Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
brcinst10005 (2).exe

Overview

General Information

Sample name:brcinst10005 (2).exe
Analysis ID:1533222
MD5:9df0667238a3970499f559ac6ecb28e7
SHA1:9aeb537120c0cc6ce1c391481541d24655a9384f
SHA256:fb170230d0d281b68cce7888693e8667aa7cd375b969d0e15a2457af62d1620d
Infos:

Detection

Score:3
Range:0 - 100
Whitelisted:false
Confidence:40%

Compliance

Score:49
Range:0 - 100

Signatures

Checks for available system drives (often done to infect USB drives)
Creates a process in suspended mode (likely to inject code)
Drops PE files
May sleep (evasive loops) to hinder dynamic analysis
Queries the installation date of Windows
Stores files to the Windows start menu directory
Uses 32bit PE files

Classification

Process Tree

  • System is w10x64_ra
  • brcinst10005 (2).exe (PID: 4304 cmdline: "C:\Users\user\Desktop\brcinst10005 (2).exe" MD5: 9DF0667238A3970499F559AC6ECB28E7)
    • commoninstaller.exe (PID: 6512 cmdline: "C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exe" /NoUpdate "/Proxy:" "/User:" "/Password:" MD5: 127A13E49A157C060D10D6317600C0F4)
      • chrome.exe (PID: 6880 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://support.brother.com/g/b/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 6936 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1972,i,441925792852492127,18152825063051520183,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Compliance

barindex
Uses 32bit PE files
Source: brcinst10005 (2).exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
Found installer window with terms and condition text
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeWindow detected: English&Web&OK&BackCancelCheck Printer Selection MethodSelect Installation-Compatible PrinterInstallation Settings InformationInput Serial NumberLicense AgreementInstallation ProgressInstallation complete
Creates install or setup log file
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile created: C:\Users\user\AppData\Roaming\Brother\CommonInstaller\Log\commoninstaller.log
PE / OLE file has a valid certificate
Source: brcinst10005 (2).exeStatic PE information: certificate valid
Uses secure TLS version for HTTPS connections
Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49773 version: TLS 1.2
Contains modern PE file flags such as dynamic base (ASLR) or NX
Source: brcinst10005 (2).exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: z:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: x:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: v:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: t:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: r:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: p:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: n:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: l:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: j:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: h:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: f:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: b:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: y:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: w:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: u:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: s:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: q:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: o:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: m:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: k:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: i:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: g:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: e:
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile opened: c:
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile opened: a:
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /solutions/download.aspx?country=che&gengo=zzz&model=3936&os=W10_0_x64&flang=Fran%c3%a7ais&c=6 HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheUser-Agent: CommonInstallerHost: update.brother.co.jp
Source: global trafficDNS traffic detected: DNS query: download.brother.com
Source: global trafficDNS traffic detected: DNS query: update.brother.co.jp
Source: global trafficDNS traffic detected: DNS query: support.brother.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownHTTP traffic detected: POST /solutions/download.aspx?country=che&gengo=zzz&model=3936&os=W10_0_x64&flang=Fran%c3%a7ais&c=6 HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheUser-Agent: CommonInstallerContent-Length: 0Host: update.brother.co.jpCookie: ASP.NET_SessionId=cpkuzitjhupsu1112kjdbahs
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49773 version: TLS 1.2
Source: brcinst10005 (2).exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
Source: classification engineClassification label: clean3.winEXE@17/43@9/112
Source: C:\Users\user\Desktop\brcinst10005 (2).exeFile created: C:\Users\user\Desktop\Brother Common Installer\
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeMutant created: NULL
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeMutant created: \Sessions\1\BaseNamedObjects\commoninstaller.exe
Source: C:\Users\user\Desktop\brcinst10005 (2).exeMutant created: \Sessions\1\BaseNamedObjects\brcinst10005 (2).exe
Source: brcinst10005 (2).exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\brcinst10005 (2).exeFile read: C:\Users\desktop.ini
Source: C:\Users\user\Desktop\brcinst10005 (2).exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Source: unknownProcess created: C:\Users\user\Desktop\brcinst10005 (2).exe "C:\Users\user\Desktop\brcinst10005 (2).exe"
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess created: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exe "C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exe" /NoUpdate "/Proxy:" "/User:" "/Password:"
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess created: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exe "C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exe" /NoUpdate "/Proxy:" "/User:" "/Password:"
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://support.brother.com/g/b/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1972,i,441925792852492127,18152825063051520183,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://support.brother.com/g/b/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1972,i,441925792852492127,18152825063051520183,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: apphelp.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: msimg32.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: oledlg.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: winhttp.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: oleacc.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: winmm.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: uxtheme.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: dwmapi.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: windows.storage.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: wldp.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: propsys.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: iphlpapi.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: dhcpcsvc6.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: dhcpcsvc.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: webio.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: mswsock.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: winnsi.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: sspicli.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: dnsapi.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: rasadhlp.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: fwpuclnt.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: schannel.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: mskeyprotect.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: ntasn1.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: ncrypt.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: ncryptsslp.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: msasn1.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: cryptsp.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: rsaenh.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: cryptbase.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: gpapi.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: dpapi.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: edputil.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: urlmon.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: iertutil.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: srvcli.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: netutils.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: windows.staterepositoryps.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: wintypes.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: appresolver.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: bcp47langs.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: slc.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: userenv.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: sppc.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: onecorecommonproxystub.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: edputil.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: urlmon.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: iertutil.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: srvcli.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: netutils.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: windows.staterepositoryps.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: wintypes.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: appresolver.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: bcp47langs.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: slc.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: userenv.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: sppc.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: onecorecommonproxystub.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: version.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: msimg32.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: uxtheme.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: oledlg.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: winhttp.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: oleacc.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: winmm.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: windows.storage.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: wldp.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: propsys.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: profapi.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: textinputframework.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: coreuicomponents.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: coremessaging.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: ntmarta.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: wintypes.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: wintypes.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: wintypes.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: textshaping.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: devobj.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: msasn1.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: iphlpapi.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: dhcpcsvc6.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: dhcpcsvc.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: webio.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: mswsock.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: winnsi.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: sspicli.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: dnsapi.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: rasadhlp.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: fwpuclnt.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeSection loaded: explorerframe.dll
Source: C:\Users\user\Desktop\brcinst10005 (2).exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32
Source: C:\Users\user\Desktop\brcinst10005 (2).exeFile written: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.ini
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeWindow detected: English&Web&OK&BackCancelCheck Printer Selection MethodSelect Installation-Compatible PrinterInstallation Settings InformationInput Serial NumberLicense AgreementInstallation ProgressInstallation complete
Source: brcinst10005 (2).exeStatic PE information: certificate valid
Source: brcinst10005 (2).exeStatic PE information: Virtual size of .text is bigger than: 0x100000
Source: brcinst10005 (2).exeStatic file information: File size 1849216 > 1048576
Source: brcinst10005 (2).exeStatic PE information: Raw size of .text is bigger than: 0x100000 < 0x13c600
Source: brcinst10005 (2).exeStatic PE information: More than 200 imports for USER32.dll
Source: brcinst10005 (2).exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: brcinst10005 (2).exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: brcinst10005 (2).exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: brcinst10005 (2).exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: brcinst10005 (2).exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: brcinst10005 (2).exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: brcinst10005 (2).exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: brcinst10005 (2).exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: brcinst10005 (2).exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: brcinst10005 (2).exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: brcinst10005 (2).exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: brcinst10005 (2).exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: brcinst10005 (2).exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Source: C:\Users\user\Desktop\brcinst10005 (2).exeFile created: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeJump to dropped file
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeFile created: C:\Users\user\AppData\Roaming\Brother\CommonInstaller\Log\commoninstaller.log
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\brcinst10005 (2).exe TID: 5920Thread sleep time: -60000s >= -30000s
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exe TID: 6532Thread sleep time: -30000s >= -30000s
Source: C:\Users\user\Desktop\brcinst10005 (2).exeProcess created: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exe "C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exe" /NoUpdate "/Proxy:" "/User:" "/Password:"
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://support.brother.com/g/b/
Source: C:\Users\user\Desktop\brcinst10005 (2).exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion InstallDate
Source: C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Replication Through Removable Media		Windows Management Instrumentation1
DLL Side-Loading		11
Process Injection		1
Masquerading		OS Credential Dumping1
Virtualization/Sandbox Evasion		Remote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
Registry Run Keys / Startup Folder		1
DLL Side-Loading		1
Virtualization/Sandbox Evasion		LSASS Memory11
Peripheral Device Discovery		Remote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Registry Run Keys / Startup Folder		11
Process Injection		Security Account Manager2
File and Directory Discovery		SMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
DLL Side-Loading		NTDS12
System Information Discovery		Distributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
brcinst10005 (2).exe0%ReversingLabs

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exe3%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
d30m66k7l0q4f1.cloudfront.net
18.245.31.114
truefalse
    		unknown
    www.google.com
    		142.250.185.132
    		truefalse
      		unknown
      download.brother.com
      		unknown
      		unknownfalse
        		unknown
        update.brother.co.jp
        		unknown
        		unknownfalse
          		unknown
          support.brother.com
          		unknown
          		unknownfalse
            		unknown

            Contacted URLs

            NameMaliciousAntivirus DetectionReputation
            https://support.brother.com/g/b/countrytop.aspx?c=us&lang=enfalse
              		unknown
              http://update.brother.co.jp/solutions/download.aspx?country=che&gengo=zzz&model=3936&os=W10_0_x64&flang=Fran%c3%a7ais&c=6false
                		unknown

                World Map of Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public IPs

                IPDomainCountryFlagASNASN NameMalicious
                1.1.1.1
                		unknownAustralia
                		13335CLOUDFLARENETUSfalse
                142.250.186.174
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.185.200
                		unknownUnited States
                		15169GOOGLEUSfalse
                74.125.71.84
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.185.132
                		www.google.comUnited States
                		15169GOOGLEUSfalse
                104.102.20.176
                		unknownUnited States
                		16625AKAMAI-ASUSfalse
                142.250.181.227
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.181.238
                		unknownUnited States
                		15169GOOGLEUSfalse
                239.255.255.250
                		unknownReserved
                		unknownunknownfalse
                18.245.31.114
                		d30m66k7l0q4f1.cloudfront.netUnited States
                		16509AMAZON-02USfalse
                23.201.252.115
                		unknownUnited States
                		16625AKAMAI-ASUSfalse
                142.250.184.206
                		unknownUnited States
                		15169GOOGLEUSfalse
                142.250.186.136
                		unknownUnited States
                		15169GOOGLEUSfalse
                172.217.16.195
                		unknownUnited States
                		15169GOOGLEUSfalse

                Private

                IP
                192.168.2.16

                General Information

                Joe Sandbox version:41.0.0 Charoite
                Analysis ID:1533222
                Start date and time:2024-10-14 14:31:41 +02:00
                Joe Sandbox product:CloudBasic
                Overall analysis duration:
                Hypervisor based Inspection enabled:false
                Report type:full
                Cookbook file name:defaultwindowsinteractivecookbook.jbs
                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                Number of analysed new started processes analysed:16
                Number of new started drivers analysed:0
                Number of existing processes analysed:0
                Number of existing drivers analysed:0
                Number of injected processes analysed:0
                Technologies:
                • EGA enabled
                Analysis Mode:stream
                Analysis stop reason:Timeout
                Sample name:brcinst10005 (2).exe
                Detection:CLEAN
                Classification:clean3.winEXE@17/43@9/112
                Cookbook Comments:
                • Found application associated with file extension: .exe

                Warnings

                • Exclude process from analysis (whitelisted): dllhost.exe, SgrmBroker.exe, svchost.exe
                • Excluded IPs from analysis (whitelisted): 23.201.252.115
                • Excluded domains from analysis (whitelisted): fs.microsoft.com, ctldl.windowsupdate.com, download.brother.com.edgekey.net, e7715.g.akamaiedge.net
                • Not all processes where analyzed, report is missing behavior information
                • Report size getting too big, too many NtOpenKeyEx calls found.
                • Report size getting too big, too many NtProtectVirtualMemory calls found.
                • Report size getting too big, too many NtQueryValueKey calls found.
                • VT rate limit hit for: brcinst10005 (2).exe

                LLM Input / Output

                InputOutput
                URL: https://support.brother.com/g/b/countrytop.aspx?c=us&lang=en Model: claude-3-haiku-20240307
                ```json
{
  "contains_trigger_text": false,
  "trigger_text": "unknown",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                URL: https://support.brother.com/g/b/countrytop.aspx?c=us&lang=en Model: claude-3-haiku-20240307
                ```json
{
  "brands": [
    "Brother"
  ]
}
                URL: https://support.brother.com/g/b/countrytop.aspx?c=us&lang=en Model: jbxai
                {
"brands":["Brother"],
"text":"Support & Downloads United States",
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"Support for IT Administrators",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}

                Created / dropped Files

                C:\Users\user\AppData\Roaming\Brother\CommonInstaller\Log\commoninstaller.log

                Download File
                Process:C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exe
                File Type:ASCII text, with CRLF line terminators
                Category:dropped
                Size (bytes):161
                Entropy (8bit):5.385811506397492
                Encrypted:false
                SSDEEP:
                MD5:89FA0DE6D4F65C71E369E0D2963C64C5
                SHA1:A6E5033E5C7B615F55B0879423D740FE0D171022
                SHA-256:70DB31B23A78C4F18C3C62A7A5E4742F5346AA1140799532DC7E580A7BE814DA
                SHA-512:8EB65ECDB5976ADB1ACC672D672ED17F90C3AB73E128B8AC592E88F9BDBE3D98BB865B1108CE37E777284FF9F907C2F7D9F52EDDDD88A2C3C79B45BA83E9777A
                Malicious:false
                Reputation:unknown
                Preview:2024/10/14 08:32:45[XML Download URL]https://update.brother.co.jp/solutions/download.aspx?country=che&gengo=zzz&model=3936&os=W10_0_x64&flang=Fran%c3%a7ais&c=6..

