Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
b2 ControlCenter Setup V3.75.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\{12BEBBFB-A371-46B3-A0D0-50A2008B50C2}\b2 ControlCenter Setup V3.75.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\{12BEBBFB-A371-46B3-A0D0-50A2008B50C2}\b2 ControlCenter Setup V3.75.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Config.Msi\600482.rbs
|
data
|
modified
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Abt.Controls.SciChart.Wpf.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Abt.Controls.SciChart.Wpf.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.ControlCenter.Charting.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.ControlCenter.Common.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.ControlCenter.Common.dll.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.ControlCenter.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.ControlCenter.Core.dll.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.ControlCenter.HVA2G.Generic.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.ControlCenter.RemoteControl.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.ControlCenter.ServiceArea.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.ControlCenter.ServiceArea.dll.config
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.Devices.Common.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.License.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\B2.LouserzationProvider.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\ControlCenter.App.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\ControlCenter.App.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\DriverPackage.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\IPManager.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\InTheHand.Net.Personal.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\InTheHand.Net.Personal.xml
|
XML 1.0 document, Unicode text, UTF-8 text, with very long lines (359), with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Ivi.Visa.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Locals\cs-CZ\LC_Messages\cs-CZ.mo
|
GNU message catalog (little endian), revision 0.0, 929 messages, Project-Id-Version: b2CC V3.75 'Po\304\215et vodi\304\215\305\257'
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Locals\de-de\LC_Messages\de-de.mo
|
GNU message catalog (little endian), revision 0.0, 929 messages, Project-Id-Version: b2CC V3.75 'Anz. Leiter'
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Locals\es-ES\LC_Messages\es-ES.mo
|
GNU message catalog (little endian), revision 0.0, 929 messages, Project-Id-Version: b2CC V3.75 '# de conductores'
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Locals\fr-FR\LC_Messages\fr-FR.mo
|
GNU message catalog (little endian), revision 0.0, 494 messages, Project-Id-Version: b2CC V3.73 'Nombre de conducteurs'
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Locals\it-IT\LC_Messages\it-IT.mo
|
GNU message catalog (little endian), revision 0.0, 479 messages, Project-Id-Version: b2CC V3.73 'Numero di conduttori'
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Locals\nb-NO\LC_Messages\nb-NO.mo
|
GNU message catalog (little endian), revision 0.0, 363 messages, Project-Id-Version: b2CC V3.73 '# Av Dirigenter'
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Locals\nl-NL\LC_Messages\nl-NL.mo
|
GNU message catalog (little endian), revision 0.0, 929 messages, Project-Id-Version: b2CC V3.75 '# Geleiders'
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Locals\pl-PL\LC_Messages\pl-PL.mo
|
GNU message catalog (little endian), revision 0.0, 929 messages, Project-Id-Version: b2CC V3.75 '# \305\274y\305\202'
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Locals\ru-RU\LC_Messages\ru-RU.mo
|
GNU message catalog (little endian), revision 0.0, 498 messages, Project-Id-Version: b2CC V3.73 '\320\237\321\200\320\276\320\262\320\276\320\264\320\275\320\270\320\272\320\276\320\262'
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Locals\zh-TW\LC_Messages\zh-TW.mo
|
GNU message catalog (little endian), revision 0.0, 377 messages, Project-Id-Version: b2CC V3.73 '# \345\260\216\351\253\224\344\270\255'
