n
                                                                                                                                            TLSH:FA95339E19E4F293C8D98F740A2AB72A0ED79E513560C1673788379E6DB2111AF31F43
                                                                                                                                            File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........!.@.@...@...@../O...@...@..O@../O...@...c...@..+F...@..Rich.@..........................PE..L...Y..d.................h....:....

                                                                                                                                            File Icon

                                                                                                                                            Icon Hash:380b65ce6d0f8f2c

                                                                                                                                            Static PE Info

                                                                                                                                            General

                                                                                                                                            Entrypoint:0x40350f
                                                                                                                                            Entrypoint Section:.text
                                                                                                                                            Digitally signed:true
                                                                                                                                            Imagebase:0x400000
                                                                                                                                            Subsystem:windows gui
                                                                                                                                            Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
                                                                                                                                            DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                            Time Stamp:0x64A0DC59 [Sun Jul 2 02:09:29 2023 UTC]
                                                                                                                                            TLS Callbacks:
                                                                                                                                            CLR (.Net) Version:
                                                                                                                                            OS Version Major:4
                                                                                                                                            OS Version Minor:0
                                                                                                                                            File Version Major:4
                                                                                                                                            File Version Minor:0
                                                                                                                                            Subsystem Version Major:4
                                                                                                                                            Subsystem Version Minor:0
                                                                                                                                            Import Hash:f4639a0b3116c2cfc71144b88a929cfd

                                                                                                                                            Authenticode Signature

                                                                                                                                            Signature Valid:true
                                                                                                                                            Signature Issuer:CN=Sectigo Public Code Signing CA EV R36, O=Sectigo Limited, C=GB
                                                                                                                                            Signature Validation Error:The operation completed successfully
                                                                                                                                            Error Number:0
                                                                                                                                            Not Before, Not After
                                                                                                                                            • 19/02/2024 19:00:00 19/02/2027 18:59:59
                                                                                                                                            Subject Chain
                                                                                                                                            • CN="Tanuki Software, Ltd.", O="Tanuki Software, Ltd.", S=Tokyo, C=JP, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=JP, SERIALNUMBER=0117-02-015715
                                                                                                                                            Version:3
                                                                                                                                            Thumbprint MD5:7BAB2B265E856698A23503181EF5E5D0
                                                                                                                                            Thumbprint SHA-1:2AB1B1EC1816C6F9D6164C1542D5F89F889C4739
                                                                                                                                            Thumbprint SHA-256:379F50488DADE1F8E633E45A0F66AB49AE4FE14A0E7651B4F7C5C3DF3D1F50B7
                                                                                                                                            Serial:0CA9D055D378C3CC1E7307F10AC66D60

                                                                                                                                            Entrypoint Preview

                                                                                                                                            Instruction
                                                                                                                                            sub esp, 000003F8h
                                                                                                                                            push ebp
                                                                                                                                            push esi
                                                                                                                                            push edi
                                                                                                                                            push 00000020h
                                                                                                                                            pop edi
                                                                                                                                            xor ebp, ebp
                                                                                                                                            push 00008001h
                                                                                                                                            mov dword ptr [esp+20h], ebp
                                                                                                                                            mov dword ptr [esp+18h], 0040A2D8h
                                                                                                                                            mov dword ptr [esp+14h], ebp
                                                                                                                                            call dword ptr [004080A4h]
                                                                                                                                            mov esi, dword ptr [004080A8h]
                                                                                                                                            lea eax, dword ptr [esp+34h]
                                                                                                                                            push eax
                                                                                                                                            mov dword ptr [esp+4Ch], ebp
                                                                                                                                            mov dword ptr [esp+0000014Ch], ebp
                                                                                                                                            mov dword ptr [esp+00000150h], ebp
                                                                                                                                            mov dword ptr [esp+38h], 0000011Ch
                                                                                                                                            call esi
                                                                                                                                            test eax, eax
                                                                                                                                            jne 00007FC360D96D5Ah
                                                                                                                                            lea eax, dword ptr [esp+34h]
                                                                                                                                            mov dword ptr [esp+34h], 00000114h
                                                                                                                                            push eax
                                                                                                                                            call esi
                                                                                                                                            mov ax, word ptr [esp+48h]
                                                                                                                                            mov ecx, dword ptr [esp+62h]
                                                                                                                                            sub ax, 00000053h
                                                                                                                                            add ecx, FFFFFFD0h
                                                                                                                                            neg ax
                                                                                                                                            sbb eax, eax
                                                                                                                                            mov byte ptr [esp+0000014Eh], 00000004h
                                                                                                                                            not eax
                                                                                                                                            and eax, ecx
                                                                                                                                            mov word ptr [esp+00000148h], ax
                                                                                                                                            cmp dword ptr [esp+38h], 0Ah
                                                                                                                                            jnc 00007FC360D96D28h
                                                                                                                                            and word ptr [esp+42h], 0000h
                                                                                                                                            mov eax, dword ptr [esp+40h]
                                                                                                                                            movzx ecx, byte ptr [esp+3Ch]
                                                                                                                                            mov dword ptr [007A8318h], eax
                                                                                                                                            xor eax, eax
                                                                                                                                            mov ah, byte ptr [esp+38h]
                                                                                                                                            movzx eax, ax
                                                                                                                                            or eax, ecx
                                                                                                                                            xor ecx, ecx
                                                                                                                                            mov ch, byte ptr [esp+00000148h]
                                                                                                                                            movzx ecx, cx
                                                                                                                                            shl eax, 10h
                                                                                                                                            or eax, ecx
                                                                                                                                            movzx ecx, byte ptr [esp+0000004Eh]