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 14 11:32:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2673
                Entropy (8bit):3.981019019113276
                Encrypted:false
                SSDEEP:
                MD5:C7F7AE8DDB2594D6F0DBBACB031CE25C
                SHA1:AC75D175BCCBD29CF5D5DB7B1BC3A5EF04AD34BD
                SHA-256:173AB386763A60C3A692508B9EAB56D87BA2F7E12A6B3A38D30CEDFBD9C42BF1
                SHA-512:AEB47BF4268292BC6866AE31F3698FE104E744BE55C33126F1E4859F90E02B8C6BDFB825CDA24859EF03AFA75B3C7CED06CB5FB8535F026DCE7AA08B69243344
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,.....-.15...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INY.c....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNY.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNY.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNY.d...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............`.=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 14 11:32:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2675
                Entropy (8bit):3.9974409315684714
                Encrypted:false
                SSDEEP:
                MD5:2074D320237054318EAE5FF7040991CF
                SHA1:2E45B6E1ACD3F444828DCAECBA63C9D37AB3DA87
                SHA-256:47CCDFFC3AF475463BD7BF87327268DDCF6FD5E9B8D61AE964A14A878482F5BA
                SHA-512:97D180FFF79E1EEF521CD0C951E8F9FC66580FE240FDA149F479DA10C43BA493CD95F5CAA70C09BC926A1B299D9D89E7DB2181D675C60DDB62EF74AC3241ADAA
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,.....N.15...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INY.c....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNY.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNY.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNY.d...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............`.=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2689
                Entropy (8bit):4.007083498610164
                Encrypted:false
                SSDEEP:
                MD5:8F5E600C65C74ED2AC3B8BA1F65C0A30
                SHA1:5752E6C10D91782E7571E221D522821EDCA7A94E
                SHA-256:F6FD1438D50F7F5DABF1E91972FE4B9A7B1A5215FD6432FC3BDCCD770B9C4C43
                SHA-512:2D7C956E32A1D170A30B8A22D157328F78F2A8EC292E5D59A3F696A1042372B67A77197047976E1E0B14F7253449A98113A22DF31D4A9D0142EE99404A1AD67D
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INY.c....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNY.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNY.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............`.=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 14 11:32:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2677
                Entropy (8bit):3.9975276884579887
                Encrypted:false
                SSDEEP:
                MD5:4F8A081B3F34C20179869B4DA9745C00
                SHA1:746FE353329C95AFB46E9FDAEAA1111636947F59
                SHA-256:8760674DAE24490C947BC3E49968098888B79E49EA87D25F78F6341713A2C68C
                SHA-512:894E49865A598392AAE1495308E598E1A1DE92870656252994812A07172455D7F0A349B9F5774403ABCD3DFE5155EB83DA08B8DF87EBE3D7185C698DCC13830B
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,....H<z15...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INY.c....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNY.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNY.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNY.d...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............`.=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 14 11:32:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2677
                Entropy (8bit):3.9844953646668175
                Encrypted:false
                SSDEEP:
                MD5:DA2DE9FA747AD11BC1881A7FB5B62B69
                SHA1:F8BECE5E5208555E7753ADAA9782E026E87AF108
                SHA-256:3695AA2D0B8AB0F4B458796E99D0A4C20E3470FA3F4B3E187C7F82D7CD3BA549
                SHA-512:A59ED5E3FB68CB497FF60275DF9CD7B28D9D4941406536D43FDBA524CEE78BDCB03EF28AD532FDE333CCBD079EFEDEBBAE98E4D0D88A018E05217606DADCA6A8
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,....;v.15...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INY.c....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNY.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNY.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNY.d...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............`.=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 14 11:32:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2679
                Entropy (8bit):3.990465990748019
                Encrypted:false
                SSDEEP:
                MD5:8451710DDA93A4199F016BDBC9EFC225
                SHA1:A6D3701AD8B5018155AB4AEB7A35AABE9CA2676C
                SHA-256:D2AB9237632AE5B8A319544E414EEBCFFD45C44F95840BCA3FFF7A1DD5675750
                SHA-512:F76BE127DA70E8554638CAC6C7B05F066EB0F4E2C16087C94DCA523E90AAA0638EF834C8ECE3CD8A43FC2472673ADA2199456DD73292B3DC416D676C3F36C524
                Malicious:false
                Reputation:unknown
                Preview:L..................F.@.. ...$+.,......o15...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INY.c....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNY.d....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNY.d....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNY.d..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNY.d...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............`.=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\Desktop\Brother Common Installer\commoninstaller.exe

                Download File
                Process:C:\Users\user\Desktop\brcinst10005 (2).exe
                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                Category:dropped
                Size (bytes):3873592
                Entropy (8bit):7.084441175776076
                Encrypted:false
                SSDEEP:
                MD5:127A13E49A157C060D10D6317600C0F4
                SHA1:9D18182A69AEB568C0810BAA4A2D1DF4ADAF9FEC
                SHA-256:DF5DBF91A86321E83153384343D853D132134894838380C94F1D65C8C5BA7B23
                SHA-512:D8E195887D4B6AEA1C6926B60445177504B170364EDC6C88FC0069FC5F3B257EF8E246D7019A031483884C1E6D8CF5A3520AD505A55659BB16D2F1FBBF3A4E8B
                Malicious:false
                Antivirus:
                • Antivirus: ReversingLabs, Detection: 3%
                Reputation:unknown
                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........l...l...l..o...l..h...l..i.{.l..j...l..h...l..o...l..i.4.l..m...l...m...l.n.e...l.n.....l.n.n...l.Rich..l.........................PE..L......f..............."..........................@..........................P;......;...@.................................$.!.......".p.............:.8Q....8.8g......p...................@...........@............................................text............................... ..`.rdata...".......$..................@..@.data........0"..f....".............@....rsrc...p....."......z".............@..@.reloc..8g....8..h...b8.............@..B........................................................................................................................................................................................................................................................................................

                C:\Users\user\Desktop\Brother Common Installer\commoninstaller.ini

                Download File
                Process:C:\Users\user\Desktop\brcinst10005 (2).exe
                File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                Category:dropped
                Size (bytes):27894
                Entropy (8bit):3.879064375941983
                Encrypted:false
                SSDEEP:
                MD5:4C25C785729754C8D395892F4866717F
                SHA1:A9D205AFCB90355853674D3348733E0075AB5555
                SHA-256:1B53DFD85EF955C26535C309FEE262FACE83451AE6B302957804D624F25C4D59
                SHA-512:A4E5D5843DFF4B8917D78B15D852FD0E5C2F9E514F224F76E3B38CEEDC72B6CCC199B95BF4C6F3502393B7DB80DEEACAD08C430AF32489132FDCB91B4E10DF89
                Malicious:false
                Reputation:unknown
                Preview:..;.V.e.r.1...0...0...4.6.....[.C.o.m.m.o.n.].....L.a.n.g.L.i.s.t.=.J.P.N.,.U.S.,.S.P.A.,.U.K.,.D.A.N.,.D.U.T.,.F.R.A.,.G.E.R.,.I.T.A.,.N.O.R.,.P.O.R.,.P.T.B.,.S.W.E.,.F.I.N.,.C.Z.E.,.H.U.N.,.S.V.K.,.S.V.N.,.P.O.L.,.B.G.R.,.R.O.M.,.C.R.O.,.R.U.S.,.T.R.K.,.C.H.S.,.C.H.T.,.K.O.R.,.T.H.A.,.V.I.T.,.A.R.E.,.H.E.B.....;.L.o.c.a.l.C.D.Hr .L.a.n.g.L.i.s.t.....;.L.a.n.g.L.i.s.t.=.C.Z.E.,.D.A.N.,.G.E.R.,.U.S.,.S.P.A.,.F.R.A.,.C.R.O.,.I.T.A.,.H.U.N.,.D.U.T.,.N.O.R.,.P.O.L.,.P.O.R.,.R.O.M.,.S.V.N.,.S.V.K.,.F.I.N.,.S.W.E.,.V.I.T.,.T.R.K.,.B.G.R.,.R.U.S.,.H.E.B.,.A.R.E.,.T.H.A.,.C.H.S.,.J.P.N.,.K.O.R.........S.o.l.u.t.i.o.n.C.e.n.t.e.r.U.R.L.=.h.t.t.p.s.:././.s.u.p.p.o.r.t...b.r.o.t.h.e.r...c.o.m./.g./.b./.....S.e.r.i.a.l.N.o.A.p.p.=.2.9.6.,.1.5.3.,.1.0.6.7.3.....D.e.f.a.u.l.t.I.n.s.t.F.o.l.d.e.r.=.B.r.o.t.h.e.r.....S.k.i.p.D.l.g.S.e.l.e.c.t.=.O.F.F.....R.e.c.e.i.v.e.T.i.m.e.o.u.t.=.3.0.0.0.0.0.....S.e.r.i.a.l.T.o.o.l.L.o.c.a.t.i.o.n.=.2.4.4.,.3.9.....D.i.s.a.b.l.e.E.U.L.A.A.p.p.=.1.0.6.7.3.........

                C:\Users\user\Desktop\Brother Common Installer\commoninstaller.lang

                Download File
                Process:C:\Users\user\Desktop\brcinst10005 (2).exe
                File Type:Unicode text, UTF-16, little-endian text, with very long lines (338), with CRLF line terminators
                Category:dropped
                Size (bytes):395636
                Entropy (8bit):4.30930541266532
                Encrypted:false
                SSDEEP:
                MD5:1B9E9B586779EDF7DA42736F9639ED2B
                SHA1:1EE634242F3E49B16EA51258B865119AEE3EAE60
                SHA-256:59DB4AEF72414512961C25DC5AC0554B445C8217223778C695F9F8785C384980
                SHA-512:E1A93CBAB5C52E953C799672659F9F1212DE4BAB1B613E1871B6FAA252724ADF65C9E10C8E87DBA6C68F7A88DF39248CAE94FFFF698635F30FD9DE6A0B6E9589
                Malicious:false
                Reputation:unknown
                Preview:..;.V.e.r.1...0...0...2.2.....[.C.o.m.m.o.n.].....I.D.S._.C.S.K.I.P.=.".-.".........[.J.P.N.].....I.D.S._.T.I.T.L.E._.B.A.R.=."..0.0.0.0.0.0.0".....I.D.S._.T.Y.P.E.S.E.L._.T.I.T.L.E.=."..0.0.0.0.0x..b.e.l.x..".....I.D.S._.A.U.T.O._.M.S.G.=."..0.0.0.0.0n0...n.0eQ.0.0.0.0.0.0.0h0P.C..0U.S.B..0.0.0.0g0.c.}W0f0K0.0..Rx..b.0.0.0.0.bW0f0O0`0U0D0.0".....I.D.S._.A.U.T.O._.B.T.N.=."...Rx..b(.&.A.).".....I.D.S._.M.A.N.U.A.L._.M.S.G.=.".U.S.B..0.0.0.0.0J0.ca0g0j0D04X.T.0Kb.Rx..b.0.0.0.0.bW0f0O0`0U0D0.0".....I.D.S._.M.A.N.U.A.L._.B.T.N.=.".Kb.Rx..b(.&.M.).".....I.D.S._.C.A.N.C.E.L.=."..0.0.0.0.0".....I.D.S._.M.S.G._.N.O.F.O.U.N.D.=."..O(u.S..j0.0.0.0.0.0L0..d0K0.0~0[0.0g0W0_0.0.0.0.0.0.0.N..K0.0.0.0.0.0.0.0.[a.n0.0.0.0.0.0.0x..bW0f0O0`0U0D0.0".....I.D.S._.O.K.=.".O.K.".....I.D.S._.S.E.L.E.C.T._.T.I.T.L.E.=."..0.0.0.0.0.0.[a.x..b".....I.D.S._.R.E.S.F.R.E.S.H._.M.S.G.=."..0.0.0.0.0.0.[a..0.0.0.0.0L0h.:yU0.0f0D0j0D04X.T.0.f.e.0.0.0.0.bW0f0O0`0U0D0.0".....I.D.S._.P.R.I.N.T.R._.M.S.G.=."..0.0.0.0.0(.