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\MigraDoc.DocumentObjectModel-WPF.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\MigraDoc.Rendering-WPF.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\MigraDoc.RtfRendering-WPF.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\NGettext.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\NationalInstruments.Visa.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\NationalInstruments.VisaNS.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\PdfSharp-WPF.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\PdfSharp.Charting-WPF.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Teslab.Louserzation.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Teslab.StateMachine.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Teslab.Wpf.Extensions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\b2 electronic GmbH\B2 ControlCenter\Xceed.Wpf.Toolkit.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Downloaded Installations\{B1B7EEAC-19DF-4A66-92D0-4A9FA0D4FD78}\b2 ControlCenter.msi (copy)
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Number of Characters: 0, Last
Saved By: InstallShield, Number of Words: 0, Title: b2 ControlCenter Setup, Comments: b2 ControlCenter, Keywords: Installer,MSI,Database,
Subject: b2 ControlCenter, Author: b2 electronic GmbH, Security: 1, Number of Pages: 200, Name of Creating Application: InstallShield
2018 - Express Edition 24, Last Saved Time/Date: Tue Nov 29 15:24:49 2022, Create Time/Date: Tue Nov 29 15:24:49 2022, Last
Printed: Tue Nov 29 15:24:49 2022, Revision Number: {B1B7EEAC-19DF-4A66-92D0-4A9FA0D4FD78}, Code page: 1252, Template: Intel;1033
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI180A.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSIF425.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{12BEBBFB-A371-46B3-A0D0-50A2008B50C2}\0x0409.ini
|
Unicode text, UTF-16, little-endian text, with very long lines (308), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{12BEBBFB-A371-46B3-A0D0-50A2008B50C2}\Microsoft .NET Framework 4.5 Web .prq
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{12BEBBFB-A371-46B3-A0D0-50A2008B50C2}\Setup.INI
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{12BEBBFB-A371-46B3-A0D0-50A2008B50C2}\_ISMSIDEL.INI
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{12BEBBFB-A371-46B3-A0D0-50A2008B50C2}\b2 ControlCenter.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Number of Characters: 0, Last
Saved By: InstallShield, Number of Words: 0, Title: b2 ControlCenter Setup, Comments: b2 ControlCenter, Keywords: Installer,MSI,Database,
Subject: b2 ControlCenter, Author: b2 electronic GmbH, Security: 1, Number of Pages: 200, Name of Creating Application: InstallShield
2018 - Express Edition 24, Last Saved Time/Date: Tue Nov 29 15:24:49 2022, Create Time/Date: Tue Nov 29 15:24:49 2022, Last
Printed: Tue Nov 29 15:24:49 2022, Revision Number: {B1B7EEAC-19DF-4A66-92D0-4A9FA0D4FD78}, Code page: 1252, Template: Intel;1033
|
dropped
|
||
|
C:\Users\user\AppData\Local\b2_electronics_GmbH\ControlCenter.App.exe_Url_a5h2i2zqkk4xr4gwua5svejhuk4iuyrk\3.75.10.0\fy4pyklr.newcfg
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\b2_electronics_GmbH\ControlCenter.App.exe_Url_a5h2i2zqkk4xr4gwua5svejhuk4iuyrk\3.75.10.0\kmgyv4kk.newcfg
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\b2_electronics_GmbH\ControlCenter.App.exe_Url_a5h2i2zqkk4xr4gwua5svejhuk4iuyrk\3.75.10.0\user.config
(copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\{D7F46775-46B0-4E89-8069-65CC2FA60046}\ARPPRODUCTICON.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\{D7F46775-46B0-4E89-8069-65CC2FA60046}\NewShortcut1_0E96F1A19A774C13AC5791AB896F9F0F.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\b2 electronic GmbH\b2 ControlCenter\ControlCenter.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Icon number=0, Archive, ctime=Tue
Nov 29 18:04:24 2022, mtime=Mon Oct 14 06:36:49 2024, atime=Tue Nov 29 18:04:24 2022, length=1805312, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\ControlCenter.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Icon number=0, Archive, ctime=Tue
Nov 29 18:04:24 2022, mtime=Mon Oct 14 06:36:50 2024, atime=Tue Nov 29 18:04:24 2022, length=1805312, window=hide
|
dropped
|
||
|
C:\Windows\Installer\MSI77F.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI7ED.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{D7F46775-46B0-4E89-8069-65CC2FA60046}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF3301538DC18405AD.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF433EED9662BCE02A.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFB1AE4F5668653A56.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFBF42E6B4EE0456D6.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFED8FE5AFDAF41894.TMP
|
data
|
dropped
|
There are 62 hidden files, click here to show them.