                                                                                                                                            Rich Headers

                                                                                                                                            Programming Language:
                                                                                                                                            • [EXP] VC++ 6.0 SP5 build 8804

                                                                                                                                            Data Directories

                                                                                                                                            NameVirtual AddressVirtual Size Is in Section
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_IMPORT0x84fc0xa0.rdata
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_RESOURCE0x3cb0000xc4c8.rsrc
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_SECURITY0x1e3c700x50a0.data
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_IAT0x80000x2a8.rdata
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                            IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                            Sections

                                                                                                                                            NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                            .text0x10000x66b10x6800fc80ef3332ba3a0dd802b98a9723e67dFalse0.6719501201923077data6.466881320096335IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                            .rdata0x80000x13580x1400f0b500ff912dda10f31f36da3efc8a1eFalse0.44296875data5.102094016108248IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                            .data0xa0000x39e3780x60089ffa2c22129e298ad6a3abf19eb19b0unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                            .ndata0x3a90000x220000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                            .rsrc0x3cb0000xc4c80xc6000bbdd9ccff0f348d02fb10f7f55580cdFalse0.1305239898989899data2.6559068123432445IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                            Resources

                                                                                                                                            NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                            RT_ICON0x3cb4000x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishUnited States0.07821576763485477
                                                                                                                                            RT_ICON0x3cd9a80x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishUnited States0.08620331950207469
                                                                                                                                            RT_ICON0x3cff500x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishUnited States0.12645228215767634
                                                                                                                                            RT_ICON0x3d24f80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishUnited States0.11350844277673545
                                                                                                                                            RT_ICON0x3d35a00x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishUnited States0.1578330206378987
                                                                                                                                            RT_ICON0x3d46480x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishUnited States0.24577861163227016
                                                                                                                                            RT_ICON0x3d56f00x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishUnited States0.21026011560693642
                                                                                                                                            RT_ICON0x3d5c580x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishUnited States0.3143063583815029
                                                                                                                                            RT_ICON0x3d61c00x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishUnited States0.399822695035461
                                                                                                                                            RT_DIALOG0x3d66280x120dataEnglishUnited States0.5138888888888888
                                                                                                                                            RT_DIALOG0x3d67480x200dataEnglishUnited States0.40234375
                                                                                                                                            RT_DIALOG0x3d69480xf8dataEnglishUnited States0.6290322580645161
                                                                                                                                            RT_DIALOG0x3d6a400xeedataEnglishUnited States0.6302521008403361
                                                                                                                                            RT_DIALOG0x3d6b300x118dataEnglishUnited States0.5321428571428571
                                                                                                                                            RT_DIALOG0x3d6c480x1f8dataEnglishUnited States0.4007936507936508
                                                                                                                                            RT_DIALOG0x3d6e400xf0dataEnglishUnited States0.6666666666666666
                                                                                                                                            RT_DIALOG0x3d6f300xe6dataEnglishUnited States0.6652173913043479
                                                                                                                                            RT_GROUP_ICON0x3d70180x84dataEnglishUnited States0.49242424242424243
                                                                                                                                            RT_MANIFEST0x3d70a00x423XML 1.0 document, ASCII text, with very long lines (1059), with no line terminatorsEnglishUnited States0.5127478753541076