                Chrome Cache Entry: 102

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Non-ISO extended-ASCII text
                Category:dropped
                Size (bytes):3204
                Entropy (8bit):5.154739987184945
                Encrypted:false
                SSDEEP:
                MD5:50052758B840B848D714F08E5DCED8A4
                SHA1:08A3F442BC81DF40FB9D7D3E28D4622453303BCE
                SHA-256:93F66F5FB6D1F1DDBAEA36E1900B3C30D8E262AA0CD1ADEA89DF6BD4E9186F8F
                SHA-512:AC99308F913D29DFF2CF1E20204159682BA589E9F23BAFEE66F753020A08BBCD1AFF1D2D90A65BFF6CFAF9A416D25E18C63401956EA29D15DD45ED5B5543071D
                Malicious:false
                Reputation:unknown
                Preview:// Secure....... .O...[.o......var COOKIE_SECURE_FLG = true;../*!. * jQuery Cookie Plugin v1.4.1. * https://github.com/carhartl/jquery-cookie. *. * Copyright 2006, 2014 Klaus Hartl. * Released under the MIT license. */.(function (factory) {..if (typeof define === 'function' && define.amd) {...// AMD (Register as an anonymous module)...define(['jquery'], factory);..} else if (typeof exports === 'object') {...// Node/CommonJS...module.exports = factory(require('jquery'));..} else {...// Browser globals...factory(jQuery);..}.}(function ($) {...var pluses = /\+/g;...function encode(s) {...return config.raw ? s : encodeURIComponent(s);..}...function decode(s) {...return config.raw ? s : decodeURIComponent(s);..}...function stringifyCookieValue(value) {...return encode(config.json ? JSON.stringify(value) : String(value));..}...function parseCookieValue(s) {...if (s.indexOf('"') === 0) {....// This is a quoted cookie as according to RFC2068, unescape.......s = s.slice(1, -1).replace(/\\"/g,

                Chrome Cache Entry: 104

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 83 x 52, 8-bit/color RGBA, non-interlaced
                Category:dropped
                Size (bytes):3738
                Entropy (8bit):7.776314392296219
                Encrypted:false
                SSDEEP:
                MD5:6B44E562ABDA00BC2B580E5823CCE1BF
                SHA1:925D7B801522971C279C9DB9D20E0F6046E02843
                SHA-256:BE8821C70014E571AE621901CFD8455A0D262A3B93688DF11FD195857676B8EB
                SHA-512:C20CE764B2565837F087FBBE16C17574FE5D9081A30F39F0CAC1F064D4CC1081E409FDB0457233006F264E7D73771AFF06B70424765991580AEF72E271D9A0BC
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR...S...4......C......tEXtSoftware.Adobe ImageReadyq.e<..."iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:942B48035AB911E18F49C2B4B9AC75FE" xmpMM:DocumentID="xmp.did:942B48045AB911E18F49C2B4B9AC75FE"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:942B48015AB911E18F49C2B4B9AC75FE" stRef:documentID="xmp.did:942B48025AB911E18F49C2B4B9AC75FE"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?><..H....IDATx..[]l...>..?b.N..IJ~H.. ...,.m.P..a.(U...T...}X..v.xl.R....-H...R.b.V[`!..e..XH ?..'....9w|....v.LX.t}.

                Chrome Cache Entry: 105

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows icon resource - 2 icons, 16x16, 32x32
                Category:downloaded
                Size (bytes):3638
                Entropy (8bit):2.631911437496603
                Encrypted:false
                SSDEEP:
                MD5:E551BC4831810A513B05E9516A0CFE59
                SHA1:CC648A4880588AAC9A13229B3A3222415C0930FB
                SHA-256:57E127CB61BFCD03D3647A01577571F7E8715D6A40D186D606A9693C9DE024E1
                SHA-512:33BA82309B7A672158F4DAE9B24A4868C3E5ED641A5CDF546964C1BD8925CCDE15C7FBB0EC4131846B4A8A2C598B776B69097DAD47A7DC68CBB4F6E73B7E1BA6
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/img/module/favicon.ico
                Preview:..............h...&... ..............(....... ...........@............................3...>...iC..}^..n..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                Chrome Cache Entry: 106

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:GIF image data, version 89a, 10 x 46
                Category:dropped
                Size (bytes):1168
                Entropy (8bit):6.795978372767928
                Encrypted:false
                SSDEEP:
                MD5:B556D490CE01FDF0FCEEE847DADD27C9
                SHA1:313CDE866E5E327BC09E91B1F58A6FDF4F145EEB
                SHA-256:C6710A2CD780ACCEABD213E38974AF319D657277EDC52842F9A65B3A2C59225E
                SHA-512:B1A71ED61DB5035CC0647EC40F5BD898A756C2647BD7BBFDAD267372D857B067D8D40EFD956EAA9F46DE245B78014F4591C030150BD1394B94CF68BFD6A34CCE
                Malicious:false
                Reputation:unknown
                Preview:GIF89a...............................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:30AC69B954A711E19EE1FEEB575C1962" xmpMM:DocumentID="xmp.did:30AC69BA54A711E19EE1FEEB575C1962"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:30AC69B754A711E19EE1FEEB575C1962" stRef:documentID="xmp.did:30AC69B854A711E19EE1FEEB575C1962"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..................................................................................................................................~}|{zyxwvutsrqponmlkjihgfedcba`_^]\[ZYX

                Chrome Cache Entry: 107

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Non-ISO extended-ASCII text, with CRLF line terminators
                Category:downloaded
                Size (bytes):10998
                Entropy (8bit):4.627370270646244
                Encrypted:false
                SSDEEP:
                MD5:427889EC6243ECA461C38858F5C9CFFF
                SHA1:27579EC20F47CF3856958C599C66DE80675BD336
                SHA-256:3B4D7DD7EF8FBB9004B1E459EBB73952E7287C18293BB1940100D749B59FCCA2
                SHA-512:A4CEDDD5590E63CC39A6553AA0C3FDBC290D131473CCECF1FC989B8C3FD9B97F0DA87F6B01BC188840A5EA76F92E638EB6BB656538901055603B54BDCAB24B5C
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/js/conf.js?202103
                Preview:(function ($) {.. //previmg.. this.Prev = function () {.. marginx = 10;.. marginy = 10;.. $(document).on("mouseenter", "a.imgprev img", function (e) {.. this.ttl = this.title;.. this.title = "";.. if (this.name != "") {.. $("body").append("<p id='imgprev'><img src='" + this.name + "' alt='' /></p>");.. sleep(400);.. $("#imgprev")........css("top", (e.pageY - marginx) + "px")........css("left", (e.pageX + marginy) + "px")........fadeIn("fast");.. }.. });.. $(document).on("mouseleave", "a.imgprev img", function () {.... this.title = this.ttl;.... $("#imgprev").remove();....});.. $("a.imgprev img").mousemove(function (e) {.. $("#imgprev").......css("top", (e.pageY - marginx) + "px").......css("left", (e.pageX + marginy) + "px");.. });.. };.. Prev();.. function sleep(msec) {.. var date = new Date();.. var cur

                Chrome Cache Entry: 109

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 106 x 40, 8-bit/color RGBA, non-interlaced
                Category:downloaded
                Size (bytes):50038
                Entropy (8bit):6.7951332214294435
                Encrypted:false
                SSDEEP:
                MD5:6B8A7FAB7A8A81C4EC525DF4482E7A4D
                SHA1:53461EBB470A24450CD6C48A968A38915A6719F5
                SHA-256:33897FD084BFE8201117B36605C026C90E2EEC93919E2F61BBB6BAA5E8CFAE3B
                SHA-512:9D9294975351D1FD2F5A1F3E8BA68591117AD64A1E0DCF141AD6864DCD6D096DDC47D4278D5300CFAD3CD6EAFD033F3C0FD9F31051C0552E47733F2CC0E9C72F
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/region/us/us/en/img/ci_01.png
                Preview:.PNG........IHDR...j...(.......o.....sBIT....|.d.....pHYs...........~.....tEXtSoftware.Adobe Fireworks CS5q..6....prVWx..Y?.#5.w6.vl....@B.VHH......t....TT..E.....J...tB.V4A|.$...A..............d.v7.....{........O.......\.L..3.-h*^....F.=...`4....l0......{..Iv......j..S.....k...T...o..Q....y."~....4.u....}...x......OK|~.b..\.../L>..{/..o[O6..K:....]p..o.7].l.n.~.....o.n..7..!..]._.&...b...20.e(...m.Im..oi.sHb/..u.xA_-.M...e.Z...K.9.h1...\.R. .I.........<`...!..l)~'..... #..7....=d...Nj..Xkr.v<5.?..4...B..=..O..j...I;......@..R.R^.m^.F(z:..U......*K...`.r...z|.af..@{.am.s.0s..C..2.;...2};W..{].6e..P...<.y.a...0.o.;~.{...4.....b...5.;6...B.f..;....6~j.....Z....uL..o..ugA...$.S.....%P....!/c....{f/..Kw......X..=.[.....z........U..m..b..g..+.i..=...+,..6..)..*.2y..d....ps{74Eq..?..:A..Mt.#k.n..id.z0.Eh?.z.W...V ....rZ..E...3..8.H;."..Ocy...xy.;.R..--s.!Y..)/.V.oU.H..,....Ue..[uC...C... ."m.9f\.......).l......A."SQp...e.0J`........INl...k. D.....:...o.S|b.

                Chrome Cache Entry: 110

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (1269), with CRLF line terminators
                Category:downloaded
                Size (bytes):16660
                Entropy (8bit):5.159559097161783
                Encrypted:false
                SSDEEP:
                MD5:66783B4396F27465699AD53A1F29A2FB
                SHA1:BF63BE94A8C8EDC17D38C251707B2EB942814C6B
                SHA-256:7DCA1ED394A1B92FBB74AE73692B21FE51A879E0CF13AEDB406A5DB9F304F435
                SHA-512:6565CAFAECB0BFE579B3188EA0F4922DA7B6A153C72947F4009D4112D6FC2C0C7A584C0FCF1C3EA5CA49D01C9D068842A57CFFF04F06E3C5B14E2FBF288322B8
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/css/base.css
                Preview:.@charset "UTF-8";..../* CSS Information =======================..------------------------------------------..Table of Contents:.. +reset.. +base.. +header.. +container.. +main.. +sub.. +aside.. +footer.. +clearfix..========================================*/..../*========================================.. +reset..========================================*/../*..YUI 3.4.1 (build 4118)..Copyright 2011 Yahoo! Inc. All rights reserved...Licensed under the BSD License...http://yuilibrary.com/license/..*/..html{color:#000;background:#FFF}body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,code,form,fieldset,legend,input,textarea,p,blockquote,th,td{margin:0;padding:0}table{border-collapse:collapse;border-spacing:0}fieldset,img{border:0}address,caption,cite,code,dfn,em,th,var{font-style:normal;font-weight:normal}ol,ul{list-style:none}caption,th{text-align:left}h1,h2,h3,h4,h5,h6{font-size:100%;}q:before,q:after{content:''}abbr,acronym{border:0;font-variant:normal}sup{vertical-align:text-top}sub{v

                Chrome Cache Entry: 111

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Unicode text, UTF-8 text, with very long lines (31885)
                Category:downloaded
                Size (bytes):303028
                Entropy (8bit):5.55421135614929
                Encrypted:false
                SSDEEP:
                MD5:83C3456B080E142EED75E1DB5B9376E9
                SHA1:D7648C64A1D04AB8BB60B772970EF8D40DD992BA
                SHA-256:BD72E0C2AB9ECA9C8A6015FCA2066A4910DF59A678EECD78F1D78D30954CC4FD
                SHA-512:26A84C84DB3749C243F9C26FE6640FB09A550768FF6D1C988AA609E1642A78B0E788A935EAAF86E24C0746C54D5E3958C3338CE614919950CE490CB2009D1620
                Malicious:false
                Reputation:unknown
                URL:https://www.googletagmanager.com/gtm.js?id=GTM-KCDHK5M
                Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"18",. . "macros":[{"function":"__e"},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"AgreeURL"},{"function":"__u","convert_case_to":1,"convert_undefined_to":"None","vtp_component":"QUERY","vtp_queryKey":"c","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__smm","vtp_setDefaultValue":true,"vtp_input":["macro",3],"vtp_defaultValue":"None","vtp_map":["list",["map","key","us","value","AM"],["map","key","ca","value","AM"],["map","key","br","value","AM"],["map","key","mx","value","AM"],["map","key","us_ot","value","AM"],["map","key","au","value","AS"],["map","key","hk","value","AS"],["map","key","i

                Chrome Cache Entry: 112

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 83 x 55, 8-bit/color RGBA, non-interlaced
                Category:downloaded
                Size (bytes):4070
                Entropy (8bit):7.817385825243472
                Encrypted:false
                SSDEEP:
                MD5:702BB9DAB98331D7682E1D523121BC81
                SHA1:CA36D9B01893643965A4D82400E31775726A370C
                SHA-256:63BA22CC595E8D75F215A554B76DB12E945ADF4C35620002E33236CDEFAE6617
                SHA-512:A9B82D903CDF65FF2664C5DD6344A3A61CE6C727EBFF722059242F7FAC44FA04FBAEC35AA7B5FF48C80E60F824B47B30A378891BA861FA4B8184614BDA052EDB
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/img/module/icon_search_83.png
                Preview:.PNG........IHDR...S...7.....p.vL....tEXtSoftware.Adobe ImageReadyq.e<..."iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:8BA250DE5ACC11E18F49C2B4B9AC75FE" xmpMM:DocumentID="xmp.did:8BA250DF5ACC11E18F49C2B4B9AC75FE"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:8BA250DC5ACC11E18F49C2B4B9AC75FE" stRef:documentID="xmp.did:8BA250DD5ACC11E18F49C2B4B9AC75FE"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...|...ZIDATx...O.[....{7t.,.....5Qo....f.7.&su.O....5.1F...@|.3.Q..1.W...P...rUV..hz...}OUaSV..4..KN.....O..S

                Chrome Cache Entry: 113

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:GIF image data, version 89a, 10 x 22
                Category:dropped
                Size (bytes):1179
                Entropy (8bit):6.769944972942144
                Encrypted:false
                SSDEEP:
                MD5:6A89FACD4C196225A64BB611C840A3D9
                SHA1:DED5B21593CBEC121814C7EF1E554154D611497B
                SHA-256:7AD7DCCFB0776D899B02094F229737E35B2B08A6A967F87ED9DD174C45272DCB
                SHA-512:086E7134B0F81E0B07B17E92CD40F8967A5B7290B5C5105449DD45F9CECA31D81C102BE5D79E4E4CE0B72FFA36D52D77337788C51CA1096BC1EF9A77408D04E3
                Malicious:false
                Reputation:unknown
                Preview:GIF89a.......................................................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:40B06B3055E811E1A71FB2FCA0B311E7" xmpMM:DocumentID="xmp.did:40B06B3155E811E1A71FB2FCA0B311E7"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:40B06B2E55E811E1A71FB2FCA0B311E7" stRef:documentID="xmp.did:40B06B2F55E811E1A71FB2FCA0B311E7"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..................................................................................................................................~}|{zyxwvutsrqp

                Chrome Cache Entry: 118

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:GIF image data, version 89a, 4 x 7
                Category:dropped
                Size (bytes):1125
                Entropy (8bit):6.732831542457344
                Encrypted:false
                SSDEEP:
                MD5:DC83404BC9C3D657259359E297B7C8E9
                SHA1:351DA55B0E7F09C6FA8A981B88BDF3A61FAB857B
                SHA-256:54F8F8BED94C0E2E05620715728EB2CE8E35EB13F25FDA4CF3FD2DFA5BED0928
                SHA-512:B299C8EAA2DB4507652831CB842A04FA8293B1B871E9141AB1AA647CE055A605260A6EBF5A47ED6D418EF87232912168DF34E43E9EFA0EF152A7247BD592B1F9
                Malicious:false
                Reputation:unknown
                Preview:GIF89a.......mmm...qqq......vvv|||...!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:41E9755954A611E19EE1FEEB575C1962" xmpMM:DocumentID="xmp.did:41E9755A54A611E19EE1FEEB575C1962"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:41E9755754A611E19EE1FEEB575C1962" stRef:documentID="xmp.did:41E9755854A611E19EE1FEEB575C1962"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..................................................................................................................................~}|{zyxwvutsrqponmlkjihgfedcba`_^]\[ZYX

                Chrome Cache Entry: 119

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 83 x 58, 8-bit/color RGBA, non-interlaced
                Category:downloaded
                Size (bytes):4824
                Entropy (8bit):7.851288046066785
                Encrypted:false
                SSDEEP:
                MD5:9040CF6359F4ABC13EA7F0D48E106418
                SHA1:4A0CC272184ED1AD4C9AC4AF560AF399746007A7
                SHA-256:40FA729AC76C675F1F3E9F86812F994B6C9A6B0339A0DB691D18352226FA4587
                SHA-512:66269B84A54593090D05B2B038C8F2A42D207DE52A132924DFD98C0148C3ECB3F8C70BEABCAEF969416A16BE534DEB79804704615249CE77346A2AB2B662C439
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/img/module/icon_cloud_83.png
                Preview:.PNG........IHDR...S...:......Ie.....tEXtSoftware.Adobe ImageReadyq.e<..."iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:CC530B3F5ACC11E18F49C2B4B9AC75FE" xmpMM:DocumentID="xmp.did:CC530B405ACC11E18F49C2B4B9AC75FE"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:8BA250E05ACC11E18F49C2B4B9AC75FE" stRef:documentID="xmp.did:CC530B3E5ACC11E18F49C2B4B9AC75FE"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>gv.6...LIDATx..\K.........16^.(aAp "b/9....)...E....y).+.H$....QB. ....%9%9`...-.Z9D ".H...h.._`.xv......U....^..X.X.

                Chrome Cache Entry: 120

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:GIF image data, version 89a, 182 x 67
                Category:dropped
                Size (bytes):2945
                Entropy (8bit):7.639742797790345
                Encrypted:false
                SSDEEP:
                MD5:B1F3CC2B75ACB729A1A74445C4CA7335
                SHA1:99F473FAF36056D0180038BDB141159EC53CFAC7
                SHA-256:E4867CBBAA500CA4E4DB2625362FB3D14F6F80D371984C0366769D4EBBEFAC66
                SHA-512:BAA6A793E9D4B61879C3764F8D660F5F7E339EF62FD796A5BE5D031A60D80912D3F84196B0222082240E954D22064F0EA88BEA485F4488143E29E49D5132B39F
                Malicious:false
                Reputation:unknown
                Preview:GIF89a..C...................<Ny..Pgr.Ta....x...*S....0d.....%<m........HXx....................fff.... `!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:0055b3d2-17a3-9549-b2d2-9b9ea05f5e81" xmpMM:DocumentID="xmp.did:C84743DBE66111E9974B8DEED5BAEC43" xmpMM:InstanceID="xmp.iid:C84743DAE66111E9974B8DEED5BAEC43" xmp:CreatorTool="Adobe Photoshop CC 2019 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:e0a329de-0abc-c746-9d1d-e740e34be73e" stRef:documentID="adobe:docid:photoshop:bb0138c2-b789-cf40-a4f4-3d1f2657d225"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?

                Chrome Cache Entry: 122

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Unicode text, UTF-8 text, with very long lines (31885)
                Category:dropped
                Size (bytes):303035
                Entropy (8bit):5.5542574233497275
                Encrypted:false
                SSDEEP:
                MD5:5ADCE5045470CBC625DE83FA327DB224
                SHA1:4EBCBA43B8ACD63F944788BAA577BC20DBB2B148
                SHA-256:C66D4C857E44FC32FC388D8BF6C5422A8533D158DDD8C2B316329FB236FEEF6B
                SHA-512:08F9942C47BB3ADAD82DA2BA702D6DC9A530CD7C652F46646A64E20992771DDEF549D48D42775CE5AFD4FAF864B802A9BDC41B0A5349D65612D4828C1E204AC3
                Malicious:false
                Reputation:unknown
                Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"18",. . "macros":[{"function":"__e"},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"AgreeURL"},{"function":"__u","convert_case_to":1,"convert_undefined_to":"None","vtp_component":"QUERY","vtp_queryKey":"c","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__smm","vtp_setDefaultValue":true,"vtp_input":["macro",3],"vtp_defaultValue":"None","vtp_map":["list",["map","key","us","value","AM"],["map","key","ca","value","AM"],["map","key","br","value","AM"],["map","key","mx","value","AM"],["map","key","us_ot","value","AM"],["map","key","au","value","AS"],["map","key","hk","value","AS"],["map","key","i

                Chrome Cache Entry: 123

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 13 x 10, 8-bit/color RGBA, non-interlaced
                Category:dropped
                Size (bytes):1088
                Entropy (8bit):6.318083990192285
                Encrypted:false
                SSDEEP:
                MD5:21A05E3D26B8D09E096953E0F6300099
                SHA1:C88EA436CEAB16D77DA76EDF8F6C6CBBAE1150F5
                SHA-256:0C6B92BBE959CB70627747F9363B1C687D1741F8BD220FDA71B42939E9541095
                SHA-512:54730EB1F687D4355AFF0796701E9D05BE52BC7B934301A9BD2CFE85F0BD5F32DE636A65E781F4A38B0230F5D1F45E06E22FC68D43762AAAF019DED543452FAE
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR.............o.......tEXtSoftware.Adobe ImageReadyq.e<..."iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:2B43663354A511E19EE1FEEB575C1962" xmpMM:DocumentID="xmp.did:2B43663454A511E19EE1FEEB575C1962"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:2B43663154A511E19EE1FEEB575C1962" stRef:documentID="xmp.did:2B43663254A511E19EE1FEEB575C1962"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>:.......IDATx.b...?.:..[..,-.dD.gB.h.X....`. .....a...?.1TWD0.. ......1.WR6.....g.... 6\SVv.Xp...F... ...qq%`.....

                Chrome Cache Entry: 128

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 6 x 22, 8-bit/color RGBA, non-interlaced
                Category:downloaded
                Size (bytes):1132
                Entropy (8bit):6.411609988547991
                Encrypted:false
                SSDEEP:
                MD5:C280D630966D825DB15C4B9291BC18CC
                SHA1:751FF0C88C9941233DAB4961F6A39AB6A87F20D9
                SHA-256:CF6548DD93C592E405DBC21B4A0A7D0E89936FBE6F7E53D29C1090B4F78D020D
                SHA-512:AEF8604CE9978E59AE3426DA75D43C27FAC60874D9FB05E19E1A2F265156C89DF97500EBCAEB77A90EBFD343F932BE416E002AD908389D116C26C02BB5154000
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/img/module/icon_line_gr_01.png
                Preview:.PNG........IHDR.....................tEXtSoftware.Adobe ImageReadyq.e<..."iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:F7ED720E54AC11E19EE1FEEB575C1962" xmpMM:DocumentID="xmp.did:F7ED720F54AC11E19EE1FEEB575C1962"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F7ED720C54AC11E19EE1FEEB575C1962" stRef:documentID="xmp.did:F7ED720D54AC11E19EE1FEEB575C1962"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>........IDATx.....1....^....%...-L..T.LAw[..P\...8E..;.$.I..h...N>[....l.....l.r..\..pyKte.48" ...1.....XM...PA....