                                                                                                                                            Imports

                                                                                                                                            DLLImport
                                                                                                                                            ADVAPI32.dllRegEnumValueW, RegEnumKeyW, RegQueryValueExW, RegSetValueExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, RegOpenKeyExW, RegCreateKeyExW
                                                                                                                                            SHELL32.dllSHGetPathFromIDListW, SHBrowseForFolderW, SHGetFileInfoW, SHFileOperationW, ShellExecuteExW
                                                                                                                                            ole32.dllCoCreateInstance, OleUninitialize, OleInitialize, IIDFromString, CoTaskMemFree
                                                                                                                                            COMCTL32.dllImageList_Destroy, ImageList_AddMasked, ImageList_Create
                                                                                                                                            USER32.dllMessageBoxIndirectW, GetDlgItemTextW, SetDlgItemTextW, CreatePopupMenu, AppendMenuW, TrackPopupMenu, OpenClipboard, EmptyClipboard, SetClipboardData, CloseClipboard, IsWindowVisible, CallWindowProcW, GetMessagePos, CheckDlgButton, LoadCursorW, SetCursor, GetSysColor, SetWindowPos, GetWindowLongW, IsWindowEnabled, SetClassLongW, GetSystemMenu, EnableMenuItem, GetWindowRect, ScreenToClient, EndDialog, RegisterClassW, SystemParametersInfoW, CharPrevW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, CreateDialogParamW, SetTimer, SetWindowTextW, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfW, SendMessageTimeoutW, FindWindowExW, IsWindow, GetDlgItem, SetWindowLongW, LoadImageW, GetDC, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, DrawTextW, EndPaint, CharNextA, wsprintfA, DispatchMessageW, CreateWindowExW, PeekMessageW, GetSystemMetrics
                                                                                                                                            GDI32.dllGetDeviceCaps, SetBkColor, SelectObject, DeleteObject, CreateBrushIndirect, CreateFontIndirectW, SetBkMode, SetTextColor
                                                                                                                                            KERNEL32.dlllstrcmpiA, CreateFileW, GetTempFileNameW, RemoveDirectoryW, CreateProcessW, CreateDirectoryW, GetLastError, CreateThread, GlobalLock, GlobalUnlock, GetDiskFreeSpaceW, WideCharToMultiByte, lstrcpynW, lstrlenW, SetErrorMode, GetVersionExW, GetCommandLineW, GetTempPathW, GetWindowsDirectoryW, WriteFile, CopyFileW, ExitProcess, GetCurrentProcess, GetModuleFileNameW, GetFileSize, GetTickCount, Sleep, SetFileAttributesW, GetFileAttributesW, SetCurrentDirectoryW, MoveFileW, GetFullPathNameW, GetShortPathNameW, SearchPathW, CompareFileTime, SetFileTime, CloseHandle, lstrcmpiW, lstrcmpW, ExpandEnvironmentStringsW, GlobalFree, GlobalAlloc, GetModuleHandleW, LoadLibraryExW, FreeLibrary, WritePrivateProfileStringW, GetPrivateProfileStringW, lstrlenA, MultiByteToWideChar, ReadFile, SetFilePointer, FindClose, FindNextFileW, FindFirstFileW, DeleteFileW, MulDiv, lstrcpyA, MoveFileExW, lstrcatW, GetSystemDirectoryW, GetProcAddress, GetModuleHandleA, GetExitCodeProcess, WaitForSingleObject, SetEnvironmentVariableW

                                                                                                                                            Possible Origin

                                                                                                                                            Language of compilation systemCountry where language is spokenMap
                                                                                                                                            EnglishUnited States

                                                                                                                                            Network Behavior

                                                                                                                                            No network behavior found

                                                                                                                                            Statistics

                                                                                                                                            CPU Usage

                                                                                                                                            Click to jump to process

                                                                                                                                            Memory Usage

                                                                                                                                            Click to jump to process

                                                                                                                                            High Level Behavior Distribution

                                                                                                                                            Click to dive into process behavior distribution

                                                                                                                                            Behavior

                                                                                                                                            Click to jump to process

                                                                                                                                            System Behavior

                                                                                                                                            General

                                                                                                                                            Target ID:0
                                                                                                                                            Start time:20:35:14
                                                                                                                                            Start date:13/10/2024
                                                                                                                                            Path:C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe
                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                            Commandline:"C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro.exe"
                                                                                                                                            Imagebase:0x400000
                                                                                                                                            File size:2'002'192 bytes
                                                                                                                                            MD5 hash:4CB008375A7B737C1A6CCF569327DF9E
                                                                                                                                            Has elevated privileges:true
                                                                                                                                            Has administrator privileges:true
                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                            Reputation:low
                                                                                                                                            Has exited:true

                                                                                                                                            General

                                                                                                                                            Target ID:9
                                                                                                                                            Start time:20:35:42
                                                                                                                                            Start date:13/10/2024
                                                                                                                                            Path:C:\Windows\SysWOW64\notepad.exe
                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                            Commandline:"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\wrapper-windows-x86-64-3.5.59-pro\README_en.txt
                                                                                                                                            Imagebase:0x800000
                                                                                                                                            File size:165'888 bytes
                                                                                                                                            MD5 hash:E92D3A824A0578A50D2DD81B5060145F
                                                                                                                                            Has elevated privileges:true
                                                                                                                                            Has administrator privileges:true
                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                            Reputation:moderate
                                                                                                                                            Has exited:false

                                                                                                                                            Disassembly

                                                                                                                                            No disassembly