                Chrome Cache Entry: 129

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (65302), with CRLF line terminators
                Category:dropped
                Size (bytes):94080
                Entropy (8bit):5.3559925643277335
                Encrypted:false
                SSDEEP:
                MD5:AED8A748E97C493A6FF5996ACFAF000C
                SHA1:9FC7C751EB3EA354CAD6E280CE26D152F05A045E
                SHA-256:6B6C41A3C7FC3D6561EA8097A96D77F52A150FFB7CF9649AD6CEAFAEA9DC1747
                SHA-512:5292F734A9F8C8DE8C568E1F49620F521230C1ABBDD8C3885A36379C1E14B1856815F030B9BCDF91F0F52884C621018766FAD274D435B0B09698914491B77BA3
                Malicious:false
                Reputation:unknown
                Preview:/*========================================.. * jQuery v3.5.1.. * heightLine JavaScript Library beta4..========================================*/..../*! jQuery v3.5.1 | (c) JS Foundation and other contributors | jquery.org/license */..!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)

                Chrome Cache Entry: 130

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:HTML document, ASCII text, with very long lines (446), with CRLF, LF line terminators
                Category:downloaded
                Size (bytes):13961
                Entropy (8bit):5.1371061493647225
                Encrypted:false
                SSDEEP:
                MD5:E28A9793DBE6C522E0632CA2D05598EF
                SHA1:ABC4B4DFC63E1756FB7AF63994109905BF868CF7
                SHA-256:535C6495A1F8AE3FFA9AE23C94F65FF3A56C2565551F68045EE1896B7D239BB1
                SHA-512:035FF4A56E9B8A53ADA6C6586D29F0FAB7E1E9AF899885187AF09FAC5E5A935EC8DC1FC66CFC60B9B64133D446C474B10395340E7FF9F56432DAF8E10FA1D1DB
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/countrytop.aspx?c=us&lang=en
                Preview:............<!DOCTYPE html>.. [if IE 6 ]><html lang="en" class="ie ie6"><![endif]-->.. [if IE 7 ]><html lang="en" class="ie ie7"><![endif]-->.. [if IE 8 ]><html lang="en" class="ie ie8"><![endif]-->.. [if (gte IE 9)|!(IE)]> >..<html lang="en"> <![endif]-->..<head>..<meta charset="UTF-8">..<title>United States | Brother support website</title>.. Google Tag Manager -->..<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':..new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],..j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=..'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);..})(window,document,'script','dataLayer','GTM-KCDHK5M');</script>..<meta content="" name="keywords">..<meta name="description" content="">....<link rel="stylesheet" href="/g/b/shared/css/base.css" media="all">..<link rel="stylesheet" href="/g/b/shared/css/module.css" media="all">....<link href="/g/b/shared/im

                Chrome Cache Entry: 131

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:GIF image data, version 89a, 10 x 53
                Category:downloaded
                Size (bytes):1222
                Entropy (8bit):6.865013237295665
                Encrypted:false
                SSDEEP:
                MD5:B47AD14CA9F8CC23799414854DFE69F3
                SHA1:78C14F9AE30C0BCC3D8856AA8C5C91A9243C6036
                SHA-256:A35D6051F2BC2A340CB391395F83FDE1487638C6C057428744BC797AA59DA0D5
                SHA-512:AFAED26C64A0C47C3E426BDD44BE87A968CF4B6C3CDF40F198E44156FB5B468159EE055D67550FF9A2054F8D6F032128AD7EF41F81432A8D1512F14B1140637E
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/img/module/icon_grad_tb_wg_53.gif
                Preview:GIF89a..5....................................................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:30AC69B554A711E19EE1FEEB575C1962" xmpMM:DocumentID="xmp.did:30AC69B654A711E19EE1FEEB575C1962"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:30AC69B354A711E19EE1FEEB575C1962" stRef:documentID="xmp.did:30AC69B454A711E19EE1FEEB575C1962"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..................................................................................................................................~}|{zyxwvutsrqp

                Chrome Cache Entry: 133

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Non-ISO extended-ASCII text, with CRLF line terminators
                Category:dropped
                Size (bytes):3170
                Entropy (8bit):5.114065473619537
                Encrypted:false
                SSDEEP:
                MD5:8B93DF5006B9A5F5577B668320D99006
                SHA1:4043295E9553DAC640BC4EBF5A38BE39BD9F36F3
                SHA-256:14178FE857B6D7CE9A557DABF6A5A80A261721E5B2510CF353AEDEEA57B6F96D
                SHA-512:201D629F098C53B9CC3A8E46E0F93F79DD60C157566BF90483A61B8F71B467390F81D5635089495546397F72108D27481B5F04818737C26DDACAC0A9AF639BDF
                Malicious:false
                Reputation:unknown
                Preview:// jquery.K.{....// onready.C.x...g..A.X.}.[.g.t.H..............._.C...N.g......$(function () {.. var get = getRequest();.. var pfs = get['pfs'];.. var content = get['content'];.. var isHref = false;.. var url = "";.... if (location.pathname.indexOf("/b/branch/") > -1) {.. // .R...e...c.v...o.C._....A..._.C...N.g....... }.. else if (isAndroidOS2Or4() || isiPhoneOriPod()) {.. // .X.}.z..... if (pfs != "1" && content != "olddl" && location.pathname.indexOf("/sp/") == -1 && content != "dl") {.. var section1 = location.pathname.split('/')[1];.. var section2 = location.pathname.split('/')[2];.. var section3 = location.pathname.split('/')[3];.. if (section2 == "") {.. section2 = "b";.. }.. if (section3 == "" || section3 == null) {.. section3 = "index.aspx";.. }.... var param = location.search;.. param = p

                Chrome Cache Entry: 134

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (925), with CRLF line terminators
                Category:downloaded
                Size (bytes):15818
                Entropy (8bit):4.61926514607613
                Encrypted:false
                SSDEEP:
                MD5:13A04B7B9CA7C5E50296018F2BA2A1C3
                SHA1:5F556239714145BFE838521BC779C3E8DE45EA3F
                SHA-256:F23C025E656BD6ABB459DCF94D39C523B0D0B225BD0FEDDC4F65EFB5DC621FC9
                SHA-512:787D31B938DD79EE3715D38B0B2C6B37621DF6ADE2AF66954DB156DB09420BCEA97106C924BFDED7E08379B5C92FE8AF8F6A462BA1042DCB26622ADDE62B8D8B
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/js/jquery.analytics.js
                Preview:// ForAnalyticsJavaScript....function analyticsSend(deptid, group, type3, url, series, isRedirect, urlForManual) {.... var branch = getUrlVarsA()['branch'];.. if (branch != null && branch != "undefined" && branch === "pdf") {.. return;.. }.... var countryCode = getUrlVarsA()['c'];.. if (group == "Manual To File" && countryCode != "us") {.. return false;.. }.... var targetpage = ['countrytop.aspx', 'productsearch.aspx', 'productseries.aspx', 'productlist.aspx', 'producttop.aspx', 'producttopb.aspx', 'faqtop.aspx', 'faqtopb.aspx', 'faqcategory.aspx', 'faqlist.aspx', 'faqsearch.aspx', 'faqend.aspx', 'imglist.aspx', 'msglist.aspx', 'faqendbranchprintable.aspx', 'downloadtop.aspx', 'downloadlist.aspx', 'downloadend.aspx', 'downloadhowto.aspx', 'manualtop.aspx', 'manuallist.aspx', 'selectlanguage.aspx', 'agreement.aspx', 'downloadendbranch.aspx', 'downloadhowtobranchprint.aspx', 'serial.aspx', 'serialb.aspx', 'cotop.aspx', 'colist.aspx', 'cotop.aspx', 'coli

                Chrome Cache Entry: 79

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (4201)
                Category:dropped
                Size (bytes):295065
                Entropy (8bit):5.564121595882129
                Encrypted:false
                SSDEEP:
                MD5:0A26926969EEC3C841C154A97F917F4A
                SHA1:72A805B8914B09828B01CD8A931609523422DD57
                SHA-256:C0DBD79A5696AF860AE65CC43378996031B212950C8FCDC638F98A7A31926A11
                SHA-512:747F906EFDDF56B667AAA69DAF7F2FE0A20C7A9F162B83D2D123657574BCB916D8154F458C28010A481F463668E712260BA0A720AE41A6222DAD5BD2D4980F6A
                Malicious:false
                Reputation:unknown
                Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_1p_data_v2","priority":10,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_lastNameType":"CSS_SELECTOR","vtp_autoAddressEnabled":false,"vtp_regionValue":"","vtp_countryValue":"",

                Chrome Cache Entry: 80

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 10 x 241, 8-bit colormap, non-interlaced
                Category:dropped
                Size (bytes):1019
                Entropy (8bit):6.145629954188301
                Encrypted:false
                SSDEEP:
                MD5:E2ABE793C9100AE50ECF92032858A666
                SHA1:082DDB79270BC4E16F38DF563FF239A7B1B39733
                SHA-256:CC0FA3BBD2EFBF7A2C25346C4AC9A9EF0626F592906E8CE2CDD4661B1A5A261D
                SHA-512:51C8453FAD0D81F00BE1563ECF1EEEBACE6128B6441DC5F9CBC50474E79F02A14CB4793D13C7F122B42224AF6913A1A527EB56428036FEEB272886F3A0BAE2EA
                Malicious:false
                Reputation:unknown
                Preview:.PNG........IHDR...............U....tEXtSoftware.Adobe ImageReadyq.e<..."iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:2B43663754A511E19EE1FEEB575C1962" xmpMM:DocumentID="xmp.did:2B43663854A511E19EE1FEEB575C1962"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:2B43663554A511E19EE1FEEB575C1962" stRef:documentID="xmp.did:2B43663654A511E19EE1FEEB575C1962"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..!....$PLTE.........................................?IDATx...9.. ..A.......R.BL..ca.......R. ....!......n....}.C....

                Chrome Cache Entry: 82

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:GIF image data, version 89a, 6 x 284
                Category:downloaded
                Size (bytes):1429
                Entropy (8bit):7.228519346393832
                Encrypted:false
                SSDEEP:
                MD5:93FBA9664FCABA1B8589618986AF8866
                SHA1:44306EA6403DB2F68827A0F90BB07A66C4201E15
                SHA-256:DE8756F54FC5E64D1AD1019189586EC6BFBED31548C52E6AAB9DB54403C67DBD
                SHA-512:2266E6883F0843F1F3D2BA7A022CF194351AA4B6BC2AD0194D072396FA13D1753B5AE016DBCE78A1116C3C4399D221430EE2B715A1E889A973557CAFDF00F6EB
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/img/footer/icon_stripe_01.gif
                Preview:GIF89a.......................................................................................................!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:6266D8415AA011E18F49C2B4B9AC75FE" xmpMM:DocumentID="xmp.did:6266D8425AA011E18F49C2B4B9AC75FE"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6266D83F5AA011E18F49C2B4B9AC75FE" stRef:documentID="xmp.did:6266D8405AA011E18F49C2B4B9AC75FE"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.................................................................................................

                Chrome Cache Entry: 83

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 83 x 54, 8-bit/color RGBA, non-interlaced
                Category:downloaded
                Size (bytes):5181
                Entropy (8bit):7.871645715496671
                Encrypted:false
                SSDEEP:
                MD5:1793FBE9CD534D5CC09B9AD3EBA847DC
                SHA1:CD965A75348C3FD2244C38675EAF5CBA1A919BF0
                SHA-256:BF23A24EF4BED15EFBC940136A2671F573F44269A884DB674F405ED7EE344933
                SHA-512:E8FCAE13CC9D274BB153CCF80631A477C2D6D8C657405016AFAF7043C295853BD188FE20AD0954966938800B83D344FE182B56AEDB9A593486FF554D8AEB685A
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/img/module/icon_question_83.png
                Preview:.PNG........IHDR...S...6.............tEXtSoftware.Adobe ImageReadyq.e<..."iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:CC530B435ACC11E18F49C2B4B9AC75FE" xmpMM:DocumentID="xmp.did:CC530B445ACC11E18F49C2B4B9AC75FE"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:CC530B415ACC11E18F49C2B4B9AC75FE" stRef:documentID="xmp.did:CC530B425ACC11E18F49C2B4B9AC75FE"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>1.......IDATx..[..]E..g.g...-.[dK.bU.......A.(.HR.G....A.....V...F.iD..*...P.......<V...t...{.93...3s...b.{....{

                Chrome Cache Entry: 84

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                Category:dropped
                Size (bytes):436
                Entropy (8bit):4.932577832063453
                Encrypted:false
                SSDEEP:
                MD5:DE1BFE1CA4E6FC1327A4C367492F1D30
                SHA1:7DF27E6985371F9E7823F5440BA0DE69F3DC5D4F
                SHA-256:D7BB9E7D41B65723FFA79F5DEE6C8BA25AE188D4C81E882E981306F5D3FBF7AC
                SHA-512:596831F43198F0FA7CBF9C49884B4814FABF0B310CFB0B32457069EEA6B13C4929E537AD4BA99F10044C75855E059E589A6D70C6B9179917A8FAE49FCC700139
                Malicious:false
                Reputation:unknown
                Preview:.document.write("&copy; 2001-" + new Date().getFullYear().toString() + " Brother Industries, Ltd. All Rights Reserved.");..document.write("<br>");..document.write("<p style='font-size:90%'>");..document.write("Any trade names and product names of companies appearing on Brother products, related documents and any other materials are all trademarks or registered trademarks of those respective companies.");..document.write("</p>");..

                Chrome Cache Entry: 87

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                Category:downloaded
                Size (bytes):77034
                Entropy (8bit):5.223793285335856
                Encrypted:false
                SSDEEP:
                MD5:0FA805966F416AC1D57FBD21F9572E5E
                SHA1:A6D8035044FD114BDE736F6682712523EA8587BC
                SHA-256:48619D67CAD64EAFFADF4F04FDDA086AC3700A06E52ACDB29A65F0933D870AD8
                SHA-512:01B7D34FD873F5A41137B632759EBAAC7A2318160A70EF88B2E9C00133115A5927BE6E90A447EECAAE86F87EE95C3846C11C22539CB7CB0D86B1C1E46455037D
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/css/module.css
                Preview:.@charset "UTF-8";..../* CSS Information =======================..Table of Contents:.. +lv.. +block.. ++overlay.. ++assistant-nav.. ++tab-nav.. ++unit-bsc.. ++unit-multi-column.. ++unit-section.. ++unit-box.. ++unit-index-block.. ++unit-faq-index.. ++unit-notice.. ++unit-category-nav.. ++unit-info.. ++unit-search-box/unit-search/unit-ques-box.. ++mod-heading-wrap.. +toggle.. +block module.. +heading.. +paragraph.. +list.. +table.. +form.. +general..========================================*/..../*========================================.. +lv..========================================*/...lv1 {}...lv2 {}...lv3 {}...lv4 {}...lv5 {}...lv6 {}..../*========================================.. +block..========================================*/../*.. ++overlay..========================================*/..#blackLayer {...background: url(/g/b/shared/img/module/bg_overlay_01.png) left top repeat;..}...unit-overlay {...display: none;...position: absolute;...width: 100%;...height: 10

                Chrome Cache Entry: 88

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:GIF image data, version 89a, 200 x 3
                Category:downloaded
                Size (bytes):1159
                Entropy (8bit):6.787946210582249
                Encrypted:false
                SSDEEP:
                MD5:97A6CD5CBF0A628445DA8793743BA135
                SHA1:2F63EFBEA36A146917F06155BEAE986B18BAC74C
                SHA-256:F956AE98217FA49E3DEFB779B4682952B99E6C1E3185987919D1214970EED7D4
                SHA-512:EE8894CB819F8570C111EFF1FFD62654232570A90C002D958C1F6829F177D13F37E1B5DB2E2E145E531C61F53932FA56EE893B7A53A798AEFAD84436F4189411
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/img/aside/icon_line_01.gif
                Preview:GIF89a..........y........m...........!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:41E9755D54A611E19EE1FEEB575C1962" xmpMM:DocumentID="xmp.did:41E9755E54A611E19EE1FEEB575C1962"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:41E9755B54A611E19EE1FEEB575C1962" stRef:documentID="xmp.did:41E9755C54A611E19EE1FEEB575C1962"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..................................................................................................................................~}|{zyxwvutsrqponmlkjihgfedcba`_^]\[ZYX

                Chrome Cache Entry: 89

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Non-ISO extended-ASCII text, with CRLF line terminators
                Category:downloaded
                Size (bytes):12477
                Entropy (8bit):5.322128999728512
                Encrypted:false
                SSDEEP:
                MD5:ABB40C849A77E5348570907F3E13CF0A
                SHA1:51CA85B8058CFBAC61D103B74CDB12FD00F5DDC7
                SHA-256:E4BFF4A109E3E38DC0E09BCFE7E48086148A658449D677CE8211BA14D03951B3
                SHA-512:42C7A5371BD49B74BC0D2E4D5CEC3735B7D885323F8B309C30D9BDB7652EF4A4FDDE4708E3686405880C269DBAE41958CCE6FC52BB0C38E3A87C33A7ACC336AB
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/js/jquery.bsccommon.js
                Preview:// BSC....JavaScript....$(document).ready(function () {.. // ...i.r.Q.[.V......a.^.O.u.... replaceHrefForSalesNavi();.. // .X.}.z.T.C.g..a.^.O.u.... replaceHrefForSmartphone();.. // ...........o....a.^.O.u.... replaceHrefForSales();.. // ..I.y.[.W.i...\.....j..a.^.O.u.... replaceHrefForStaticPage();..});..// ...i.r.Q.[.V.....y.[.W..a.^.O.u........function replaceHrefForSalesNavi() {.. // ...[.J...A.h...X.... var localHref = location.href;.... if (undefined != getUrlVars_common()["branch"].. && (getUrlVars_common()["branch"] == "apweb" || getUrlVars_common()["branch"] == "apwebtop5")).. {.. // .S...A.^.O...... aList = $('a');.... //A.^.O......J...... for (var i = 0; i < aList.length; i++) {.... // faqtop............. if (localHref.toLowerCase().indexOf("/g/b/branch/faqtop.aspx") != -1) {.. // ......heightLine-group1.....heightLine-group2..Aactive.........

                Chrome Cache Entry: 91

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (4201)
                Category:downloaded
                Size (bytes):294966
                Entropy (8bit):5.564038792524584
                Encrypted:false
                SSDEEP:
                MD5:AD21A513F0C24E3207D4EF317EB5534E
                SHA1:5442CC763F4F18FCFC762A8FFA2BC869585B507E
                SHA-256:E8BE32FDF01B98778155DA297E538EBE002A63E40616862E9EB0E9D76910499B
                SHA-512:A52783A9AAEAFFC96160E8430B340CEB02D2D68892C4B3352C7B7F6F4257CE50FD43DE5C915DA901F583282254AE32376DD8B1BA870F63E6734630451712F3B3
                Malicious:false
                Reputation:unknown
                URL:https://www.googletagmanager.com/gtag/js?id=G-2QK61748KJ&l=dataLayer&cx=c
                Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_1p_data_v2","priority":10,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_lastNameType":"CSS_SELECTOR","vtp_autoAddressEnabled":false,"vtp_regionValue":"","vtp_countryValue":"",

                Chrome Cache Entry: 92

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:GIF image data, version 89a, 59 x 40
                Category:dropped
                Size (bytes):262
                Entropy (8bit):6.887177527380747
                Encrypted:false
                SSDEEP:
                MD5:ED2B134B21495BF16EFBE173C69F7524
                SHA1:43FFB6CF5CA4312ED41AE5ABE929A5FE0E04DAB7
                SHA-256:BD3E932BCD90069B66B6213801525941654CB81A343BFBBC32933F72F8A261E4
                SHA-512:5D0D272FDD7C38D7FB3BF037E89E601E6EB8529B4AAECEAB707886A31C2008B738232DC9686157E11C5743AD3B81B503197735E6E384405AC8292EBE272E08BE
                Malicious:false
                Reputation:unknown
                Preview:GIF89a;.(.....h.......333............!.......,....;.(....8...0....8_...`.)Zi.b.~$.Xo..p.........pH..h2.r.*:..c......r.X...T....Z.....1......x..ma..JvZ7~*{|..:..[6.....y..g..0.x.|.)t..Y...d. .o..........................P...C....l..`..f...F.......~.........;

                Chrome Cache Entry: 95

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:GIF image data, version 89a, 4 x 7
                Category:downloaded
                Size (bytes):1100
                Entropy (8bit):6.696326883338783
                Encrypted:false
                SSDEEP:
                MD5:855BDAC3C29989F332F38F6597B106FE
                SHA1:BA7B8AADF2D6905E06A77A9EACAB07F0D8D76DF4
                SHA-256:8D8C33E522CA306B19E65BE091938A7D4222ECF4C5A7DA8884CEBA356A4F23CE
                SHA-512:CE3E42D829688C51725F17F441AFFB8AC3CB91E79448B5EB018BFFD5E7904B746EAB2C28553220CEFC802C77871FDEC890302C1B90876D31F7E4A813512D9714
                Malicious:false
                Reputation:unknown
                URL:https://support.brother.com/g/b/shared/img/container/icon_arrow_topicpath.gif
                Preview:GIF89a.......fff...!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Macintosh" xmpMM:InstanceID="xmp.iid:952FBAEF54AA11E19EE1FEEB575C1962" xmpMM:DocumentID="xmp.did:952FBAF054AA11E19EE1FEEB575C1962"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4A5ADE9654A911E19EE1FEEB575C1962" stRef:documentID="xmp.did:952FBAEE54AA11E19EE1FEEB575C1962"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..................................................................................................................................~}|{zyxwvutsrqponmlkjihgfedcba`_^]\[ZYXWVUTSRQPONMLKJIHGF

                Chrome Cache Entry: 99

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (2343)
                Category:dropped
                Size (bytes):52916
                Entropy (8bit):5.51283890397623
                Encrypted:false
                SSDEEP:
                MD5:575B5480531DA4D14E7453E2016FE0BC
                SHA1:E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
                SHA-256:DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
                SHA-512:174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
                Malicious:false
                Reputation:unknown
                Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var n=this||self,p=function(a,b){a=a.split(".");var c=n;a[0]in c||"undefined"==typeof c.execScript||c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r||u();v=v||q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING||[];w.TAGGING[a]=!0};var ba=Array.isArray,c

                Static File Info

                General

                File type:PE32 executable (GUI) Intel 80386, for MS Windows
                Entropy (8bit):6.42148441005661
                TrID:
                • Win32 Executable (generic) a (10002005/4) 98.81%
                • Windows ActiveX control (116523/4) 1.15%
                • Generic Win/DOS Executable (2004/3) 0.02%
                • DOS Executable Generic (2002/1) 0.02%
                • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                File name:brcinst10005 (2).exe
                File size:1'849'216 bytes
                MD5:9df0667238a3970499f559ac6ecb28e7
                SHA1:9aeb537120c0cc6ce1c391481541d24655a9384f
                SHA256:fb170230d0d281b68cce7888693e8667aa7cd375b969d0e15a2457af62d1620d
                SHA512:003c29064e02bee666b6bc4f09cc9c17de6ba245ecf158360975e134c941115a44ab2c24202f215c01d6f9a4bc22e03fbd6f26ec30cd48f7725d225f160908fd
                SSDEEP:49152:U7wtqIqPpiPji/B98GEmfm3u3Wph5FgZIjG1fHrz7cz5b5LX:9qIqPAji/B98G3me3kh5FgZhH/7cz5bt
                TLSH:38859F313A919076C6733530894DA3B9B6BEEA305FB5428766900E3D6EB44E3592C73F
                File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............k...k...k....$..k.......k.......k.......k...k...h.......k....%..k....$.[j.... ..k.......k.......k..Rich.k..........PE..L..

                File Icon

                Icon Hash:1cb6a32b73474d77

                Static PE Info

                General

                Entrypoint:0x5113dc
                Entrypoint Section:.text
                Digitally signed:true
                Imagebase:0x400000
                Subsystem:windows gui
                Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                Time Stamp:0x61DD2773 [Tue Jan 11 06:45:07 2022 UTC]
                TLS Callbacks:
                CLR (.Net) Version:
                OS Version Major:5
                OS Version Minor:1
                File Version Major:5
                File Version Minor:1
                Subsystem Version Major:5
                Subsystem Version Minor:1
                Import Hash:0339ae7c33d8059c55052505c4fddeb8

                Authenticode Signature

                Signature Valid:true
                Signature Issuer:CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US
                Signature Validation Error:The operation completed successfully
                Error Number:0
                Not Before, Not After
                • 12/05/2021 02:00:00 10/06/2022 01:59:59
                Subject Chain
                • CN="Brother Industries, Ltd.", O="Brother Industries, Ltd.", L=Nagoya, S=Aichi, C=JP
                Version:3
                Thumbprint MD5:2DD7141FFBBD9DB43C3016FAAA148A4A
                Thumbprint SHA-1:408474C006F909BDB7DEF972797FB9B2766A1026
                Thumbprint SHA-256:ABF8D956553F1808DF3941EC45B93D158B5DECCAE6A7917F09D29FAD179C4A3F
                Serial:0B90ED343AD880DDA17579BC4366CE2C

                Entrypoint Preview

                Instruction
                call 00007FE92461F15Ch
                jmp 00007FE92461763Eh
                cmp ecx, dword ptr [0058CD40h]
                jne 00007FE9246177B4h
                rep ret
                jmp 00007FE92461F1E3h
                mov eax, dword ptr [ecx+04h]
                test eax, eax
                jne 00007FE9246177B7h
                mov eax, 00564408h
                ret
                mov edi, edi
                push ebp
                mov ebp, esp
                cmp dword ptr [ebp+08h], 00000000h
                push edi
                mov edi, ecx
                je 00007FE9246177DFh
                push esi
                push dword ptr [ebp+08h]
                call 00007FE92461957Ch
                lea esi, dword ptr [eax+01h]
                push esi
                call 00007FE924618D5Fh
                pop ecx
                pop ecx
                mov dword ptr [edi+04h], eax
                test eax, eax
                je 00007FE9246177C3h
                push dword ptr [ebp+08h]
                push esi
                push eax
                call 00007FE92461F2A9h
                add esp, 0Ch
                mov byte ptr [edi+08h], 00000001h
                pop esi
                pop edi
                pop ebp
                retn 0004h
                mov edi, edi
                push esi
                mov esi, ecx
                cmp byte ptr [esi+08h], 00000000h
                je 00007FE9246177BBh
                push dword ptr [esi+04h]
                call 00007FE924618CD4h
                pop ecx
                and dword ptr [esi+04h], 00000000h
                mov byte ptr [esi+08h], 00000000h
                pop esi
                ret
                mov edi, edi
                push ebp
                mov ebp, esp
                mov eax, dword ptr [ebp+08h]
                push esi
                mov esi, ecx
                and dword ptr [esi+04h], 00000000h
                mov dword ptr [esi], 00564400h
                mov byte ptr [esi+08h], 00000000h
                push dword ptr [eax]
                call 00007FE924617737h
                mov eax, esi
                pop esi
                pop ebp
                retn 0004h
                mov edi, edi
                push ebp
                mov ebp, esp
                push esi
                mov esi, dword ptr [ebp+08h]
                push edi
                mov edi, ecx
                cmp edi, esi
                je 00007FE9246177CFh
                call 00007FE92461775Bh
                cmp byte ptr [esi+08h], 00000000h
                je 00007FE9246177BEh
                push dword ptr [esi+00h]

                Rich Headers

                Programming Language:
                • [C++] VS2010 build 30319
                • [C++] VS2008 SP1 build 30729
                • [ C ] VS2008 SP1 build 30729
                • [IMP] VS2008 SP1 build 30729
                • [ASM] VS2010 SP1 build 40219
                • [ C ] VS2010 SP1 build 40219
                • [C++] VS2010 SP1 build 40219
                • [RES] VS2010 SP1 build 40219
                • [LNK] VS2010 SP1 build 40219

                Data Directories

                NameVirtual AddressVirtual Size Is in Section
                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                IMAGE_DIRECTORY_ENTRY_IMPORT0x183d8c0x17c.rdata
                IMAGE_DIRECTORY_ENTRY_RESOURCE0x1970000xa8cc.rsrc
                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                IMAGE_DIRECTORY_ENTRY_SECURITY0x1c1e000x1980.reloc
                IMAGE_DIRECTORY_ENTRY_BASERELOC0x1a20000x1bd34.reloc
                IMAGE_DIRECTORY_ENTRY_DEBUG0x13edd00x1c.rdata
                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x16aa800x40.rdata
                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                IMAGE_DIRECTORY_ENTRY_IAT0x13e0000x9b8.rdata
                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                Sections

                NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                .text0x10000x13c4be0x13c6005f469e9d14b86956c441a862a7152724False0.5587395977380482data6.548295855444436IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                .rdata0x13e0000x492e20x494007fbc6f9780d4cf347559dab5e25bfa3fFalse0.27297754906143346data4.985055507821156IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                .data0x1880000xe45c0x6a003b62724d572f0ebb3a771e4b438db636False0.279407429245283data4.734997719394652IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                .rsrc0x1970000xa8cc0xaa009e2e4f94f25612222a2f65272cdb250dFalse0.37853860294117647data5.217591078067455IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                .reloc0x1a20000x2ab120x2ac00eb1f68946dec98e440ea2c59aee3f4f7False0.2753220942982456data5.062208215811643IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                Resources

                NameRVASizeTypeLanguageCountryZLIB Complexity
                RT_CURSOR0x197fe80x134Targa image data - RGB 64 x 65536 x 1 +32 "\001"JapaneseJapan0.4805194805194805
                RT_CURSOR0x19811c0xb4Targa image data - Map 32 x 65536 x 1 +16 "\001"JapaneseJapan0.7
                RT_CURSOR0x1981d00x134AmigaOS bitmap font "(", fc_YSize 4294967264, 5120 elements, 2nd "\377\360?\377\377\370\177\377\377\374\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377", 3rdJapaneseJapan0.36363636363636365
                RT_CURSOR0x1983040x134Targa image data - RLE 64 x 65536 x 1 +32 "\001"JapaneseJapan0.35714285714285715
                RT_CURSOR0x1984380x134dataJapaneseJapan0.37337662337662336
                RT_CURSOR0x19856c0x134dataJapaneseJapan0.37662337662337664
                RT_CURSOR0x1986a00x134Targa image data 64 x 65536 x 1 +32 "\001"JapaneseJapan0.36688311688311687
                RT_CURSOR0x1987d40x134Targa image data 64 x 65536 x 1 +32 "\001"JapaneseJapan0.37662337662337664
                RT_CURSOR0x1989080x134Targa image data - Mono - RLE 64 x 65536 x 1 +32 "\001"JapaneseJapan0.36688311688311687
                RT_CURSOR0x198a3c0x134Targa image data - RGB - RLE 64 x 65536 x 1 +32 "\001"JapaneseJapan0.38636363636363635
                RT_CURSOR0x198b700x134dataJapaneseJapan0.44155844155844154
                RT_CURSOR0x198ca40x134dataJapaneseJapan0.4155844155844156
                RT_CURSOR0x198dd80x134AmigaOS bitmap font "(", fc_YSize 4294966847, 3840 elements, 2nd "\377?\374\377\377\300\003\377\377\300\003\377\377\340\007\377\377\360\017\377\377\370\037\377\377\374?\377\377\376\177\377\377\377\377\377\377\377\377\377\377\377\377\377", 3rdJapaneseJapan0.5422077922077922
                RT_CURSOR0x198f0c0x134dataJapaneseJapan0.2662337662337662
                RT_CURSOR0x1990400x134dataJapaneseJapan0.2824675324675325
                RT_CURSOR0x1991740x134dataJapaneseJapan0.3246753246753247
                RT_BITMAP0x1992a80xb8Device independent bitmap graphic, 12 x 10 x 4, image size 80JapaneseJapan0.44565217391304346
                RT_BITMAP0x1993600x144Device independent bitmap graphic, 33 x 11 x 4, image size 220JapaneseJapan0.37962962962962965
                RT_ICON0x1994a40x128Device independent bitmap graphic, 16 x 32 x 4, image size 192JapaneseJapan0.5709459459459459
                RT_ICON0x1995cc0x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 640JapaneseJapan0.478494623655914
                RT_ICON0x1998b40x568Device independent bitmap graphic, 16 x 32 x 8, image size 320JapaneseJapan0.5397398843930635
                RT_ICON0x199e1c0x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1152JapaneseJapan0.4065884476534296
                RT_ICON0x19a6c40x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088JapaneseJapan0.2473404255319149
                RT_ICON0x19ab2c0x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4224JapaneseJapan0.20379924953095685
                RT_ICON0x19bbd40x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9600JapaneseJapan0.5179460580912864
                RT_DIALOG0x19e17c0x17edata0.581151832460733
                RT_DIALOG0x19e2fc0xe8dataJapaneseJapan0.7025862068965517
                RT_DIALOG0x19e3e40x34dataJapaneseJapan0.9230769230769231
                RT_STRING0x19e4180x112Matlab v4 mat-file (little endian) U, numeric, rows 0, columns 0JapaneseJapan0.4927007299270073
                RT_STRING0x19e52c0x128dataJapaneseJapan0.7364864864864865
                RT_STRING0x19e6540x106dataJapaneseJapan0.7137404580152672
                RT_STRING0x19e75c0x1dadataJapaneseJapan0.5168776371308017
                RT_STRING0x19e9380x194dataJapaneseJapan0.5470297029702971
                RT_STRING0x19eacc0x162dataJapaneseJapan0.5790960451977402
                RT_STRING0x19ec300x160dataJapaneseJapan0.6107954545454546
                RT_STRING0x19ed900x13aAmigaOS bitmap font "P", fc_YSize 28672, 9728 elements, 2nd "a", 3rdJapaneseJapan0.6019108280254777
                RT_STRING0x19eecc0x1a2dataJapaneseJapan0.5717703349282297
                RT_STRING0x19f0700x134dataJapaneseJapan0.6493506493506493
                RT_STRING0x19f1a40x138dataJapaneseJapan0.6794871794871795
                RT_STRING0x19f2dc0x17edataJapaneseJapan0.5968586387434555
                RT_STRING0x19f45c0x11adataJapaneseJapan0.6702127659574468
                RT_STRING0x19f5780x1c4dataJapaneseJapan0.5420353982300885
                RT_STRING0x19f73c0x14adataJapaneseJapan0.696969696969697
                RT_STRING0x19f8880xecdataJapaneseJapan0.864406779661017
                RT_STRING0x19f9740xc6dataJapaneseJapan0.9696969696969697
                RT_STRING0x19fa3c0x100dataJapaneseJapan0.7734375
                RT_STRING0x19fb3c0x17cdataJapaneseJapan0.7078947368421052
                RT_STRING0x19fcb80x13edataJapaneseJapan0.7012578616352201
                RT_STRING0x19fdf80x68dataJapaneseJapan0.7692307692307693
                RT_STRING0x19fe600x62dataJapaneseJapan0.7755102040816326
                RT_STRING0x19fec40x2edataJapaneseJapan0.6086956521739131
                RT_STRING0x19fef40xe2dataJapaneseJapan0.7699115044247787
                RT_STRING0x19ffd80x354AmigaOS bitmap font "\2410\2440\3530", fc_YSize 30605, 54576 elementsJapaneseJapan0.573943661971831
                RT_STRING0x1a032c0x1bedataJapaneseJapan0.3721973094170404
                RT_STRING0x1a04ec0x18edataJapaneseJapan0.6407035175879398
                RT_STRING0x1a067c0x68dataJapaneseJapan0.7788461538461539
                RT_STRING0x1a06e40x76dataJapaneseJapan0.6440677966101694
                RT_STRING0x1a075c0x8edataJapaneseJapan0.704225352112676
                RT_STRING0x1a07ec0x2e4dataJapaneseJapan0.5094594594594595
                RT_STRING0x1a0ad00x160dataJapaneseJapan0.6221590909090909
                RT_STRING0x1a0c300x28dataJapaneseJapan0.525
                RT_STRING0x1a0c580x2bcdataJapaneseJapan0.5028571428571429
                RT_GROUP_CURSOR0x1a0f140x22Lotus unknown worksheet or configuration, revision 0x2JapaneseJapan1.0294117647058822
                RT_GROUP_CURSOR0x1a0f380x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a0f4c0x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a0f600x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a0f740x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a0f880x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a0f9c0x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a0fb00x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a0fc40x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a0fd80x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a0fec0x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a10000x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a10140x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a10280x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_CURSOR0x1a103c0x14Lotus unknown worksheet or configuration, revision 0x1JapaneseJapan1.3
                RT_GROUP_ICON0x1a10500x68dataJapaneseJapan0.7115384615384616
                RT_VERSION0x1a10b80x28cPGP symmetric key encrypted data - Plaintext or unencrypted dataJapaneseJapan0.47392638036809814
                RT_MANIFEST0x1a13440x587ASCII text, with very long lines (1070), with CRLF line terminators0.4134275618374558

                Imports

                DLLImport
                KERNEL32.dllIsValidLocale, EnumSystemLocalesA, SetEnvironmentVariableA, GetLocaleInfoA, WriteConsoleW, GetTimeZoneInformation, LCMapStringW, GetStringTypeW, IsValidCodePage, GetOEMCP, GetACP, GetCPInfo, GetConsoleMode, GetConsoleCP, IsProcessorFeaturePresent, IsDebuggerPresent, UnhandledExceptionFilter, TerminateProcess, QueryPerformanceCounter, HeapCreate, SetHandleCount, GetEnvironmentStringsW, MultiByteToWideChar, FreeEnvironmentStringsW, GetStdHandle, SetUnhandledExceptionFilter, GetFileType, SetStdHandle, VirtualQuery, GetSystemInfo, VirtualAlloc, GetSystemTimeAsFileTime, HeapSize, HeapQueryInformation, CreateThread, ExitThread, ExitProcess, RaiseException, RtlUnwind, HeapReAlloc, HeapAlloc, HeapFree, DecodePointer, EncodePointer, GetStartupInfoW, HeapSetInformation, GetCommandLineW, FindResourceExW, GetUserDefaultLCID, VirtualProtect, GetFileTime, GetFileSizeEx, GetFileAttributesExW, SearchPathW, Sleep, GetProfileIntW, GetTickCount, GetFileAttributesW, GetTempFileNameW, GetNumberFormatW, GetWindowsDirectoryW, GetFullPathNameW, GetVolumeInformationW, GetCurrentProcess, DuplicateHandle, GetFileSize, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileW, lstrcmpiW, SetErrorMode, GetSystemDirectoryW, GlobalFlags, TlsFree, LocalReAlloc, TlsSetValue, TlsAlloc, InitializeCriticalSection, GlobalHandle, GlobalReAlloc, TlsGetValue, LocalAlloc, InterlockedIncrement, GetThreadLocale, GlobalGetAtomNameW, FileTimeToLocalFileTime, FileTimeToSystemTime, GetPrivateProfileIntW, ResumeThread, SetThreadPriority, WaitForSingleObject, ReleaseMutex, lstrcmpA, GetCurrentThread, GetUserDefaultUILanguage, ConvertDefaultLocale, GetSystemDefaultUILanguage, CompareStringA, LoadLibraryExW, InterlockedExchange, GetCurrentProcessId, ReleaseActCtx, CreateActCtxW, GetCurrentThreadId, GlobalAddAtomW, GlobalFindAtomW, GlobalDeleteAtom, GetVersionExW, CompareStringW, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, lstrcmpW, GlobalSize, GlobalAlloc, GlobalLock, GlobalUnlock, FormatMessageW, LocalFree, FreeLibrary, CopyFileW, GetCurrentDirectoryW, lstrlenA, FreeResource, ActivateActCtx, GetProcAddress, GetModuleHandleW, LoadLibraryW, DeactivateActCtx, SetLastError, WritePrivateProfileStringW, GetPrivateProfileStringW, GetTempPathW, DeleteFileW, lstrcpyW, lstrlenW, MulDiv, FindClose, FindFirstFileW, GetLocaleInfoW, GetModuleFileNameW, InterlockedDecrement, FindResourceW, LoadResource, LockResource, SizeofResource, CloseHandle, CreateMutexW, GlobalFree, GetLastError, WideCharToMultiByte, GetProcessHeap
                USER32.dllInsertMenuItemW, TranslateAcceleratorW, FrameRect, RegisterClipboardFormatW, EmptyClipboard, CloseClipboard, SetClipboardData, OpenClipboard, LockWindowUpdate, BringWindowToTop, SetCursorPos, CreateAcceleratorTableW, LoadAcceleratorsW, GetKeyboardState, GetKeyboardLayout, ToUnicodeEx, DrawEdge, SetClassLongW, DestroyAcceleratorTable, SetParent, DrawIconEx, HideCaret, InvertRect, DestroyIcon, GetNextDlgGroupItem, InvalidateRgn, CopyAcceleratorTableW, GetMenuDefaultItem, SetMenuDefaultItem, CreatePopupMenu, IsMenu, MonitorFromPoint, UpdateLayeredWindow, EnableScrollBar, UnionRect, IsRectEmpty, CharUpperW, IsIconic, IsZoomed, GetAsyncKeyState, NotifyWinEvent, MessageBeep, ReleaseCapture, WindowFromPoint, SetCapture, KillTimer, SetTimer, SetWindowRgn, GetSystemMenu, LoadMenuW, DeleteMenu, IntersectRect, UnregisterClassW, CopyImage, DestroyMenu, GetMenuItemInfoW, SetLayeredWindowAttributes, EnumDisplayMonitors, SystemParametersInfoW, SetRectEmpty, RealChildWindowFromPoint, LoadCursorW, GetSystemMetrics, GetSysColorBrush, MapVirtualKeyW, GetKeyNameTextW, ShowOwnedPopups, SetCursor, GetMessageW, TranslateMessage, SetWindowContextHelpId, MapDialogRect, PostQuitMessage, GetCursorPos, EndPaint, BeginPaint, GetWindowDC, GrayStringW, DrawTextExW, DrawTextW, TabbedTextOutW, ShowWindow, ReuseDDElParam, IsDialogMessageW, CheckDlgButton, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, ModifyMenuW, EnableMenuItem, CheckMenuItem, GetActiveWindow, CreateDialogIndirectParamW, IsWindowEnabled, GetNextDlgTabItem, EndDialog, RegisterWindowMessageW, SendDlgItemMessageW, SendDlgItemMessageA, WinHelpW, IsChild, GetCapture, SetWindowsHookExW, CallNextHookEx, GetClassLongW, GetFocus, IsWindow, GetLastActivePopup, SetActiveWindow, DispatchMessageW, BeginDeferWindowPos, EndDeferWindowPos, GetDlgItem, GetTopWindow, DestroyWindow, UnhookWindowsHookEx, GetMessageTime, GetMessagePos, PeekMessageW, MonitorFromWindow, GetMonitorInfoW, MapWindowPoints, ScrollWindow, TrackPopupMenu, GetKeyState, SetMenu, EnableWindow, LoadIconW, SendMessageW, EnumChildWindows, GetWindowRect, SetScrollRange, ShowScrollBar, RedrawWindow, IsWindowVisible, ValidateRect, PostMessageW, MessageBoxW, CreateWindowExW, GetClassInfoExW, GetClassInfoW, RegisterClassW, ScreenToClient, EqualRect, DeferWindowPos, GetScrollInfo, UnpackDDElParam, CopyIcon, CharUpperBuffW, PostThreadMessageW, WaitMessage, IsCharLowerW, DefFrameProcW, DefMDIChildProcW, DrawMenuBar, TranslateMDISysAccel, CreateMenu, IsClipboardFormatAvailable, SetScrollInfo, SetWindowPlacement, GetWindowPlacement, DefWindowProcW, CallWindowProcW, GetMenu, GetClassNameW, InvalidateRect, UpdateWindow, GetClientRect, FillRect, GetWindowRgn, DrawIcon, DestroyCursor, SubtractRect, GetDoubleClickTime, GetUpdateRect, SetRect, GetWindowThreadProcessId, GetForegroundWindow, AttachThreadInput, SetForegroundWindow, SetFocus, MoveWindow, SetWindowTextW, AdjustWindowRectEx, SetWindowPos, GetWindowLongW, SetWindowLongW, MessageBoxExW, OffsetRect, CopyRect, CharNextW, SetPropW, GetWindow, GetDesktopWindow, GetPropW, RemovePropW, GetScrollPos, GetScrollRange, SetScrollPos, DrawFrameControl, InflateRect, GetSysColor, DrawStateW, DrawFocusRect, LoadBitmapW, GetDC, ReleaseDC, LoadImageW, GetIconInfo, ClientToScreen, GetDlgCtrlID, PtInRect, RemoveMenu, GetSubMenu, GetMenuItemCount, InsertMenuW, GetMenuItemID, AppendMenuW, GetMenuStringW, GetMenuState, GetWindowTextW, GetWindowTextLengthW, GetParent, MapVirtualKeyExW
                GDI32.dllCreatePen, CreateHatchBrush, CreateRectRgnIndirect, PatBlt, CreateDIBitmap, GetTextMetricsW, EnumFontFamiliesW, GetTextCharsetInfo, GetTextExtentPoint32W, SetRectRgn, CombineRgn, GetMapMode, DPtoLP, CreateRoundRectRgn, CreateDIBSection, GetBkColor, GetTextColor, GetRgnBox, CreatePalette, GetPaletteEntries, GetNearestPaletteIndex, RealizePalette, GetSystemPaletteEntries, CreatePolygonRgn, CreateEllipticRgn, Polyline, Ellipse, Polygon, OffsetRgn, SetPixel, Rectangle, EnumFontFamiliesExW, ExtFloodFill, SetPaletteEntries, LPtoDP, GetWindowOrgEx, GetViewportOrgEx, PtInRegion, FillRgn, FrameRgn, GetBoundsRect, SetPixelV, GetTextFaceW, BitBlt, GetWindowExtEx, GetViewportExtEx, GetObjectType, SelectPalette, CreatePatternBrush, ExtSelectClipRgn, ScaleWindowExtEx, SetWindowExtEx, OffsetWindowOrgEx, SetWindowOrgEx, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, Escape, ExtTextOutW, TextOutW, RectVisible, PtVisible, SetDIBColorTable, GetObjectW, CreateRectRgn, SelectClipRgn, SetLayout, GetLayout, SetTextAlign, MoveToEx, LineTo, IntersectClipRect, ExcludeClipRect, GetClipBox, SetMapMode, SetROP2, SetPolyFillMode, SetBkMode, RestoreDC, SaveDC, CreateBitmap, SetBkColor, SetTextColor, GetStockObject, CreateSolidBrush, CreateDCW, CopyMetaFileW, GetDeviceCaps, StretchBlt, DeleteDC, SelectObject, CreateCompatibleDC, CreateCompatibleBitmap, DeleteObject, CreateFontIndirectW, GetPixel
                MSIMG32.dllTransparentBlt, AlphaBlend
                COMDLG32.dllGetFileTitleW
                WINSPOOL.DRVDocumentPropertiesW, ClosePrinter, OpenPrinterW
                ADVAPI32.dllRegCreateKeyExW, RegQueryValueExW, RegCloseKey, RegDeleteValueW, RegSetValueExW, RegEnumValueW, RegEnumKeyExW, RegDeleteKeyW, RegOpenKeyExW, RegQueryValueW, RegEnumKeyW
                SHELL32.dllDragFinish, SHCreateDirectoryExW, SHGetMalloc, SHGetSpecialFolderLocation, SHGetPathFromIDListW, SHBrowseForFolderW, DragQueryFileW, ShellExecuteW, SHAppBarMessage, SHGetDesktopFolder, SHGetFileInfoW
                COMCTL32.dllInitCommonControlsEx, ImageList_GetIconSize
                SHLWAPI.dllPathFindFileNameW, PathStripToRootW, PathIsUNCW, PathRemoveFileSpecW, PathFindExtensionW
                ole32.dllCreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CoUninitialize, CoInitialize, CLSIDFromString, CreateStreamOnHGlobal, CoCreateGuid, OleDuplicateData, CoTaskMemAlloc, ReleaseStgMedium, OleIsCurrentClipboard, OleFlushClipboard, DoDragDrop, OleUninitialize, CoFreeUnusedLibraries, OleInitialize, CoInitializeEx, OleCreateMenuDescriptor, OleDestroyMenuDescriptor, OleTranslateAccelerator, IsAccelerator, OleLockRunning, OleGetClipboard, RegisterDragDrop, CoLockObjectExternal, RevokeDragDrop, CoRevokeClassObject, CLSIDFromProgID, CoTaskMemFree, CoCreateInstance, CoRegisterMessageFilter
                OLEAUT32.dllSysAllocStringLen, VariantClear, VariantChangeType, VariantInit, VariantCopy, SafeArrayDestroy, VariantTimeToSystemTime, VarBstrFromDate, OleCreateFontIndirect, SysStringLen, SysFreeString, SysAllocString, SystemTimeToVariantTime
                oledlg.dllOleUIBusyW
                gdiplus.dllGdipDisposeImage, GdipDrawImageI, GdipGetImageGraphicsContext, GdipBitmapUnlockBits, GdipBitmapLockBits, GdipCreateBitmapFromScan0, GdipCreateBitmapFromStream, GdipGetImagePalette, GdipGetImagePaletteSize, GdipGetImagePixelFormat, GdipGetImageHeight, GdipGetImageWidth, GdipCloneImage, GdipDrawImageRectI, GdipSetInterpolationMode, GdipCreateFromHDC, GdiplusShutdown, GdiplusStartup, GdipCreateBitmapFromHBITMAP, GdipDeleteGraphics, GdipAlloc, GdipFree
                WINHTTP.dllWinHttpSetOption, WinHttpConnect, WinHttpOpenRequest, WinHttpSendRequest, WinHttpCrackUrl, WinHttpGetProxyForUrl, WinHttpOpen, WinHttpGetIEProxyConfigForCurrentUser, WinHttpQueryAuthSchemes, WinHttpReadData, WinHttpQueryDataAvailable, WinHttpSetCredentials, WinHttpQueryHeaders, WinHttpReceiveResponse, WinHttpCloseHandle
                OLEACC.dllLresultFromObject, AccessibleObjectFromWindow, CreateStdAccessibleObject
                IMM32.dllImmReleaseContext, ImmGetContext, ImmGetOpenStatus
                WINMM.dllPlaySoundW

                Possible Origin

                Language of compilation systemCountry where language is spokenMap
                JapaneseJapan